package org.apache.wss4j.stax.test;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PushbackInputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.Attachment;
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.stax.WSSec;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.test.utils.SOAPUtil;
import org.apache.wss4j.stax.test.utils.StAX2DOM;
import org.apache.wss4j.stax.test.utils.XmlReaderToWriter;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.SecurePart;
import org.junit.Assert;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/wss4j/stax/test/AttachmentTest.class */
public class AttachmentTest extends AbstractTestBase {
    protected Map<String, String> getHeaders(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("Content-Description", "Attachment");
        hashMap.put("Content-Disposition", "attachment; filename=\"fname.ext\"");
        hashMap.put("Content-ID", "<attachment=" + str + ">");
        hashMap.put("Content-Location", "http://ws.apache.org");
        hashMap.put("Content-Type", "text/xml; charset=UTF-8");
        hashMap.put("TestHeader", "testHeaderValue");
        return hashMap;
    }

    protected byte[] readInputStream(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[4096];
        while (true) {
            int read = inputStream.read(bArr);
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    @Test
    public void testXMLAttachmentContentSignature() throws Exception {
        String uuid = UUID.randomUUID().toString();
        Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Content));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setAttachmentCallbackHandler(new AttachmentCallbackHandler(Collections.singletonList(attachment)));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Collections.singletonList(attachment));
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setAttachmentCallbackHandler(attachmentCallbackHandler);
        Assert.assertEquals(2L, StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        Assert.assertFalse(attachmentCallbackHandler.getResponseAttachments().isEmpty());
        Attachment attachment2 = attachmentCallbackHandler.getResponseAttachments().get(0);
        Assert.assertTrue(Arrays.equals(readInputStream(attachment2.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachment2.getMimeType());
    }

    @Test
    public void testInvalidXMLAttachmentContentSignature() throws Exception {
        String uuid = UUID.randomUUID().toString();
        final Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Content));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setAttachmentCallbackHandler(new AttachmentCallbackHandler(Collections.singletonList(attachment)));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.1
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (callbackArr[0] instanceof AttachmentRequestCallback) {
                    AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                    if (!attachment.getId().equals(attachmentRequestCallback.getAttachmentId())) {
                        throw new RuntimeException("wrong attachment requested");
                    }
                    ArrayList arrayList2 = new ArrayList();
                    attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.replace("15", "16").getBytes("UTF-8")));
                    arrayList2.add(attachment);
                    attachmentRequestCallback.setAttachments(arrayList2);
                }
            }
        });
        try {
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            Assert.fail("Exception expected");
        } catch (XMLStreamException e) {
            Assert.assertTrue(e.getCause() instanceof XMLSecurityException);
            Assert.assertTrue(e.getCause().getMessage().startsWith("Invalid digest of reference cid:"));
        }
    }

    @Test
    public void testXMLAttachmentCompleteSignature() throws Exception {
        String uuid = UUID.randomUUID().toString();
        Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setAttachmentCallbackHandler(new AttachmentCallbackHandler(Collections.singletonList(attachment)));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Collections.singletonList(attachment));
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setAttachmentCallbackHandler(attachmentCallbackHandler);
        Assert.assertEquals(2L, StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        Assert.assertFalse(attachmentCallbackHandler.getResponseAttachments().isEmpty());
        Attachment attachment2 = attachmentCallbackHandler.getResponseAttachments().get(0);
        Assert.assertTrue(Arrays.equals(readInputStream(attachment2.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachment2.getMimeType());
    }

    @Test
    public void testInvalidXMLAttachmentCompleteSignature() throws Exception {
        String uuid = UUID.randomUUID().toString();
        final Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setAttachmentCallbackHandler(new AttachmentCallbackHandler(Collections.singletonList(attachment)));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        attachment.addHeader("Content-Description", "Kaputt");
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.2
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (callbackArr[0] instanceof AttachmentRequestCallback) {
                    AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                    if (!attachment.getId().equals(attachmentRequestCallback.getAttachmentId())) {
                        throw new RuntimeException("wrong attachment requested");
                    }
                    ArrayList arrayList2 = new ArrayList();
                    arrayList2.add(attachment);
                    attachmentRequestCallback.setAttachments(arrayList2);
                }
            }
        });
        try {
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            Assert.fail("Exception expected");
        } catch (XMLStreamException e) {
            Assert.assertTrue(e.getCause() instanceof XMLSecurityException);
            Assert.assertTrue(e.getCause().getMessage().startsWith("Invalid digest of reference cid:"));
        }
    }

