package org.apache.wss4j.dom.components.crypto;

import java.io.ByteArrayInputStream;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
import org.apache.wss4j.dom.common.SOAPUtil;
import org.apache.wss4j.dom.common.SecurityTestUtil;
import org.apache.wss4j.dom.engine.WSSecurityEngine;
import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;

/* loaded from: input_file:org/apache/wss4j/dom/components/crypto/CryptoProviderTest.class */
public class CryptoProviderTest extends Assert {
    private static final Logger LOG = LoggerFactory.getLogger(CryptoProviderTest.class);
    private WSSecurityEngine secEngine = new WSSecurityEngine();
    private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
    private Crypto crypto;

    public CryptoProviderTest() throws Exception {
        this.secEngine.getWssConfig();
        this.crypto = CryptoFactory.getInstance("wss86.properties");
    }

    @AfterClass
    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
    }

    @Test
    public void testSignatureOID() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG));
        wSSecHeader.insertSecurityHeader();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("wss86", "security");
        wSSecSignature.setKeyIdentifierType(2);
        Document build = wSSecSignature.build(this.crypto);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        verify(build);
    }

    @Test
    public void testSignatureEmailAddress() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG));
        wSSecHeader.insertSecurityHeader();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("wss86", "security");
        wSSecSignature.setKeyIdentifierType(2);
        String replace = XMLUtils.prettyDocumentToString(wSSecSignature.build(this.crypto)).replace("1.2.840.113549.1.9.1=#16125765726e6572406578616d706c652e636f6d", "EMAILADDRESS=Werner@example.com");
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        verify(newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(replace.getBytes())));
    }

    @Test
    public void testSignatureOtherEmailAddress() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG));
        wSSecHeader.insertSecurityHeader();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("wss86", "security");
        wSSecSignature.setKeyIdentifierType(2);
        String replace = XMLUtils.prettyDocumentToString(wSSecSignature.build(this.crypto)).replace("1.2.840.113549.1.9.1=#16125765726e6572406578616d706c652e636f6d", "E=Werner@example.com");
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        verify(newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(replace.getBytes())));
    }

    @Test
    public void testInterop() throws Exception {
        byte[] decode = Base64.getMimeDecoder().decode("MIIDqTCCApGgAwIBAgIEePiYTTANBgkqhkiG9w0BAQsFADCBhDELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNVBAsTBVdTUzRKMQ8wDQYDVQQDEwZXZXJuZXIxITAfBgkqhkiG9w0BCQEWEldlcm5lckBleGFtcGxlLmNvbTAeFw0xNTA5MDkxNTA3MzFaFw0yNTA5MDYxNTA3MzFaMIGEMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDzANBgNVBAoTBkFwYWNoZTEOMAwGA1UECxMFV1NTNEoxDzANBgNVBAMTBldlcm5lcjEhMB8GCSqGSIb3DQEJARYSV2VybmVyQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUlwwKbNU0vNPwEc32E85k36n7cWAmuuhpX+CoTkXOfvpyoVcwBI8LwMmT1CR9KPxa+zmcE7RmX5qzVaW7Ukzra/pfD7YC3WGGAU9Awsq5OFLsMc4tZ/7FM5azGdZA/wSI2384Ytnu88Z8O1qnBblLdNluNWVADq5tvgAdPQMoks9Xg+9SBiwj2p3C0RD0uMx0bwscNEDWeHUJeGqNbWzEeYCvFLDGdl1Or3uha+drq4fNoVGstybM0VeGvFjP3NEX8dfl9WTxAl3dB0TXzb70RuQghLqHJtDEXMC/ckaNHht6F/VcOxjZCtpLlMUptyPjrMDFOIaZ5q/6NSiMIjqwIDAQABoyEwHzAdBgNVHQ4EFgQUviIg1rtoiwto4gYIAWFHCsCDISkwDQYJKoZIhvcNAQELBQADggEBAJEaMtEBpI7X1lx2+Wcjn2a3xugfTGZcy3s4fxGpbCxcdbDS7gWR/N+acwp4GXEbDrObwxIO/Kt5eMzfD5EPCuMdLfLjK+G27RXc/89bR3aphm6ZyLnTLBJ5h24Of9+uDKY2bVIcF62uyXCnVAoq6dY/rBj7btSjAOWFshMDJGNN7k/78s33sTdJfD2NQDvAvRZb1hYiUGcUij0ka+bhS/EtazH411w2NOQYUyZ50HRroKJx1PPCE+OTO5JYPNQB2rauK63RHGGC94mY2ySCE2KP/yaWhkDJ60X2JKgnTLKUZxLP9IioeHVeUzGIccIicoiZR5kqaiqoEk82V81R+VA=");
        try {
            Security.addProvider(new BouncyCastleProvider());
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(decode));
            WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG));
            wSSecHeader.insertSecurityHeader();
            WSSecEncrypt wSSecEncrypt = new WSSecEncrypt(wSSecHeader);
            wSSecEncrypt.setUseThisCert(x509Certificate);
            Document build = wSSecEncrypt.build(this.crypto);
            if (LOG.isDebugEnabled()) {
                LOG.debug(XMLUtils.prettyDocumentToString(build));
            }
            verify(build);
            Security.removeProvider("BC");
        } catch (Throwable th) {
            Security.removeProvider("BC");
            throw th;
        }
    }

