package org.apache.wss4j.dom.message;

import java.util.List;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSDataRef;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.WSSecurityEngine;
import org.apache.wss4j.dom.WSSecurityEngineResult;
import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
import org.apache.wss4j.dom.common.SOAPUtil;
import org.apache.wss4j.dom.common.SecurityTestUtil;
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/apache/wss4j/dom/message/EncryptionPartsTest.class */
public class EncryptionPartsTest extends Assert {
    private static final Logger LOG = LoggerFactory.getLogger(EncryptionPartsTest.class);
    private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><soapenv:Envelope xmlns:foo=\"urn:foo.bar\" xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">   <soapenv:Header>       <foo:bar1>baz1</foo:bar1>       <foo:foobar>baz</foo:foobar>       <foo:bar2>baz2</foo:bar2>   </soapenv:Header>   <soapenv:Body>      <ns1:testMethod xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\"></ns1:testMethod>   </soapenv:Body></soapenv:Envelope>";
    private static final String SOAPMSG_MULTIPLE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><soapenv:Envelope xmlns:foo=\"urn:foo.bar\" xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">   <soapenv:Header>       <foo:foobar>baz</foo:foobar>   </soapenv:Header>   <soapenv:Body>      <ns1:testMethod xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\">asf1</ns1:testMethod>      <ns1:testMethod xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\">asf2</ns1:testMethod>   </soapenv:Body></soapenv:Envelope>";
    private WSSecurityEngine secEngine = new WSSecurityEngine();
    private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
    private Crypto crypto;

    @AfterClass
    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
    }

    public EncryptionPartsTest() throws Exception {
        this.crypto = null;
        this.crypto = CryptoFactory.getInstance();
        WSSConfig.init();
    }

    @Test
    public void testSOAPHeader() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart("foobar", "urn:foo.bar", ""));
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) ((List) verify(build).getActionResults().get(4)).get(0);
        assertTrue(wSSecurityEngineResult != null);
        assertFalse(wSSecurityEngineResult.isEmpty());
        List list = (List) wSSecurityEngineResult.get("data-ref-uris");
        assertEquals("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p", wSSecurityEngineResult.get("encrypted-key-transport-method"));
        WSDataRef wSDataRef = (WSDataRef) list.get(0);
        assertEquals("/soapenv:Envelope/soapenv:Header/foo:foobar", wSDataRef.getXpath());
        assertEquals("http://www.w3.org/2001/04/xmlenc#aes128-cbc", wSDataRef.getAlgorithm());
        assertEquals(new QName("urn:foo.bar", "foobar"), wSDataRef.getName());
        Element encryptedElement = wSDataRef.getEncryptedElement();
        assertNotNull(encryptedElement);
        assertEquals("http://www.w3.org/2001/04/xmlenc#", encryptedElement.getNamespaceURI());
    }

    @Test
    public void testOptionalSOAPHeaderPresent() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        WSEncryptionPart wSEncryptionPart = new WSEncryptionPart("foobar", "urn:foo.bar", "");
        wSEncryptionPart.setRequired(false);
        wSSecEncrypt.getParts().add(wSEncryptionPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart("Body", WSSecurityUtil.getSOAPNamespace(sOAPPart.getDocumentElement()), "Content"));
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        verify(build);
    }

    @Test
    public void testOptionalSOAPHeaderNotPresent() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        WSEncryptionPart wSEncryptionPart = new WSEncryptionPart("foobar", "urn:foo.bar", "");
        wSEncryptionPart.setRequired(false);
        wSSecEncrypt.getParts().add(wSEncryptionPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart("Body", WSSecurityUtil.getSOAPNamespace(sOAPPart.getDocumentElement()), "Content"));
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        verify(build);
    }

    @Test
    public void testRequiredSOAPHeaderNotPresent() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart("foobar", "urn:foo.bar", ""));
        wSSecEncrypt.getParts().add(new WSEncryptionPart("Body", WSSecurityUtil.getSOAPNamespace(sOAPPart.getDocumentElement()), "Content"));
        try {
            wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
            fail("Failure expected on not encrypting a required element");
        } catch (WSSecurityException e) {
        }
    }

    @Test
    public void testSOAPEncryptedHeader() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart("foobar", "urn:foo.bar", "Header"));
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        String PrettyDocumentToString = XMLUtils.PrettyDocumentToString(build);
        if (LOG.isDebugEnabled()) {
            LOG.debug(PrettyDocumentToString);
        }
        assertTrue(PrettyDocumentToString.contains("wsse11:EncryptedHeader"));
        assertFalse(PrettyDocumentToString.contains("foo:foobar"));
        WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) ((List) verify(build).getActionResults().get(4)).get(0);
        assertTrue(wSSecurityEngineResult != null);
        assertFalse(wSSecurityEngineResult.isEmpty());
        List list = (List) wSSecurityEngineResult.get("data-ref-uris");
        assertEquals("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p", wSSecurityEngineResult.get("encrypted-key-transport-method"));
        assertEquals("/soapenv:Envelope/soapenv:Header/foo:foobar", ((WSDataRef) list.get(0)).getXpath());
    }