    @Test
    public void testMultipleAttachmentCompleteSignature() throws Exception {
        String uuid = UUID.randomUUID().toString();
        r0[0].setMimeType("text/xml");
        r0[0].addHeaders(getHeaders(uuid));
        r0[0].setId(uuid);
        r0[0].setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        String uuid2 = UUID.randomUUID().toString();
        Attachment[] attachmentArr = {new Attachment(), new Attachment()};
        attachmentArr[1].setMimeType("text/plain");
        attachmentArr[1].addHeaders(getHeaders(uuid2));
        attachmentArr[1].setId(uuid2);
        attachmentArr[1].setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setAttachmentCallbackHandler(new AttachmentCallbackHandler(Arrays.asList(attachmentArr)));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Arrays.asList(attachmentArr));
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setAttachmentCallbackHandler(attachmentCallbackHandler);
        Assert.assertEquals(3L, StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        Assert.assertFalse(attachmentCallbackHandler.getResponseAttachments().isEmpty());
        Attachment attachment = attachmentCallbackHandler.getResponseAttachments().get(0);
        Assert.assertTrue(Arrays.equals(readInputStream(attachment.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachment.getMimeType());
    }

    @Test
    public void testXMLAttachmentContentEncryption() throws Exception {
        String uuid = UUID.randomUUID().toString();
        Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Collections.singletonList(attachment));
        List<Attachment> responseAttachments = attachmentCallbackHandler.getResponseAttachments();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Content));
        wSSSecurityProperties.setAttachmentCallbackHandler(attachmentCallbackHandler);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        Assert.assertEquals(2L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "DataReference").getLength());
        Assert.assertEquals(1L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "CipherReference").getLength());
        Assert.assertEquals(2L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "EncryptedData").getLength());
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assert.assertEquals(1L, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assert.assertEquals(2L, childNodes.getLength());
        Assert.assertEquals(childNodes.item(0).getLocalName(), "EncryptedKey");
        Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedData");
        AttachmentCallbackHandler attachmentCallbackHandler2 = new AttachmentCallbackHandler(responseAttachments);
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(attachmentCallbackHandler2);
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertFalse(attachmentCallbackHandler2.getResponseAttachments().isEmpty());
        Attachment attachment2 = attachmentCallbackHandler2.getResponseAttachments().get(0);
        Assert.assertTrue(Arrays.equals(readInputStream(attachment2.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachment2.getMimeType());
        Assert.assertEquals(6L, attachment2.getHeaders().size());
    }

    @Test
    public void testInvalidXMLAttachmentContentEncryption() throws Exception {
        String uuid = UUID.randomUUID().toString();
        Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Collections.singletonList(attachment));
        List<Attachment> responseAttachments = attachmentCallbackHandler.getResponseAttachments();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Content));
        wSSSecurityProperties.setAttachmentCallbackHandler(attachmentCallbackHandler);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        Assert.assertEquals(2L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "DataReference").getLength());
        Assert.assertEquals(1L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "CipherReference").getLength());
        Assert.assertEquals(2L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "EncryptedData").getLength());
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assert.assertEquals(1L, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assert.assertEquals(2L, childNodes.getLength());
        Assert.assertEquals(childNodes.item(0).getLocalName(), "EncryptedKey");
        Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedData");
        PushbackInputStream pushbackInputStream = new PushbackInputStream(responseAttachments.get(0).getSourceStream(), 1);
        pushbackInputStream.unread(75);
        responseAttachments.get(0).setSourceStream(pushbackInputStream);
        AttachmentCallbackHandler attachmentCallbackHandler2 = new AttachmentCallbackHandler(responseAttachments);
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(attachmentCallbackHandler2);
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertFalse(attachmentCallbackHandler2.getResponseAttachments().isEmpty());
        Attachment attachment2 = attachmentCallbackHandler2.getResponseAttachments().get(0);
        Assert.assertFalse(Arrays.equals(readInputStream(attachment2.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachment2.getMimeType());
        Assert.assertEquals(6L, attachment2.getHeaders().size());
    }

