package org.apache.wss4j.stax.test;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.wss4j.stax.setup.OutboundWSSec;
import org.apache.wss4j.stax.setup.WSSec;
import org.apache.wss4j.stax.test.utils.XmlReaderToWriter;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
import org.apache.xml.security.stax.ext.SecurePart;
import org.apache.xml.security.stax.impl.OutboundSecurityContextImpl;
import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
import org.junit.Assert;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/wss4j/stax/test/SignatureEncryptionTest.class */
public class SignatureEncryptionTest extends AbstractTestBase {
    @Test
    public void testSignatureEncryptionOutbound() throws Exception {
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.ENCRYPT);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        ByteArrayOutputStream doOutboundSecurity = doOutboundSecurity(wSSSecurityProperties, getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
        this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(doOutboundSecurity.toByteArray()));
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(doOutboundSecurity.toByteArray())), "Signature Encrypt Timestamp");
    }

    @Test
    public void testEncryptionSymmetricOutbound() throws Exception {
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        OutboundWSSec outboundWSSec = WSSec.getOutboundWSSec(wSSSecurityProperties);
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JCEAlgorithmMapper.getJCEKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc"));
            keyGenerator.init(JCEAlgorithmMapper.getKeyLengthFromURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc"));
            SecretKey generateKey = keyGenerator.generateKey();
            final String generateID = IDGenerator.generateID((String) null);
            final GenericOutboundSecurityToken genericOutboundSecurityToken = new GenericOutboundSecurityToken(generateID, WSSecurityTokenConstants.EncryptedKeyToken, generateKey);
            SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() { // from class: org.apache.wss4j.stax.test.SignatureEncryptionTest.1
                /* renamed from: getSecurityToken, reason: merged with bridge method [inline-methods] */
                public OutboundSecurityToken m2getSecurityToken() throws XMLSecurityException {
                    return genericOutboundSecurityToken;
                }

                public String getId() {
                    return generateID;
                }
            };
            OutboundSecurityContextImpl outboundSecurityContextImpl = new OutboundSecurityContextImpl();
            outboundSecurityContextImpl.putList(SecurityEvent.class, new ArrayList());
            outboundSecurityContextImpl.registerSecurityTokenProvider(securityTokenProvider.getId(), securityTokenProvider);
            outboundSecurityContextImpl.put("PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION", securityTokenProvider.getId());
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            XMLStreamWriter processOutMessage = outboundWSSec.processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), outboundSecurityContextImpl);
            XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(resourceAsStream), processOutMessage);
            processOutMessage.close();
            this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
            doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Encrypt Timestamp");
        } catch (NoSuchAlgorithmException e) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
        }
    }

    @Test
    public void testSignatureEncryptionSymmetricOutbound() throws Exception {
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.ENCRYPT);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_EncryptedKey);
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        OutboundWSSec outboundWSSec = WSSec.getOutboundWSSec(wSSSecurityProperties);
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JCEAlgorithmMapper.getJCEKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc"));
            keyGenerator.init(JCEAlgorithmMapper.getKeyLengthFromURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc"));
            SecretKey generateKey = keyGenerator.generateKey();
            final String generateID = IDGenerator.generateID((String) null);
            final GenericOutboundSecurityToken genericOutboundSecurityToken = new GenericOutboundSecurityToken(generateID, WSSecurityTokenConstants.EncryptedKeyToken, generateKey);
            SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() { // from class: org.apache.wss4j.stax.test.SignatureEncryptionTest.2
                /* renamed from: getSecurityToken, reason: merged with bridge method [inline-methods] */
                public OutboundSecurityToken m3getSecurityToken() throws XMLSecurityException {
                    return genericOutboundSecurityToken;
                }

                public String getId() {
                    return generateID;
                }
            };
            OutboundSecurityContextImpl outboundSecurityContextImpl = new OutboundSecurityContextImpl();
            outboundSecurityContextImpl.putList(SecurityEvent.class, new ArrayList());
            outboundSecurityContextImpl.registerSecurityTokenProvider(securityTokenProvider.getId(), securityTokenProvider);
            outboundSecurityContextImpl.put("PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION", securityTokenProvider.getId());
            outboundSecurityContextImpl.put("PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE", securityTokenProvider.getId());
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            XMLStreamWriter processOutMessage = outboundWSSec.processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), outboundSecurityContextImpl);
            XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(resourceAsStream), processOutMessage);
            processOutMessage.close();
            NodeList elementsByTagNameNS = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
            Assert.assertEquals(1L, elementsByTagNameNS.getLength());
            NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
            Assert.assertEquals(childNodes.getLength(), 4L);
            Assert.assertEquals(childNodes.item(0).getLocalName(), "Timestamp");
            Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedKey");
            Assert.assertEquals(childNodes.item(2).getLocalName(), "ReferenceList");
            Assert.assertEquals(childNodes.item(3).getLocalName(), "Signature");
            doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature Encrypt Timestamp");
        } catch (NoSuchAlgorithmException e) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
        }
    }