    @Test
    public void testBadLocalname() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart("foobar2", "urn:foo.bar", ""));
        try {
            wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
            fail("Failure expected on a bad localname");
        } catch (WSSecurityException e) {
        }
    }

    @Test
    public void testBadNamespace() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart("foobar", "urn:foo.bar2", ""));
        try {
            wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
            fail("Failure expected on a bad namespace");
        } catch (WSSecurityException e) {
        }
    }

    @Test
    public void testSOAPHeaderAndBody() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        SOAPConstants sOAPConstants = WSSecurityUtil.getSOAPConstants(sOAPPart.getDocumentElement());
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart(sOAPConstants.getBodyQName().getLocalPart(), sOAPConstants.getEnvelopeURI(), ""));
        wSSecEncrypt.getParts().add(new WSEncryptionPart("foobar", "urn:foo.bar", ""));
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        WSHandlerResult verify = verify(build);
        QName qName = new QName("urn:foo.bar", "foobar");
        QName qName2 = new QName(sOAPConstants.getEnvelopeURI(), "Body");
        QName qName3 = new QName(sOAPConstants.getEnvelopeURI(), "Header");
        WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) ((List) verify.getActionResults().get(4)).get(0);
        assertTrue(wSSecurityEngineResult != null);
        assertFalse(wSSecurityEngineResult.isEmpty());
        List<WSDataRef> list = (List) wSSecurityEngineResult.get("data-ref-uris");
        assertTrue((list == null || list.isEmpty()) ? false : true);
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        for (WSDataRef wSDataRef : list) {
            if (qName.equals(wSDataRef.getName())) {
                z = true;
            } else if (qName2.equals(wSDataRef.getName())) {
                z2 = true;
            } else if (qName3.equals(wSDataRef.getName())) {
                z3 = true;
            }
        }
        assertTrue(z && z2);
        assertFalse(z3);
    }

    @Test
    public void testEncryptionPartDOMElement() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        SOAPConstants sOAPConstants = WSSecurityUtil.getSOAPConstants(sOAPPart.getDocumentElement());
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        WSEncryptionPart wSEncryptionPart = new WSEncryptionPart("Incorrect Localname", "Incorrect N/S", "");
        Element findBodyElement = WSSecurityUtil.findBodyElement(sOAPPart);
        assertTrue(findBodyElement != null && "Body".equals(findBodyElement.getLocalName()));
        wSEncryptionPart.setElement(findBodyElement);
        wSSecEncrypt.getParts().add(wSEncryptionPart);
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        String PrettyDocumentToString = XMLUtils.PrettyDocumentToString(build);
        if (LOG.isDebugEnabled()) {
            LOG.debug(PrettyDocumentToString);
        }
        assertTrue(!PrettyDocumentToString.contains("testMethod"));
        WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) ((List) verify(build).getActionResults().get(4)).get(0);
        assertTrue(wSSecurityEngineResult != null);
        assertFalse(wSSecurityEngineResult.isEmpty());
        assertEquals(new QName(sOAPConstants.getEnvelopeURI(), "Body"), ((WSDataRef) ((List) wSSecurityEngineResult.get("data-ref-uris")).get(0)).getName());
    }

    @Test
    public void testMultipleElements() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG_MULTIPLE);
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecEncrypt.setKeyIdentifierType(2);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        wSSecEncrypt.getParts().add(new WSEncryptionPart("testMethod", "http://axis/service/security/test6/LogTestService8", ""));
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        String PrettyDocumentToString = XMLUtils.PrettyDocumentToString(build);
        if (LOG.isDebugEnabled()) {
            LOG.debug(PrettyDocumentToString);
        }
        assertFalse(PrettyDocumentToString.contains("testMethod"));
        verify(build);
        String PrettyDocumentToString2 = XMLUtils.PrettyDocumentToString(build);
        assertTrue(PrettyDocumentToString2.contains("asf1"));
        assertTrue(PrettyDocumentToString2.contains("asf2"));
    }

    private WSHandlerResult verify(Document document) throws Exception {
        WSHandlerResult processSecurityHeader = this.secEngine.processSecurityHeader(document, (String) null, this.callbackHandler, (Crypto) null, this.crypto);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Verified and decrypted message:");
            LOG.debug(XMLUtils.PrettyDocumentToString(document));
        }
        return processSecurityHeader;
    }
}
