package org.apache.wss4j.stax.test;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Properties;
import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.message.WSSecDKEncrypt;
import org.apache.wss4j.dom.message.WSSecDKSign;
import org.apache.wss4j.dom.message.WSSecEncryptedKey;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSecurityContextToken;
import org.apache.wss4j.stax.WSSec;
import org.apache.wss4j.stax.ext.InboundWSSec;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityEvent.EncryptedPartSecurityEvent;
import org.apache.wss4j.stax.securityEvent.OperationSecurityEvent;
import org.apache.wss4j.stax.securityEvent.SignedPartSecurityEvent;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.wss4j.stax.test.AbstractTestBase;
import org.apache.wss4j.stax.test.utils.SOAPUtil;
import org.apache.wss4j.stax.test.utils.StAX2DOM;
import org.apache.wss4j.stax.test.utils.XmlReaderToWriter;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
import org.apache.xml.security.stax.securityEvent.SignatureValueSecurityEvent;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;

@RunWith(Parameterized.class)
/* loaded from: input_file:org/apache/wss4j/stax/test/DerivedKeyTokenTest.class */
public class DerivedKeyTokenTest extends AbstractTestBase {
    final int version;

    public DerivedKeyTokenTest(int i) {
        this.version = i;
    }

    @BeforeClass
    public static void setUp() throws Exception {
        WSSConfig.init();
    }

    @Parameterized.Parameters(name = "{0}")
    public static Collection<Object[]> data() {
        return Arrays.asList(new Object[]{1}, new Object[]{2});
    }

    @Test
    public void testEncryptionDecryptionTRIPLEDESOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT_WITH_DERIVED_KEY);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl(WSSConstants.generateBytes(24)));
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Assert.assertEquals(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_soap11_Body.getLocalPart());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Encrypt");
    }

    @Test
    public void testEncryptionDecryptionTRIPLEDESInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
        wSSecHeader.insertSecurityHeader();
        WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken();
        Crypto cryptoFactory = CryptoFactory.getInstance("transmitter-crypto.properties");
        wSSecSecurityContextToken.setWscVersion(this.version);
        wSSecSecurityContextToken.prepare(sOAPPart, cryptoFactory);
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
        wSSecEncryptedKey.setUserInfo("receiver");
        wSSecEncryptedKey.setKeyIdentifierType(8);
        wSSecEncryptedKey.prepare(sOAPPart, cryptoFactory);
        byte[] ephemeralKey = wSSecEncryptedKey.getEphemeralKey();
        String id = wSSecEncryptedKey.getId();
        WSSecDKEncrypt wSSecDKEncrypt = new WSSecDKEncrypt();
        wSSecDKEncrypt.setWscVersion(this.version);
        wSSecDKEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        wSSecDKEncrypt.setExternalKey(ephemeralKey, id);
        wSSecDKEncrypt.build(sOAPPart, wSSecHeader);
        wSSecEncryptedKey.prependToHeader(wSSecHeader);
        wSSecEncryptedKey.prependBSTElementToHeader(wSSecHeader);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 1L);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(sOAPPart), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(new SecurityEventConstants.Event[]{WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.X509Token, WSSecurityEventConstants.EncryptedPart, WSSecurityEventConstants.Operation});
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener)).getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 0L);
        testSecurityEventListener.compare();
        EncryptedPartSecurityEvent encryptedPartSecurityEvent = (EncryptedPartSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.EncryptedPart);
        OperationSecurityEvent operationSecurityEvent = (OperationSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.Operation);
        String correlationID = encryptedPartSecurityEvent.getCorrelationID();
        String correlationID2 = operationSecurityEvent.getCorrelationID();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        List<SecurityEvent> receivedSecurityEvents = testSecurityEventListener.getReceivedSecurityEvents();
        for (int i = 0; i < receivedSecurityEvents.size(); i++) {
            SecurityEvent securityEvent = receivedSecurityEvents.get(i);
            if (securityEvent.getCorrelationID().equals(correlationID)) {
                arrayList2.add(securityEvent);
            } else if (securityEvent.getCorrelationID().equals(correlationID2)) {
                arrayList.add(securityEvent);
            }
        }
        Assert.assertEquals(6L, arrayList2.size());
        Assert.assertEquals(1L, arrayList.size());
        Assert.assertEquals(testSecurityEventListener.getReceivedSecurityEvents().size(), arrayList.size() + arrayList2.size());
    }