    @Test
    public void testXMLAttachmentContentEncryptionExternalReferenceList() throws Exception {
        Document sOAPPart = org.apache.wss4j.dom.common.SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("receiver", "default");
        wSSecEncrypt.setKeyIdentifierType(2);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new WSEncryptionPart("Body", "http://schemas.xmlsoap.org/soap/envelope/", "Content"));
        arrayList.add(new WSEncryptionPart("cid:Attachments", "Content"));
        wSSecEncrypt.setParts(arrayList);
        String uuid = UUID.randomUUID().toString();
        Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Collections.singletonList(attachment));
        List<Attachment> responseAttachments = attachmentCallbackHandler.getResponseAttachments();
        wSSecEncrypt.setAttachmentCallbackHandler(attachmentCallbackHandler);
        wSSecEncrypt.prepare(sOAPPart, CryptoFactory.getInstance("transmitter-crypto.properties"));
        Element encryptForRef = wSSecEncrypt.encryptForRef((Element) null, arrayList);
        wSSecEncrypt.addAttachmentEncryptedDataElements(wSSecHeader);
        wSSecEncrypt.addExternalRefElement(encryptForRef, wSSecHeader);
        wSSecEncrypt.prependToHeader(wSSecHeader);
        Assert.assertEquals(2L, sOAPPart.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "DataReference").getLength());
        Assert.assertEquals(1L, sOAPPart.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "CipherReference").getLength());
        Assert.assertEquals(2L, sOAPPart.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "EncryptedData").getLength());
        NodeList elementsByTagNameNS = sOAPPart.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assert.assertEquals(1L, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assert.assertEquals(3L, childNodes.getLength());
        Assert.assertEquals(childNodes.item(0).getLocalName(), "EncryptedKey");
        Assert.assertEquals(childNodes.item(1).getLocalName(), "ReferenceList");
        Assert.assertEquals(childNodes.item(2).getLocalName(), "EncryptedData");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(sOAPPart), new StreamResult(byteArrayOutputStream));
        AttachmentCallbackHandler attachmentCallbackHandler2 = new AttachmentCallbackHandler(responseAttachments);
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setAttachmentCallbackHandler(attachmentCallbackHandler2);
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertFalse(attachmentCallbackHandler2.getResponseAttachments().isEmpty());
        Attachment attachment2 = attachmentCallbackHandler2.getResponseAttachments().get(0);
        Assert.assertTrue(Arrays.equals(readInputStream(attachment2.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachment2.getMimeType());
        Assert.assertEquals(6L, attachment2.getHeaders().size());
    }

    @Test
    public void testXMLAttachmentCompleteEncryption() throws Exception {
        String uuid = UUID.randomUUID().toString();
        Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Collections.singletonList(attachment));
        List<Attachment> responseAttachments = attachmentCallbackHandler.getResponseAttachments();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setAttachmentCallbackHandler(attachmentCallbackHandler);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        Assert.assertEquals(2L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "DataReference").getLength());
        Assert.assertEquals(1L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "CipherReference").getLength());
        Assert.assertEquals(2L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "EncryptedData").getLength());
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assert.assertEquals(1L, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assert.assertEquals(2L, childNodes.getLength());
        Assert.assertEquals(childNodes.item(0).getLocalName(), "EncryptedKey");
        Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedData");
        Assert.assertEquals(1L, responseAttachments.get(0).getHeaders().size());
        AttachmentCallbackHandler attachmentCallbackHandler2 = new AttachmentCallbackHandler(responseAttachments);
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(attachmentCallbackHandler2);
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertFalse(attachmentCallbackHandler2.getResponseAttachments().isEmpty());
        Attachment attachment2 = attachmentCallbackHandler2.getResponseAttachments().get(0);
        Assert.assertTrue(Arrays.equals(readInputStream(attachment2.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachment2.getMimeType());
        Assert.assertEquals(6L, attachment2.getHeaders().size());
    }

