package org.keycloak.jose;

import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyPair;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.Ignore;
import org.junit.Test;
import org.keycloak.common.crypto.CryptoIntegration;
import org.keycloak.common.util.Base64Url;
import org.keycloak.common.util.KeyUtils;
import org.keycloak.jose.jwe.JWE;
import org.keycloak.jose.jwe.JWEException;
import org.keycloak.jose.jwe.JWEHeader;
import org.keycloak.jose.jwe.JWEKeyStorage;
import org.keycloak.jose.jwe.JWEUtils;
import org.keycloak.jose.jwe.alg.JWEAlgorithmProvider;
import org.keycloak.jose.jwe.enc.AesCbcHmacShaJWEEncryptionProvider;
import org.keycloak.jose.jwe.enc.AesGcmJWEEncryptionProvider;
import org.keycloak.rule.CryptoInitRule;

/* loaded from: input_file:org/keycloak/jose/JWETest.class */
public abstract class JWETest {
    protected static final String PAYLOAD = "Hello world! How are you man? I hope you are fine. This is some quite a long text, which is much longer than just simple 'Hello World'";

    @ClassRule
    public static CryptoInitRule cryptoInitRule = new CryptoInitRule();
    protected static final byte[] HMAC_SHA256_KEY = {10, 20, 30, 40, 50, 60, 70, 80, 90, 100, 110, 120, 13, 14, 15, 16};
    protected static final byte[] AES_128_KEY = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
    protected static final byte[] HMAC_SHA512_KEY = {10, 20, 30, 40, 50, 60, 70, 80, 90, 100, 110, 120, 13, 14, 15, 16, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
    protected static final byte[] AES_256_KEY = {10, 20, 30, 40, 50, 60, 70, 80, 90, 100, 110, 120, 13, 14, 15, 16, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};

    @Test
    public void testDirect_Aes128CbcHmacSha256() throws Exception {
        testDirectEncryptAndDecrypt(new SecretKeySpec(AES_128_KEY, "AES"), new SecretKeySpec(HMAC_SHA256_KEY, "HMACSHA2"), "A128CBC-HS256", PAYLOAD, true);
    }

    @Test
    @Ignore
    public void testDirect_Aes256CbcHmacSha512() throws Exception {
        testDirectEncryptAndDecrypt(new SecretKeySpec(AES_256_KEY, "AES"), new SecretKeySpec(HMAC_SHA512_KEY, "HMACSHA2"), "A256CBC-HS512", PAYLOAD, true);
    }

    protected void testDirectEncryptAndDecrypt(Key key, Key key2, String str, String str2, boolean z) throws Exception {
        JWE content = new JWE().header(new JWEHeader("dir", str, (String) null)).content(str2.getBytes(StandardCharsets.UTF_8));
        content.getKeyStorage().setCEKKey(key, JWEKeyStorage.KeyUse.ENCRYPTION).setCEKKey(key2, JWEKeyStorage.KeyUse.SIGNATURE);
        String encodeJwe = content.encodeJwe();
        if (z) {
            System.out.println("Encoded content: " + encodeJwe);
            System.out.println("Encoded content length: " + encodeJwe.length());
        }
        JWE jwe = new JWE();
        jwe.getKeyStorage().setCEKKey(key, JWEKeyStorage.KeyUse.ENCRYPTION).setCEKKey(key2, JWEKeyStorage.KeyUse.SIGNATURE);
        jwe.verifyAndDecodeJwe(encodeJwe);
        Assert.assertEquals(str2, new String(jwe.getContent(), StandardCharsets.UTF_8));
    }

    @Test
    @Ignore
    public void testPerfDirect() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        for (int i = 0; i < 50000; i++) {
            testDirectEncryptAndDecrypt(new SecretKeySpec(AES_128_KEY, "AES"), new SecretKeySpec(HMAC_SHA256_KEY, "HMACSHA2"), "A128CBC-HS256", PAYLOAD + i, false);
        }
        System.out.println("Iterations: 50000, took: " + (System.currentTimeMillis() - currentTimeMillis));
    }

    @Test
    public void testAesKW_Aes128CbcHmacSha256() throws Exception {
        testAesKW_Aes128CbcHmacSha256(new SecretKeySpec(AES_128_KEY, "AES"));
    }

    private void testAesKW_Aes128CbcHmacSha256(SecretKey secretKey) throws JWEException {
        JWE content = new JWE().header(new JWEHeader("A128KW", "A128CBC-HS256", (String) null)).content(PAYLOAD.getBytes(StandardCharsets.UTF_8));
        content.getKeyStorage().setEncryptionKey(secretKey);
        String encodeJwe = content.encodeJwe();
        System.out.println("Encoded content: " + encodeJwe);
        System.out.println("Encoded content length: " + encodeJwe.length());
        JWE jwe = new JWE();
        jwe.getKeyStorage().setDecryptionKey(secretKey);
        jwe.verifyAndDecodeJwe(encodeJwe);
        Assert.assertEquals(PAYLOAD, new String(jwe.getContent(), StandardCharsets.UTF_8));
    }