    @Test
    public void testEncryptionDecryptionTRIPLEDESInboundAction() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("derivedTokenReference", "EncryptedKey");
        if (this.version == 1) {
            properties.put("use200512Namespace", "false");
        }
        properties.put("user", "receiver");
        properties.put("encryptionSymAlgorithm", "http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "EncryptDerived", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_soap11_Body.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(new SecurityEventConstants.Event[]{WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.X509Token, WSSecurityEventConstants.EncryptedPart, WSSecurityEventConstants.Operation});
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener)).getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 0L);
        testSecurityEventListener.compare();
        EncryptedPartSecurityEvent encryptedPartSecurityEvent = (EncryptedPartSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.EncryptedPart);
        OperationSecurityEvent operationSecurityEvent = (OperationSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.Operation);
        String correlationID = encryptedPartSecurityEvent.getCorrelationID();
        String correlationID2 = operationSecurityEvent.getCorrelationID();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        List<SecurityEvent> receivedSecurityEvents = testSecurityEventListener.getReceivedSecurityEvents();
        for (int i = 0; i < receivedSecurityEvents.size(); i++) {
            SecurityEvent securityEvent = receivedSecurityEvents.get(i);
            if (securityEvent.getCorrelationID().equals(correlationID)) {
                arrayList2.add(securityEvent);
            } else if (securityEvent.getCorrelationID().equals(correlationID2)) {
                arrayList.add(securityEvent);
            }
        }
        Assert.assertEquals(6L, arrayList2.size());
        Assert.assertEquals(1L, arrayList.size());
        Assert.assertEquals(testSecurityEventListener.getReceivedSecurityEvents().size(), arrayList.size() + arrayList2.size());
    }

    @Test
    public void testEncryptionDecryptionAES128Outbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT_WITH_DERIVED_KEY);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl(WSSConstants.generateBytes(16)));
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Assert.assertEquals(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_soap11_Body.getLocalPart());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Encrypt");
    }

    @Test
    public void testEncryptionDecryptionAES128Inbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
        wSSecHeader.insertSecurityHeader();
        WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken();
        wSSecSecurityContextToken.setWscVersion(this.version);
        Crypto cryptoFactory = CryptoFactory.getInstance("transmitter-crypto.properties");
        wSSecSecurityContextToken.prepare(sOAPPart, cryptoFactory);
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
        wSSecEncryptedKey.setUserInfo("receiver");
        wSSecEncryptedKey.setKeyIdentifierType(1);
        wSSecEncryptedKey.prepare(sOAPPart, cryptoFactory);
        byte[] ephemeralKey = wSSecEncryptedKey.getEphemeralKey();
        String id = wSSecEncryptedKey.getId();
        WSSecDKEncrypt wSSecDKEncrypt = new WSSecDKEncrypt();
        wSSecDKEncrypt.setWscVersion(this.version);
        wSSecDKEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        wSSecDKEncrypt.setExternalKey(ephemeralKey, id);
        wSSecDKEncrypt.build(sOAPPart, wSSecHeader);
        wSSecEncryptedKey.prependToHeader(wSSecHeader);
        wSSecEncryptedKey.prependBSTElementToHeader(wSSecHeader);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 1L);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(sOAPPart), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 0L);
    }

    @Test
    public void testEncryptionDecryptionAES128InboundAction() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("derivedTokenReference", "EncryptedKey");
        if (this.version == 1) {
            properties.put("use200512Namespace", "false");
        }
        properties.put("user", "receiver");
        properties.put("encryptionSymAlgorithm", "http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "EncryptDerived", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_soap11_Body.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 0L);
    }

    @Test
    public void testSignatureOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE_WITH_DERIVED_KEY);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier);
        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.EncryptedKey);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("receiver");
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Assert.assertEquals(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature Encrypt");
    }

