package org.wildfly.security.sasl.digest;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.spec.KeySpec;
import java.util.Collections;
import java.util.HashMap;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslServer;
import javax.security.sasl.SaslServerFactory;
import org.jboss.logging.Logger;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;
import org.wildfly.security.password.WildFlyElytronPasswordProvider;
import org.wildfly.security.password.spec.DigestPasswordSpec;
import org.wildfly.security.sasl.test.SaslServerBuilder;
import org.wildfly.security.sasl.test.SaslTestUtil;
import org.wildfly.security.sasl.util.UsernamePasswordHashUtil;

/* loaded from: input_file:org/wildfly/security/sasl/digest/DigestTest.class */
public class DigestTest {
    private static final String DIGEST = "DIGEST-MD5";
    private static final String REALM_PROPERTY = "com.sun.security.sasl.digest.realm";
    private static final String PRE_DIGESTED_PROPERTY = "org.wildfly.security.sasl.digest.pre_digested";
    private static final String QOP_PROPERTY = "javax.security.sasl.qop";
    private static Logger log = Logger.getLogger(DigestTest.class);
    private static final Provider[] providers = {WildFlyElytronSaslDigestProvider.getInstance(), WildFlyElytronPasswordProvider.getInstance()};

    @BeforeClass
    public static void registerPasswordProvider() {
        for (Provider provider : providers) {
            Security.insertProviderAt(provider, 1);
        }
    }

    @AfterClass
    public static void removePasswordProvider() {
        for (Provider provider : providers) {
            Security.removeProvider(provider.getName());
        }
    }

    @Test
    public void testPolicyIndirect_Server() throws Exception {
        Assert.assertEquals(DigestSaslServer.class, Sasl.createSaslServer(DIGEST, "TestProtocol", "TestServer", new HashMap(), new CallbackHandler() { // from class: org.wildfly.security.sasl.digest.DigestTest.1
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            }
        }).getClass());
    }

    @Test
    public void testPolicyDirect_Server() {
        SaslServerFactory obtainSaslServerFactory = SaslTestUtil.obtainSaslServerFactory(DigestServerFactory.class);
        Assert.assertNotNull("SaslServerFactory not registered", obtainSaslServerFactory);
        Assert.assertTrue(obtainSaslServerFactory.getMechanismNames(new HashMap()).length > 0);
    }