    @Test
    public void testEncryptionSignatureSymmetricOutbound() throws Exception {
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.ENCRYPT);
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_EncryptedKey);
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        OutboundWSSec outboundWSSec = WSSec.getOutboundWSSec(wSSSecurityProperties);
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JCEAlgorithmMapper.getJCEKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc"));
            keyGenerator.init(JCEAlgorithmMapper.getKeyLengthFromURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc"));
            SecretKey generateKey = keyGenerator.generateKey();
            final String generateID = IDGenerator.generateID((String) null);
            final GenericOutboundSecurityToken genericOutboundSecurityToken = new GenericOutboundSecurityToken(generateID, WSSecurityTokenConstants.EncryptedKeyToken, generateKey);
            SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() { // from class: org.apache.wss4j.stax.test.SignatureEncryptionTest.3
                /* renamed from: getSecurityToken, reason: merged with bridge method [inline-methods] */
                public OutboundSecurityToken m4getSecurityToken() throws XMLSecurityException {
                    return genericOutboundSecurityToken;
                }

                public String getId() {
                    return generateID;
                }
            };
            OutboundSecurityContextImpl outboundSecurityContextImpl = new OutboundSecurityContextImpl();
            outboundSecurityContextImpl.putList(SecurityEvent.class, new ArrayList());
            outboundSecurityContextImpl.registerSecurityTokenProvider(securityTokenProvider.getId(), securityTokenProvider);
            outboundSecurityContextImpl.put("PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION", securityTokenProvider.getId());
            outboundSecurityContextImpl.put("PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE", securityTokenProvider.getId());
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            XMLStreamWriter processOutMessage = outboundWSSec.processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), outboundSecurityContextImpl);
            XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(resourceAsStream), processOutMessage);
            processOutMessage.close();
            NodeList elementsByTagNameNS = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
            Assert.assertEquals(1L, elementsByTagNameNS.getLength());
            NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
            Assert.assertEquals(childNodes.getLength(), 4L);
            Assert.assertEquals(childNodes.item(0).getLocalName(), "Timestamp");
            Assert.assertEquals(childNodes.item(1).getLocalName(), "EncryptedKey");
            Assert.assertEquals(childNodes.item(2).getLocalName(), "Signature");
            Assert.assertEquals(childNodes.item(3).getLocalName(), "ReferenceList");
            doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Encrypt Signature Timestamp");
        } catch (NoSuchAlgorithmException e) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
        }
    }

    @Test
    public void testEncryptedDataTokenSecurityHeaderWithoutReferenceInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
        WSSecHeader wSSecHeader = new WSSecHeader(parse);
        wSSecHeader.insertSecurityHeader();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("transmitter", "default");
        wSSecSignature.setKeyIdentifierType(1);
        Crypto cryptoFactory = CryptoFactory.getInstance("transmitter-crypto.properties");
        wSSecSignature.build(cryptoFactory);
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt(wSSecHeader);
        wSSecEncrypt.setKeyIdentifierType(8);
        wSSecEncrypt.setUserInfo("receiver");
        wSSecEncrypt.prepare(cryptoFactory);
        WSEncryptionPart wSEncryptionPart = new WSEncryptionPart("BinarySecurityToken", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Element");
        WSEncryptionPart wSEncryptionPart2 = new WSEncryptionPart("definitions", "http://schemas.xmlsoap.org/wsdl/", "Element");
        ArrayList arrayList = new ArrayList();
        arrayList.add(wSEncryptionPart);
        arrayList.add(wSEncryptionPart2);
        Element encryptForRef = wSSecEncrypt.encryptForRef((Element) null, arrayList);
        encryptForRef.removeChild(encryptForRef.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "DataReference").item(0));
        wSSecEncrypt.addExternalRefElement(encryptForRef);
        wSSecEncrypt.prependToHeader();
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(parse), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadDecryptionKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        Assert.assertEquals(doInboundSecurity(wSSSecurityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))).getElementsByTagNameNS(WSSConstants.TAG_xenc_EncryptedData.getNamespaceURI(), WSSConstants.TAG_xenc_EncryptedData.getLocalPart()).getLength(), 0L);
    }
}