    @Test
    public void testSignatureInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
        wSSecHeader.insertSecurityHeader();
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
        wSSecEncryptedKey.setUserInfo("receiver");
        wSSecEncryptedKey.setKeyIdentifierType(8);
        wSSecEncryptedKey.prepare(sOAPPart, CryptoFactory.getInstance("transmitter-crypto.properties"));
        byte[] ephemeralKey = wSSecEncryptedKey.getEphemeralKey();
        String id = wSSecEncryptedKey.getId();
        WSSecDKSign wSSecDKSign = new WSSecDKSign();
        wSSecDKSign.setWscVersion(this.version);
        wSSecDKSign.setExternalKey(ephemeralKey, id);
        wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSecDKSign.build(sOAPPart, wSSecHeader);
        wSSecEncryptedKey.prependToHeader(wSSecHeader);
        wSSecEncryptedKey.prependBSTElementToHeader(wSSecHeader);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(sOAPPart), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
    }

    @Test
    public void testSignatureInboundAction() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("derivedTokenReference", "EncryptedKey");
        if (this.version == 1) {
            properties.put("use200512Namespace", "false");
        }
        properties.put("user", "receiver");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SignatureDerived", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
    }

    @Test
    public void testSignatureThumbprintSHA1Outbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE_WITH_DERIVED_KEY);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("receiver");
        wSSSecurityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.DirectReference);
        wSSSecurityProperties.setDerivedKeyKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_wsc0512_SecurityContextToken.getNamespaceURI(), WSSConstants.TAG_wsc0512_SecurityContextToken.getLocalPart()).getLength(), 0L);
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedKey.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedKey.getLocalPart()).getLength(), 0L);
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_wsc0512_DerivedKeyToken.getNamespaceURI(), WSSConstants.TAG_wsc0512_DerivedKeyToken.getLocalPart()).getLength(), 1L);
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_wsse_KeyIdentifier.getNamespaceURI(), WSSConstants.TAG_wsse_KeyIdentifier.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 1L);
        Assert.assertEquals(((Attr) elementsByTagNameNS.item(0).getAttributes().getNamedItem(WSSConstants.ATT_NULL_ValueType.getLocalPart())).getValue(), "http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1");
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature Encrypt");
    }

    @Test
    public void testSignatureThumbprintSHA1Inbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
        wSSecHeader.insertSecurityHeader();
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        Crypto cryptoFactory = CryptoFactory.getInstance("transmitter-crypto.properties");
        securityTokenReference.setKeyIdentifierThumb(cryptoFactory.getX509Certificates(cryptoType)[0]);
        WSSecDKSign wSSecDKSign = new WSSecDKSign();
        wSSecDKSign.setWscVersion(this.version);
        wSSecDKSign.setExternalKey(cryptoFactory.getPrivateKey("transmitter", "default").getEncoded(), securityTokenReference.getElement());
        wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSecDKSign.build(sOAPPart, wSSecHeader);
        wSSecDKSign.prependDKElementToHeader(wSSecHeader);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(sOAPPart), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
    }

    @Test
    public void testSignatureThumbprintSHA1InboundAction() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("derivedTokenReference", "DirectReference");
        if (this.version == 1) {
            properties.put("use200512Namespace", "false");
        }
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SignatureDerived", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
    }

    @Test
    public void testSignatureSKIOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE_WITH_DERIVED_KEY);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("receiver");
        wSSSecurityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.DirectReference);
        wSSSecurityProperties.setDerivedKeyKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_SkiKeyIdentifier);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_wsc0512_SecurityContextToken.getNamespaceURI(), WSSConstants.TAG_wsc0512_SecurityContextToken.getLocalPart()).getLength(), 0L);
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedKey.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedKey.getLocalPart()).getLength(), 0L);
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_wsc0512_DerivedKeyToken.getNamespaceURI(), WSSConstants.TAG_wsc0512_DerivedKeyToken.getLocalPart()).getLength(), 1L);
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_wsse_KeyIdentifier.getNamespaceURI(), WSSConstants.TAG_wsse_KeyIdentifier.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 1L);
        Assert.assertEquals(((Attr) elementsByTagNameNS.item(0).getAttributes().getNamedItem(WSSConstants.ATT_NULL_ValueType.getLocalPart())).getValue(), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier");
        Assert.assertEquals(parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature Encrypt");
    }