    @Test
    public void testSalt() {
        byte[] generateSecret = JWEUtils.generateSecret(8);
        System.out.print("new byte[] = {");
        for (byte b : generateSecret) {
            System.out.print("" + Byte.toString(b) + ",");
        }
    }

    @Test
    public void externalJweAes128CbcHmacSha256Test() throws JWEException {
        System.out.println("External encoded content length: " + "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..qysUrI1iVtiG4Z4jyr7XXg.apdNSQhR7WDMg6IHf5aLVI0gGp6JuOHYmIUtflns4WHmyxOOnh_GShLI6DWaK_SiywTV5gZvZYtl8H8Iv5fTfLkc4tiDDjbdtmsOP7tqyRxVh069gU5UvEAgmCXbIKALutgYXcYe2WM4E6BIHPTSt8jXdkktFcm7XHiD7mpakZyjXsG8p3XVkQJ72WbJI_t6.Ks6gHeko7BRTZ4CFs5ijRA".length());
        SecretKeySpec secretKeySpec = new SecretKeySpec(AES_128_KEY, "AES");
        SecretKeySpec secretKeySpec2 = new SecretKeySpec(HMAC_SHA256_KEY, "HMACSHA2");
        JWE jwe = new JWE();
        jwe.getKeyStorage().setCEKKey(secretKeySpec, JWEKeyStorage.KeyUse.ENCRYPTION).setCEKKey(secretKeySpec2, JWEKeyStorage.KeyUse.SIGNATURE);
        jwe.verifyAndDecodeJwe("eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..qysUrI1iVtiG4Z4jyr7XXg.apdNSQhR7WDMg6IHf5aLVI0gGp6JuOHYmIUtflns4WHmyxOOnh_GShLI6DWaK_SiywTV5gZvZYtl8H8Iv5fTfLkc4tiDDjbdtmsOP7tqyRxVh069gU5UvEAgmCXbIKALutgYXcYe2WM4E6BIHPTSt8jXdkktFcm7XHiD7mpakZyjXsG8p3XVkQJ72WbJI_t6.Ks6gHeko7BRTZ4CFs5ijRA");
        Assert.assertEquals(PAYLOAD, new String(jwe.getContent(), StandardCharsets.UTF_8));
    }

    @Test
    @Ignore
    public void externalJweAes256CbcHmacSha512Test() throws JWEException {
        System.out.println("External encoded content length: " + "eyJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiYWxnIjoiZGlyIn0..xUPndQ5U69CYaWMKr4nyeg.AzSzba6OdNsvTIoNpub8d2TmYnkY7W8Sd-1S33DjJwJsSaNcfvfXBq5bqXAGVAnLHrLZJKWoEYsmOrYHz3Nao-kpLtUpc4XZI8yiYUqkHTjmxZnfD02R6hz31a5KBCnDTtUEv23VSxm8yUyQKoUTpVHbJ3b2VQvycg2XFUXPsA6oaSSEpz-uwe1Vmun2hUBB.Qal4rMYn1RrXQ9AQ9ONUjUXvlS2ow8np-T8QWMBR0ns".length());
        SecretKeySpec secretKeySpec = new SecretKeySpec(AES_256_KEY, "AES");
        SecretKeySpec secretKeySpec2 = new SecretKeySpec(HMAC_SHA512_KEY, "HMACSHA2");
        JWE jwe = new JWE();
        jwe.getKeyStorage().setCEKKey(secretKeySpec, JWEKeyStorage.KeyUse.ENCRYPTION).setCEKKey(secretKeySpec2, JWEKeyStorage.KeyUse.SIGNATURE);
        jwe.verifyAndDecodeJwe("eyJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiYWxnIjoiZGlyIn0..xUPndQ5U69CYaWMKr4nyeg.AzSzba6OdNsvTIoNpub8d2TmYnkY7W8Sd-1S33DjJwJsSaNcfvfXBq5bqXAGVAnLHrLZJKWoEYsmOrYHz3Nao-kpLtUpc4XZI8yiYUqkHTjmxZnfD02R6hz31a5KBCnDTtUEv23VSxm8yUyQKoUTpVHbJ3b2VQvycg2XFUXPsA6oaSSEpz-uwe1Vmun2hUBB.Qal4rMYn1RrXQ9AQ9ONUjUXvlS2ow8np-T8QWMBR0ns");
        Assert.assertEquals(PAYLOAD, new String(jwe.getContent(), StandardCharsets.UTF_8));
    }

    @Test
    public void externalJweAes128KeyWrapTest() throws Exception {
        SecretKeySpec secretKeySpec = new SecretKeySpec(Base64Url.decode("GawgguFyGrWKav7AX4VKUg"), "AES");
        JWE jwe = new JWE();
        jwe.getKeyStorage().setDecryptionKey(secretKeySpec);
        jwe.verifyAndDecodeJwe("eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ.AxY8DCtDaGlsbGljb3RoZQ.KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.U0m_YmjN04DJvceFICbCVQ");
        Assert.assertEquals("Live long and prosper.", new String(jwe.getContent(), StandardCharsets.UTF_8));
    }