    @Test
    public void testInvalidXMLAttachmentCompleteEncryption() throws Exception {
        String uuid = UUID.randomUUID().toString();
        Attachment attachment = new Attachment();
        attachment.setMimeType("text/xml");
        attachment.addHeaders(getHeaders(uuid));
        attachment.setId(uuid);
        attachment.setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Collections.singletonList(attachment));
        List<Attachment> responseAttachments = attachmentCallbackHandler.getResponseAttachments();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setAttachmentCallbackHandler(attachmentCallbackHandler);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        Assert.assertEquals(2L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "DataReference").getLength());
        Assert.assertEquals(1L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "CipherReference").getLength());
        Assert.assertEquals(2L, parse.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "EncryptedData").getLength());
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assert.assertEquals(1L, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assert.assertEquals(2L, childNodes.getLength());
        Assert.assertEquals(childNodes.item(0).getLocalName(), "EncryptedKey");
        Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedData");
        Assert.assertEquals(1L, responseAttachments.get(0).getHeaders().size());
        PushbackInputStream pushbackInputStream = new PushbackInputStream(responseAttachments.get(0).getSourceStream(), 1);
        pushbackInputStream.unread(75);
        responseAttachments.get(0).setSourceStream(pushbackInputStream);
        AttachmentCallbackHandler attachmentCallbackHandler2 = new AttachmentCallbackHandler(responseAttachments);
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(attachmentCallbackHandler2);
        try {
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            Assert.assertFalse(attachmentCallbackHandler2.getResponseAttachments().isEmpty());
            Attachment attachment2 = attachmentCallbackHandler2.getResponseAttachments().get(0);
            Assert.assertFalse(Arrays.equals(readInputStream(attachment2.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
            Assert.assertEquals("text/xml", attachment2.getMimeType());
        } catch (XMLStreamException e) {
            Assert.assertTrue(e.getCause() instanceof WSSecurityException);
            Assert.assertEquals(e.getCause().getMessage(), "The signature or decryption was invalid");
        }
    }

    @Test
    public void testMultipleAttachmentCompleteEncryption() throws Exception {
        String uuid = UUID.randomUUID().toString();
        r0[0].setMimeType("text/xml");
        r0[0].addHeaders(getHeaders(uuid));
        r0[0].setId(uuid);
        r0[0].setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        String uuid2 = UUID.randomUUID().toString();
        Attachment[] attachmentArr = {new Attachment(), new Attachment()};
        attachmentArr[1].setMimeType("text/plain");
        attachmentArr[1].addHeaders(getHeaders(uuid2));
        attachmentArr[1].setId(uuid2);
        attachmentArr[1].setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        AttachmentCallbackHandler attachmentCallbackHandler = new AttachmentCallbackHandler(Arrays.asList(attachmentArr));
        List<Attachment> responseAttachments = attachmentCallbackHandler.getResponseAttachments();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setAttachmentCallbackHandler(attachmentCallbackHandler);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        AttachmentCallbackHandler attachmentCallbackHandler2 = new AttachmentCallbackHandler(responseAttachments);
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(attachmentCallbackHandler2);
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertFalse(attachmentCallbackHandler2.getResponseAttachments().isEmpty());
        Attachment attachment = attachmentCallbackHandler2.getResponseAttachments().get(0);
        Assert.assertTrue(Arrays.equals(readInputStream(attachment.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachment.getMimeType());
        Assert.assertEquals(6L, attachment.getHeaders().size());
        Attachment attachment2 = attachmentCallbackHandler2.getResponseAttachments().get(1);
        Assert.assertTrue(Arrays.equals(readInputStream(attachment2.getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/plain", attachment2.getMimeType());
        Assert.assertEquals(6L, attachment2.getHeaders().size());
    }