    @Test
    public void testSuccessfulExchange() throws Exception {
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("TestRealm").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", "TestRealm"));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        build.evaluateResponse(evaluateChallenge);
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    public void testSuccessfulExchange_DefaultRealm() throws Exception {
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", null));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        build.evaluateResponse(evaluateChallenge);
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    @Ignore("ELY-91")
    public void testSuccessfulExchange_AlternativeProtocol() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("org.wildfly.security.sasl.digest.alternative_protocols", "OtherProtocol DifferentProtocol");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "OtherProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", null));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.UTF_8));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.UTF_8));
        build.evaluateResponse(evaluateChallenge);
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    public void testBadPassword() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(REALM_PROPERTY, "TestRealm");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("bad".toCharArray()).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", null));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        try {
            build.evaluateResponse(createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0])));
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testBadUsername() throws Exception {
        new HashMap().put(REALM_PROPERTY, "TestRealm");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("Borris").setPassword("gpwd".toCharArray()).setProtocol("TestProtocol").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", null));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        try {
            build.evaluateResponse(createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0])));
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testBadRealm() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(REALM_PROPERTY, "TestRealm");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", "BadRealm"));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        try {
            build.evaluateResponse(createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0])));
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testRealmSelection() throws Exception {
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("realm1").addMechanismRealm("second realm").addMechanismRealm("last\\ ").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", "last\\ "));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        build.evaluateResponse(evaluateChallenge);
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    public void testSuccessfulExchange_PreHashedServer() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(PRE_DIGESTED_PROPERTY, "true");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProperties(hashMap).setProtocol("TestProtocol").addMechanismRealm("TestRealm").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", null));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        byte[] evaluateResponse2 = build.evaluateResponse(evaluateChallenge);
        log.debug("Server response:" + new String(evaluateResponse2, StandardCharsets.ISO_8859_1));
        createSaslClient.evaluateChallenge(evaluateResponse2);
        Assert.assertTrue(build.isComplete());
        Assert.assertTrue(createSaslClient.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    public void testSuccessfulExchange_DefaultRealm_PreHashedServer() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(PRE_DIGESTED_PROPERTY, "true");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestServer")).setProperties(hashMap).setProtocol("TestProtocol").addMechanismRealm("TestServer").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", "TestServer"));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        byte[] evaluateResponse2 = build.evaluateResponse(evaluateChallenge);
        log.debug("Server response:" + new String(evaluateResponse2, StandardCharsets.ISO_8859_1));
        createSaslClient.evaluateChallenge(evaluateResponse2);
        Assert.assertTrue(build.isComplete());
        Assert.assertTrue(createSaslClient.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    public void testBadPassword_PreHashedServer() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(REALM_PROPERTY, "TestRealm");
        hashMap.put(PRE_DIGESTED_PROPERTY, "true");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "bad", null));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        try {
            build.evaluateResponse(evaluateChallenge);
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testBadUsername_PreHashedServer() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(PRE_DIGESTED_PROPERTY, "true");
        hashMap.put(REALM_PROPERTY, "TestRealm");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("Borris").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "bad", null));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        try {
            build.evaluateResponse(evaluateChallenge);
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testBadRealm_PreHashedServer() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(REALM_PROPERTY, "TestRealm");
        hashMap.put(PRE_DIGESTED_PROPERTY, "true");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", "BadRealm"));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        try {
            build.evaluateResponse(evaluateChallenge);
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testSuccessfulExchange_PreHashedClient() throws Exception {
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("TestRealm").build();
        CallbackHandler createDigestPwdClientCallbackHandler = DigestCallbackHandlerUtils.createDigestPwdClientCallbackHandler("George", "gpwd", "TestRealm", null, "George");
        HashMap hashMap = new HashMap();
        hashMap.put(PRE_DIGESTED_PROPERTY, "true");
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", hashMap, createDigestPwdClientCallbackHandler);
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        build.evaluateResponse(createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0])));
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    public void testSuccessfulExchange_DefaultRealm_PreHashedClient() throws Exception {
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestServer")).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("TestServer").addMechanismRealm("TestRealm").build();
        CallbackHandler createDigestPwdClientCallbackHandler = DigestCallbackHandlerUtils.createDigestPwdClientCallbackHandler("George", "gpwd", "TestServer", null, "George");
        HashMap hashMap = new HashMap();
        hashMap.put(PRE_DIGESTED_PROPERTY, "true");
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", hashMap, createDigestPwdClientCallbackHandler);
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        build.evaluateResponse(createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0])));
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    public void testBadPassword_PreHashedClient() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(REALM_PROPERTY, "TestRealm");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        CallbackHandler createDigestPwdClientCallbackHandler = DigestCallbackHandlerUtils.createDigestPwdClientCallbackHandler("George", "bad", "TestRealm", null, "George");
        HashMap hashMap2 = new HashMap();
        hashMap2.put(PRE_DIGESTED_PROPERTY, "true");
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", hashMap2, createDigestPwdClientCallbackHandler);
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        try {
            build.evaluateResponse(createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0])));
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testBadUsername_PreHashedClient() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(REALM_PROPERTY, "TestRealm");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        CallbackHandler createDigestPwdClientCallbackHandler = DigestCallbackHandlerUtils.createDigestPwdClientCallbackHandler("Borris", "gpwd", "TestRealm", null, "George");
        HashMap hashMap2 = new HashMap();
        hashMap2.put(PRE_DIGESTED_PROPERTY, "true");
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", hashMap2, createDigestPwdClientCallbackHandler);
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        try {
            createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0]));
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testBadRealm_PreHashedClient() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(REALM_PROPERTY, "TestRealm");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").build();
        CallbackHandler createDigestPwdClientCallbackHandler = DigestCallbackHandlerUtils.createDigestPwdClientCallbackHandler("George", "gpwd", "BadRealm", "TestRealm", "George");
        HashMap hashMap2 = new HashMap();
        hashMap2.put(PRE_DIGESTED_PROPERTY, "true");
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", hashMap2, createDigestPwdClientCallbackHandler);
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        try {
            createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0]));
            Assert.fail("Expection exception not thrown.");
        } catch (IOException e) {
        }
    }

    @Test
    public void testSuccessfulExchangeWithIntegrityCheck() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(QOP_PROPERTY, "auth-int");
        hashMap.put("wildfly.security.sasl.digest.ciphers", "des,3des,rc4,rc4-40,rc4-56");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("TestServer").build();
        CallbackHandler createClearPwdClientCallbackHandler = DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", null);
        HashMap hashMap2 = new HashMap();
        hashMap2.put(QOP_PROPERTY, "auth-int");
        hashMap2.put("wildfly.security.sasl.digest.ciphers", "des,3des,rc4,rc4-40,rc4-56");
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", hashMap2, createClearPwdClientCallbackHandler);
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        createSaslClient.evaluateChallenge(build.evaluateResponse(createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0]))));
        Assert.assertTrue(createSaslClient.isComplete());
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
        byte[] wrap = build.wrap(new byte[]{18, 52, 86}, 0, 3);
        Assert.assertArrayEquals(new byte[]{18, 52, 86}, createSaslClient.unwrap(wrap, 0, wrap.length));
        byte[] wrap2 = createSaslClient.wrap(new byte[]{-85, -51, -17}, 0, 3);
        Assert.assertArrayEquals(new byte[]{-85, -51, -17}, build.unwrap(wrap2, 0, wrap2.length));
    }