    @Test
    public void testRSA1_5_A128GCM() throws Exception {
        testKeyEncryption_ContentEncryptionAesGcm("RSA1_5", "A128GCM");
    }

    @Test
    public void testRSAOAEP_A128GCM() throws Exception {
        testKeyEncryption_ContentEncryptionAesGcm("RSA-OAEP", "A128GCM");
    }

    @Test
    public void testRSAOAEP256_A128GCM() throws Exception {
        testKeyEncryption_ContentEncryptionAesGcm("RSA-OAEP-256", "A128GCM");
    }

    @Test
    public void testRSA1_5_A128CBCHS256() throws Exception {
        testKeyEncryption_ContentEncryptionAesHmacSha("RSA1_5", "A128CBC-HS256");
    }

    @Test
    public void testRSAOAEP_A128CBCHS256() throws Exception {
        testKeyEncryption_ContentEncryptionAesHmacSha("RSA-OAEP", "A128CBC-HS256");
    }

    @Test
    public void testRSAOAEP256_A128CBCHS256() throws Exception {
        testKeyEncryption_ContentEncryptionAesHmacSha("RSA-OAEP-256", "A128CBC-HS256");
    }

    private void testKeyEncryption_ContentEncryptionAesGcm(String str, String str2) throws Exception {
        KeyPair generateRsaKeyPair = KeyUtils.generateRsaKeyPair(2048);
        JWEAlgorithmProvider jWEAlgorithmProvider = (JWEAlgorithmProvider) CryptoIntegration.getProvider().getAlgorithmProvider(JWEAlgorithmProvider.class, str);
        AesGcmJWEEncryptionProvider aesGcmJWEEncryptionProvider = new AesGcmJWEEncryptionProvider(str2);
        JWE content = new JWE().header(new JWEHeader(str, str2, (String) null)).content(PAYLOAD.getBytes(StandardCharsets.UTF_8));
        content.getKeyStorage().setEncryptionKey(generateRsaKeyPair.getPublic());
        String encodeJwe = content.encodeJwe(jWEAlgorithmProvider, aesGcmJWEEncryptionProvider);
        System.out.println("Encoded content: " + encodeJwe);
        System.out.println("Encoded content length: " + encodeJwe.length());
        JWE jwe = new JWE();
        jwe.getKeyStorage().setDecryptionKey(generateRsaKeyPair.getPrivate());
        jwe.verifyAndDecodeJwe(encodeJwe, jWEAlgorithmProvider, aesGcmJWEEncryptionProvider);
        String str3 = new String(jwe.getContent(), StandardCharsets.UTF_8);
        System.out.println("Decoded content: " + str3);
        System.out.println("Decoded content length: " + str3.length());
        Assert.assertEquals(PAYLOAD, str3);
    }

    private void testKeyEncryption_ContentEncryptionAesHmacSha(String str, String str2) throws Exception {
        KeyPair generateRsaKeyPair = KeyUtils.generateRsaKeyPair(2048);
        SecretKeySpec secretKeySpec = new SecretKeySpec(AES_128_KEY, "AES");
        SecretKeySpec secretKeySpec2 = new SecretKeySpec(HMAC_SHA256_KEY, "HMACSHA2");
        JWEAlgorithmProvider jWEAlgorithmProvider = (JWEAlgorithmProvider) CryptoIntegration.getProvider().getAlgorithmProvider(JWEAlgorithmProvider.class, str);
        AesCbcHmacShaJWEEncryptionProvider aesCbcHmacShaJWEEncryptionProvider = new AesCbcHmacShaJWEEncryptionProvider(str2);
        JWE content = new JWE().header(new JWEHeader(str, str2, (String) null)).content(PAYLOAD.getBytes(StandardCharsets.UTF_8));
        content.getKeyStorage().setEncryptionKey(generateRsaKeyPair.getPublic());
        content.getKeyStorage().setCEKKey(secretKeySpec, JWEKeyStorage.KeyUse.ENCRYPTION).setCEKKey(secretKeySpec2, JWEKeyStorage.KeyUse.SIGNATURE);
        String encodeJwe = content.encodeJwe(jWEAlgorithmProvider, aesCbcHmacShaJWEEncryptionProvider);
        System.out.println("Encoded content: " + encodeJwe);
        System.out.println("Encoded content length: " + encodeJwe.length());
        JWE jwe = new JWE();
        jwe.getKeyStorage().setDecryptionKey(generateRsaKeyPair.getPrivate());
        jwe.getKeyStorage().setCEKKey(secretKeySpec, JWEKeyStorage.KeyUse.ENCRYPTION).setCEKKey(secretKeySpec2, JWEKeyStorage.KeyUse.SIGNATURE);
        jwe.verifyAndDecodeJwe(encodeJwe, jWEAlgorithmProvider, aesCbcHmacShaJWEEncryptionProvider);
        String str3 = new String(jwe.getContent(), StandardCharsets.UTF_8);
        System.out.println("Decoded content: " + str3);
        System.out.println("Decoded content length: " + str3.length());
        Assert.assertEquals(PAYLOAD, str3);
    }
}
