package org.apache.wss4j.dom.message;

import java.util.ArrayList;
import java.util.List;
import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSDataRef;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.WSSecurityEngine;
import org.apache.wss4j.dom.WSSecurityEngineResult;
import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
import org.apache.wss4j.dom.common.SOAPUtil;
import org.apache.wss4j.dom.common.SecurityTestUtil;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;

/* loaded from: input_file:org/apache/wss4j/dom/message/SignatureEncryptionTest.class */
public class SignatureEncryptionTest extends Assert {
    private static final Logger LOG = LoggerFactory.getLogger(SignatureEncryptionTest.class);
    private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"http://blah.com\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>";
    private WSSecurityEngine secEngine = new WSSecurityEngine();
    private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
    private Crypto crypto;

    @AfterClass
    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
    }

    public SignatureEncryptionTest() throws Exception {
        this.crypto = null;
        this.crypto = CryptoFactory.getInstance("wss40.properties");
        WSSConfig.init();
    }

    @Test
    public void testEncryptionSigning() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecEncrypt.setUserInfo("wss40");
        wSSecSignature.setUserInfo("wss40", "security");
        LOG.info("Before Encryption....");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug("After Encryption....");
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        Document build2 = wSSecSignature.build(build, this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug("After Signing....");
            LOG.debug(XMLUtils.PrettyDocumentToString(build2));
        }
        verify(build2);
    }

    @Test
    public void testEncryptionElementSigning() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecEncrypt.setUserInfo("wss40");
        wSSecSignature.setUserInfo("wss40", "security");
        LOG.info("Before Encryption....");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new WSEncryptionPart("add", "http://ws.apache.org/counter/counter_port_type", "Element"));
        wSSecEncrypt.setParts(arrayList);
        Document build = wSSecEncrypt.build(sOAPPart, this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug("After Encryption....");
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new WSEncryptionPart("EncryptedData", "http://www.w3.org/2001/04/xmlenc#", "Element"));
        wSSecSignature.setParts(arrayList2);
        Document build2 = wSSecSignature.build(build, this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug("After Signing....");
            LOG.debug(XMLUtils.PrettyDocumentToString(build2));
        }
        List<WSSecurityEngineResult> verify = verify(build2);
        List fetchAllActionResults = WSSecurityUtil.fetchAllActionResults(verify, 2);
        List fetchAllActionResults2 = WSSecurityUtil.fetchAllActionResults(verify, 4);
        assertEquals(1L, fetchAllActionResults.size());
        assertEquals(1L, fetchAllActionResults2.size());
        List list = (List) ((WSSecurityEngineResult) fetchAllActionResults.get(0)).get(org.apache.wss4j.dom.engine.WSSecurityEngineResult.TAG_DATA_REF_URIS);
        List list2 = (List) ((WSSecurityEngineResult) fetchAllActionResults2.get(0)).get(org.apache.wss4j.dom.engine.WSSecurityEngineResult.TAG_DATA_REF_URIS);
        assertNotNull(list);
        assertNotNull(list2);
        assertEquals(1L, list.size());
        assertEquals(1L, list2.size());
        assertNull(((WSDataRef) list.get(0)).getProtectedElement().getAttributeNodeNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Id"));
        assertTrue(((WSDataRef) list.get(0)).getWsuId().contains(((WSDataRef) list2.get(0)).getWsuId()));
    }

    @Test
    public void testSigningEncryption() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecEncrypt.setUserInfo("wss40");
        wSSecSignature.setUserInfo("wss40", "security");
        LOG.info("Before Encryption....");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        Document build = wSSecEncrypt.build(wSSecSignature.build(sOAPPart, this.crypto, wSSecHeader), this.crypto, wSSecHeader);
        LOG.info("After Encryption....");
        verify(build);
    }

    @Test
    public void testWSS198() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecEncrypt.setUserInfo("wss40");
        wSSecSignature.setUserInfo("wss40", "security");
        LOG.info("Before Encryption....");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new WSEncryptionPart("add", "http://ws.apache.org/counter/counter_port_type", ""));
        wSSecEncrypt.setParts(arrayList);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        Document build = wSSecEncrypt.build(wSSecSignature.build(sOAPPart, this.crypto, wSSecHeader), this.crypto, wSSecHeader);
        LOG.info("WSS198");
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        verify(build);
    }

    @Test
    public void testSigningEncryptionIS3DES() throws Exception {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setUserInfo("wss40");
        wSSecEncrypt.setKeyIdentifierType(2);
        wSSecEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecSignature.setUserInfo("wss40", "security");
        wSSecSignature.setKeyIdentifierType(2);
        LOG.info("Before Sign/Encryption....");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        Document build = wSSecEncrypt.build(wSSecSignature.build(sOAPPart, this.crypto, wSSecHeader), this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Signed and encrypted message with IssuerSerial key identifier (both), 3DES:");
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        LOG.info("After Sign/Encryption....");
        verify(build);
    }

    @Test
    public void testEncryptedKeySignature() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPMSG);
        LOG.info("Before Sign/Encryption....");
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
        wSSecEncryptedKey.setKeyIdentifierType(2);
        wSSecEncryptedKey.setUserInfo("wss40", "security");
        wSSecEncryptedKey.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes192-cbc");
        wSSecEncryptedKey.prepare(sOAPPart, this.crypto);
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setEncKeyId(wSSecEncryptedKey.getId());
        wSSecEncrypt.setEphemeralKey(wSSecEncryptedKey.getEphemeralKey());
        wSSecEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        wSSecEncrypt.setEncryptSymmKey(false);
        wSSecEncrypt.setEncryptedKeyElement(wSSecEncryptedKey.getEncryptedKeyElement());
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecSignature.setKeyIdentifierType(9);
        wSSecSignature.setCustomTokenId(wSSecEncryptedKey.getId());
        wSSecSignature.setSecretKey(wSSecEncryptedKey.getEphemeralKey());
        wSSecSignature.setCustomTokenValueType("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey");
        wSSecSignature.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        Document build = wSSecEncrypt.build(wSSecSignature.build(sOAPPart, this.crypto, wSSecHeader), this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Signed and encrypted message with IssuerSerial key identifier (both), 3DES:");
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        LOG.info("After Sign/Encryption....");
        verify(build);
    }

    private List<WSSecurityEngineResult> verify(Document document) throws Exception {
        List<WSSecurityEngineResult> processSecurityHeader = this.secEngine.processSecurityHeader(document, (String) null, this.callbackHandler, this.crypto);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(document));
        }
        return processSecurityHeader;
    }
}