    @Test
    public void testSignatureSKIInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
        wSSecHeader.insertSecurityHeader();
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        Crypto cryptoFactory = CryptoFactory.getInstance("transmitter-crypto.properties");
        securityTokenReference.setKeyIdentifierSKI(cryptoFactory.getX509Certificates(cryptoType)[0], cryptoFactory);
        WSSecDKSign wSSecDKSign = new WSSecDKSign();
        wSSecDKSign.setWscVersion(this.version);
        wSSecDKSign.setExternalKey(cryptoFactory.getPrivateKey("transmitter", "default").getEncoded(), securityTokenReference.getElement());
        wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSecDKSign.build(sOAPPart, wSSecHeader);
        wSSecDKSign.prependDKElementToHeader(wSSecHeader);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(sOAPPart), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
    }

    @Test
    public void testSignatureSKIInboundAction() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("derivedTokenReference", "DirectReference");
        properties.put("derivedTokenKeyIdentifier", "SKIKeyIdentifier");
        if (this.version == 1) {
            properties.put("use200512Namespace", "false");
        }
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SignatureDerived", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
    }

    @Test
    public void testSignatureEncryptOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE_WITH_DERIVED_KEY);
        arrayList.add(WSSConstants.ENCRYPT_WITH_DERIVED_KEY);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("receiver");
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier);
        wSSSecurityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.EncryptedKey);
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Assert.assertEquals(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(r0.getElementsByTagNameNS(WSSConstants.TAG_wsc0512_SecurityContextToken.getNamespaceURI(), WSSConstants.TAG_wsc0512_SecurityContextToken.getLocalPart()).getLength(), 0L);
        Assert.assertEquals(r0.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedKey.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedKey.getLocalPart()).getLength(), 1L);
        Assert.assertEquals(r0.getElementsByTagNameNS(WSSConstants.TAG_wsc0512_DerivedKeyToken.getNamespaceURI(), WSSConstants.TAG_wsc0512_DerivedKeyToken.getLocalPart()).getLength(), 2L);
        Assert.assertEquals(r0.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature Encrypt");
    }