    @Test
    public void testBadInterop() throws Exception {
        byte[] decode = Base64.getMimeDecoder().decode("MIIDNDCCAp2gAwIBAgIBEDANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUxFTATBgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyMB4XDTA4MDQwNDE5MzIxOFoXDTEwMDQwNDE5MzIxOFowYTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNVBAsTBVdTUzRKMQ8wDQYDVQQDEwZXZXJuZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAINlL3/k0H/zvknpBtLo8jzXwx/IJU/CGSv6MsqJZ2fyZ6kpLlXCuSBUZ/tfkdxpuzhYq/Sc7A8csIk9gDf9RUbrhK0qKw0VP6DoCIJjS5IeN+NeJkx8YjmzLPmZqLYbNPXr/hy8CRrR6CqLTTSkBwoEJ+cDkfZrdH2/bND0FEIZAgMBAAGjgfYwgfMwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFFSZXv0I5bG7XPEwjylwG3lmZGdiMIGYBgNVHSMEgZAwgY2AFL/FsHHolGIMacU1TZW/88Bd2EL6oWqkaDBmMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUxFTATBgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyggkAuBIOAWJ19mwwDQYJKoZIhvcNAQEEBQADgYEAUiUh/wORVcQYXxIh13h3w2Btg6Kj2g6V6YO0Utc/gEYWwT310C2OuroKAwwoHapMIIWiJRclIAiA8Hnb0Sv/puuHYD4G4NWFdiVjRord90eZJe40NMGruRmlqIRIGGKCv+wv3E6Ux1cWW862f5H9Eyrcocke2P+3GNAGy83vghA=");
        try {
            Security.addProvider(new BouncyCastleProvider());
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(decode));
            WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG));
            wSSecHeader.insertSecurityHeader();
            WSSecEncrypt wSSecEncrypt = new WSSecEncrypt(wSSecHeader);
            wSSecEncrypt.setUseThisCert(x509Certificate);
            Document build = wSSecEncrypt.build(this.crypto);
            if (LOG.isDebugEnabled()) {
                LOG.debug(XMLUtils.prettyDocumentToString(build));
            }
            try {
                verify(build);
                fail("Failure expected on encryption with a key that does not exist in the keystore");
            } catch (WSSecurityException e) {
                assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.FAILURE);
            }
        } finally {
            Security.removeProvider("BC");
        }
    }

    private void verify(Document document) throws Exception {
        this.secEngine.processSecurityHeader(document, (String) null, this.callbackHandler, this.crypto);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Verfied and decrypted message:");
            LOG.debug(XMLUtils.prettyDocumentToString(document));
        }
    }
}