    @Test
    public void testXMLAttachmentCmplSignCmplEnc() throws Exception {
        String uuid = UUID.randomUUID().toString();
        final Attachment[] attachmentArr = {new Attachment()};
        attachmentArr[0].setMimeType("text/xml");
        attachmentArr[0].addHeaders(getHeaders(uuid));
        attachmentArr[0].setId(uuid);
        attachmentArr[0].setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.ENCRYPT);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.3
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (!(callbackArr[0] instanceof AttachmentRequestCallback)) {
                    attachmentArr[0] = ((AttachmentResultCallback) callbackArr[0]).getAttachment();
                } else {
                    AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                    ArrayList arrayList2 = new ArrayList();
                    arrayList2.add(attachmentArr[0]);
                    attachmentRequestCallback.setAttachments(arrayList2);
                }
            }
        });
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        NodeList elementsByTagNameNS = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assert.assertEquals(1L, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assert.assertEquals(3L, childNodes.getLength());
        Assert.assertEquals(childNodes.item(0).getLocalName(), "EncryptedKey");
        Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedData");
        Assert.assertEquals(childNodes.item(2).getLocalName(), "Signature");
        Assert.assertEquals(1L, attachmentArr[0].getHeaders().size());
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.4
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (!(callbackArr[0] instanceof AttachmentRequestCallback)) {
                    attachmentArr[0] = ((AttachmentResultCallback) callbackArr[0]).getAttachment();
                    return;
                }
                AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                if (!attachmentArr[0].getId().equals(attachmentRequestCallback.getAttachmentId())) {
                    throw new RuntimeException("wrong attachment requested");
                }
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(attachmentArr[0]);
                attachmentRequestCallback.setAttachments(arrayList2);
            }
        });
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertTrue(Arrays.equals(readInputStream(attachmentArr[0].getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachmentArr[0].getMimeType());
        Assert.assertEquals(6L, attachmentArr[0].getHeaders().size());
    }

    @Test
    public void testInvalidXMLAttachmentCmplSignCmplEnc() throws Exception {
        String uuid = UUID.randomUUID().toString();
        final Attachment[] attachmentArr = {new Attachment()};
        attachmentArr[0].setMimeType("text/xml");
        attachmentArr[0].addHeaders(getHeaders(uuid));
        attachmentArr[0].setId(uuid);
        attachmentArr[0].setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.ENCRYPT);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.5
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (!(callbackArr[0] instanceof AttachmentRequestCallback)) {
                    attachmentArr[0] = ((AttachmentResultCallback) callbackArr[0]).getAttachment();
                } else {
                    AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                    ArrayList arrayList2 = new ArrayList();
                    arrayList2.add(attachmentArr[0]);
                    attachmentRequestCallback.setAttachments(arrayList2);
                }
            }
        });
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.6
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (!(callbackArr[0] instanceof AttachmentRequestCallback)) {
                    attachmentArr[0] = ((AttachmentResultCallback) callbackArr[0]).getAttachment();
                    return;
                }
                AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                if (!attachmentArr[0].getId().equals(attachmentRequestCallback.getAttachmentId())) {
                    throw new RuntimeException("wrong attachment requested");
                }
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(attachmentArr[0]);
                if (attachmentArr[0].getHeaders().size() == 6) {
                    attachmentArr[0].addHeader("Content-Description", "Kaputt");
                }
                attachmentRequestCallback.setAttachments(arrayList2);
            }
        });
        try {
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            Assert.fail("Exception expected");
        } catch (XMLStreamException e) {
            Assert.assertTrue(e.getCause() instanceof XMLSecurityException);
            Assert.assertTrue(e.getCause().getMessage().startsWith("Invalid digest of reference cid:"));
        }
    }