    @Test
    public void testSuccessfulExchangeWithPrivacyProtection() throws Exception {
        testSuccessfulExchangeWithPrivacyProtection("3des");
        testSuccessfulExchangeWithPrivacyProtection("des");
        testSuccessfulExchangeWithPrivacyProtection("rc4");
        testSuccessfulExchangeWithPrivacyProtection("rc4-40");
        testSuccessfulExchangeWithPrivacyProtection("rc4-56");
    }

    private void testSuccessfulExchangeWithPrivacyProtection(String str) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(QOP_PROPERTY, "auth-conf");
        hashMap.put("wildfly.security.sasl.digest.ciphers", "des,3des,rc4,rc4-40,rc4-56");
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProperties(hashMap).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("TestServer").build();
        CallbackHandler createClearPwdClientCallbackHandler = DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", null);
        HashMap hashMap2 = new HashMap();
        hashMap2.put(QOP_PROPERTY, "auth-conf");
        hashMap2.put("wildfly.security.sasl.digest.ciphers", str);
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", hashMap2, createClearPwdClientCallbackHandler);
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        createSaslClient.evaluateChallenge(build.evaluateResponse(createSaslClient.evaluateChallenge(build.evaluateResponse(new byte[0]))));
        Assert.assertTrue(createSaslClient.isComplete());
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
        byte[] wrap = build.wrap(new byte[]{18, 52, 86}, 0, 3);
        Assert.assertArrayEquals(new byte[]{18, 52, 86}, createSaslClient.unwrap(wrap, 0, wrap.length));
        byte[] wrap2 = createSaslClient.wrap(new byte[]{-85, -51, -17}, 0, 3);
        Assert.assertArrayEquals(new byte[]{-85, -51, -17}, build.unwrap(wrap2, 0, wrap2.length));
    }

    @Test
    public void testSuccessfulExchangeNullAuthorizationId() throws Exception {
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("TestRealm").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, (String) null, "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", "TestRealm"));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        build.evaluateResponse(evaluateChallenge);
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    @Test
    public void testSuccessfulExchangeEmptyAuthorizationId() throws Exception {
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProtocol("TestProtocol").setServerName("TestServer").addMechanismRealm("TestRealm").build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "", "TestProtocol", "TestServer", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", "TestRealm"));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        build.evaluateResponse(evaluateChallenge);
        Assert.assertTrue(build.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
    }

    private KeySpec getDigestKeySpec(String str, String str2, String str3) throws NoSuchAlgorithmException {
        return new DigestPasswordSpec(str, str3, new UsernamePasswordHashUtil().generateHashedURP(str, str3, str2.toCharArray()));
    }

    @Test
    public void testUnboundServerName() throws Exception {
        SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("digest-md5", getDigestKeySpec("George", "gpwd", "TestRealm")).setProperties(new HashMap()).setProtocol("TestProtocol").addMechanismRealm("TestRealm").setServerName(null).build();
        SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer5", Collections.emptyMap(), DigestCallbackHandlerUtils.createClearPwdClientCallbackHandler("George", "gpwd", null));
        Assert.assertFalse(createSaslClient.hasInitialResponse());
        byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
        log.debug("Challenge:" + new String(evaluateResponse, StandardCharsets.ISO_8859_1));
        byte[] evaluateChallenge = createSaslClient.evaluateChallenge(evaluateResponse);
        log.debug("Client response:" + new String(evaluateChallenge, StandardCharsets.ISO_8859_1));
        byte[] evaluateResponse2 = build.evaluateResponse(evaluateChallenge);
        log.debug("Server response:" + new String(evaluateResponse2, StandardCharsets.ISO_8859_1));
        createSaslClient.evaluateChallenge(evaluateResponse2);
        Assert.assertTrue(build.isComplete());
        Assert.assertTrue(createSaslClient.isComplete());
        Assert.assertEquals("George", build.getAuthorizationID());
        Assert.assertEquals("TestServer5", build.getNegotiatedProperty("javax.security.sasl.bound.server.name"));
    }
}