    @Test
    public void testSignatureEncryptInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
        wSSecHeader.insertSecurityHeader();
        Crypto cryptoFactory = CryptoFactory.getInstance("transmitter-crypto.properties");
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
        wSSecEncryptedKey.setUserInfo("receiver");
        wSSecEncryptedKey.setKeyIdentifierType(8);
        wSSecEncryptedKey.prepare(sOAPPart, cryptoFactory);
        byte[] ephemeralKey = wSSecEncryptedKey.getEphemeralKey();
        String id = wSSecEncryptedKey.getId();
        WSSecDKSign wSSecDKSign = new WSSecDKSign();
        wSSecDKSign.setWscVersion(this.version);
        wSSecDKSign.setExternalKey(ephemeralKey, id);
        wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        Document build = wSSecDKSign.build(sOAPPart, wSSecHeader);
        WSSecDKEncrypt wSSecDKEncrypt = new WSSecDKEncrypt();
        wSSecDKEncrypt.setWscVersion(this.version);
        wSSecDKEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        wSSecDKEncrypt.setExternalKey(ephemeralKey, id);
        wSSecDKEncrypt.build(build, wSSecHeader);
        wSSecEncryptedKey.prependToHeader(wSSecHeader);
        wSSecEncryptedKey.prependBSTElementToHeader(wSSecHeader);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 1L);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(sOAPPart), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(new SecurityEventConstants.Event[]{WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.AlgorithmSuite, WSSecurityEventConstants.X509Token, WSSecurityEventConstants.SignatureValue, WSSecurityEventConstants.SignedPart, WSSecurityEventConstants.EncryptedPart, WSSecurityEventConstants.Operation});
        Document readDoc = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener));
        Assert.assertEquals(readDoc.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        Assert.assertEquals(readDoc.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 0L);
        testSecurityEventListener.compare();
        EncryptedPartSecurityEvent encryptedPartSecurityEvent = (EncryptedPartSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.EncryptedPart);
        SignedPartSecurityEvent signedPartSecurityEvent = (SignedPartSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.SignedPart);
        SignatureValueSecurityEvent signatureValueSecurityEvent = (SignatureValueSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.SignatureValue);
        OperationSecurityEvent operationSecurityEvent = (OperationSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.Operation);
        String correlationID = encryptedPartSecurityEvent.getCorrelationID();
        String correlationID2 = signedPartSecurityEvent.getCorrelationID();
        String correlationID3 = signatureValueSecurityEvent.getCorrelationID();
        String correlationID4 = operationSecurityEvent.getCorrelationID();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        ArrayList arrayList4 = new ArrayList();
        List<SecurityEvent> receivedSecurityEvents = testSecurityEventListener.getReceivedSecurityEvents();
        for (int i = 0; i < receivedSecurityEvents.size(); i++) {
            SecurityEvent securityEvent = receivedSecurityEvents.get(i);
            if (securityEvent.getCorrelationID().equals(correlationID)) {
                arrayList2.add(securityEvent);
            } else if (securityEvent.getCorrelationID().equals(correlationID4)) {
                arrayList.add(securityEvent);
            } else if (securityEvent.getCorrelationID().equals(correlationID2)) {
                arrayList3.add(securityEvent);
            } else if (securityEvent.getCorrelationID().equals(correlationID3)) {
                arrayList4.add(securityEvent);
            }
        }
        Assert.assertEquals(5L, arrayList2.size());
        Assert.assertEquals(3L, arrayList3.size());
        Assert.assertEquals(6L, arrayList4.size());
        Assert.assertEquals(testSecurityEventListener.getReceivedSecurityEvents().size(), arrayList.size() + arrayList2.size() + arrayList3.size() + arrayList4.size());
    }

    @Test
    public void testEncryptSignatureInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
        wSSecHeader.insertSecurityHeader();
        Crypto cryptoFactory = CryptoFactory.getInstance("transmitter-crypto.properties");
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
        wSSecEncryptedKey.setUserInfo("receiver");
        wSSecEncryptedKey.setKeyIdentifierType(8);
        wSSecEncryptedKey.prepare(sOAPPart, cryptoFactory);
        byte[] ephemeralKey = wSSecEncryptedKey.getEphemeralKey();
        String id = wSSecEncryptedKey.getId();
        WSSecDKEncrypt wSSecDKEncrypt = new WSSecDKEncrypt();
        wSSecDKEncrypt.setWscVersion(this.version);
        wSSecDKEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        wSSecDKEncrypt.setExternalKey(ephemeralKey, id);
        wSSecDKEncrypt.build(sOAPPart, wSSecHeader);
        WSSecDKSign wSSecDKSign = new WSSecDKSign();
        wSSecDKSign.setWscVersion(this.version);
        wSSecDKSign.setExternalKey(ephemeralKey, id);
        wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSecDKSign.build(sOAPPart, wSSecHeader);
        wSSecEncryptedKey.prependToHeader(wSSecHeader);
        wSSecEncryptedKey.prependBSTElementToHeader(wSSecHeader);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        Assert.assertEquals(sOAPPart.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 1L);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(sOAPPart), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Document readDoc = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertEquals(readDoc.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        Assert.assertEquals(readDoc.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 0L);
    }

    @Test
    public void testEncryptSignatureInboundAction() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("derivedTokenReference", "EncryptedKey");
        if (this.version == 1) {
            properties.put("use200512Namespace", "false");
        }
        properties.put("user", "receiver");
        properties.put("signatureAlgorithm", "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SignatureDerived EncryptDerived", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_soap11_Body.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Document readDoc = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
        Assert.assertEquals(readDoc.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        Assert.assertEquals(readDoc.getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 0L);
    }
}