    @Test
    public void testXMLAttachmentCmplEncCmplSign() throws Exception {
        String uuid = UUID.randomUUID().toString();
        final Attachment[] attachmentArr = {new Attachment()};
        attachmentArr[0].setMimeType("text/xml");
        attachmentArr[0].addHeaders(getHeaders(uuid));
        attachmentArr[0].setId(uuid);
        attachmentArr[0].setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.7
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (!(callbackArr[0] instanceof AttachmentRequestCallback)) {
                    attachmentArr[0] = ((AttachmentResultCallback) callbackArr[0]).getAttachment();
                } else {
                    AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                    ArrayList arrayList2 = new ArrayList();
                    arrayList2.add(attachmentArr[0]);
                    attachmentRequestCallback.setAttachments(arrayList2);
                }
            }
        });
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        NodeList elementsByTagNameNS = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assert.assertEquals(1L, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assert.assertEquals(3L, childNodes.getLength());
        Assert.assertEquals(childNodes.item(0).getLocalName(), "Signature");
        Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedKey");
        Assert.assertEquals(childNodes.item(2).getLocalName(), "EncryptedData");
        Assert.assertEquals(1L, attachmentArr[0].getHeaders().size());
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.8
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (!(callbackArr[0] instanceof AttachmentRequestCallback)) {
                    attachmentArr[0] = ((AttachmentResultCallback) callbackArr[0]).getAttachment();
                    return;
                }
                AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                if (!attachmentArr[0].getId().equals(attachmentRequestCallback.getAttachmentId())) {
                    throw new RuntimeException("wrong attachment requested");
                }
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(attachmentArr[0]);
                attachmentRequestCallback.setAttachments(arrayList2);
            }
        });
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertTrue(Arrays.equals(readInputStream(attachmentArr[0].getSourceStream()), SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        Assert.assertEquals("text/xml", attachmentArr[0].getMimeType());
        Assert.assertEquals(6L, attachmentArr[0].getHeaders().size());
    }

    @Test
    public void testInvalidXMLAttachmentCmplEncCmplSign() throws Exception {
        String uuid = UUID.randomUUID().toString();
        final Attachment[] attachmentArr = {new Attachment()};
        attachmentArr[0].setMimeType("text/xml");
        attachmentArr[0].addHeaders(getHeaders(uuid));
        attachmentArr[0].setId(uuid);
        attachmentArr[0].setSourceStream(new ByteArrayInputStream(SOAPUtil.SAMPLE_SOAP_MSG.getBytes("UTF-8")));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        wSSSecurityProperties.addEncryptionPart(new SecurePart("cid:Attachments", SecurePart.Modifier.Element));
        wSSSecurityProperties.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.9
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (!(callbackArr[0] instanceof AttachmentRequestCallback)) {
                    attachmentArr[0] = ((AttachmentResultCallback) callbackArr[0]).getAttachment();
                } else {
                    AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                    ArrayList arrayList2 = new ArrayList();
                    arrayList2.add(attachmentArr[0]);
                    attachmentRequestCallback.setAttachments(arrayList2);
                }
            }
        });
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        NodeList elementsByTagNameNS = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assert.assertEquals(1L, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assert.assertEquals(3L, childNodes.getLength());
        Assert.assertEquals(childNodes.item(0).getLocalName(), "Signature");
        Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedKey");
        Assert.assertEquals(childNodes.item(2).getLocalName(), "EncryptedData");
        PushbackInputStream pushbackInputStream = new PushbackInputStream(attachmentArr[0].getSourceStream(), 1);
        pushbackInputStream.unread(75);
        attachmentArr[0].setSourceStream(pushbackInputStream);
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties2.setAttachmentCallbackHandler(new CallbackHandler() { // from class: org.apache.wss4j.stax.test.AttachmentTest.10
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                if (!(callbackArr[0] instanceof AttachmentRequestCallback)) {
                    attachmentArr[0] = ((AttachmentResultCallback) callbackArr[0]).getAttachment();
                    return;
                }
                AttachmentRequestCallback attachmentRequestCallback = (AttachmentRequestCallback) callbackArr[0];
                if (!attachmentArr[0].getId().equals(attachmentRequestCallback.getAttachmentId())) {
                    throw new RuntimeException("wrong attachment requested");
                }
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(attachmentArr[0]);
                attachmentRequestCallback.setAttachments(arrayList2);
            }
        });
        try {
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            Assert.fail("Exception expected");
        } catch (XMLStreamException e) {
            Assert.assertNotNull(e.getMessage());
        }
    }
}
