package net.shibboleth.metadata.validate.x509;

import java.security.cert.X509Certificate;
import net.shibboleth.metadata.MockItem;
import net.shibboleth.metadata.validate.Validator;
import org.springframework.core.io.ClassPathResource;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/metadata/validate/x509/X509RSAOpenSSLBlacklistValidatorTest.class */
public class X509RSAOpenSSLBlacklistValidatorTest extends BaseX509ValidatorTest {
    public X509RSAOpenSSLBlacklistValidatorTest() throws Exception {
        super(X509RSAOpenSSLBlacklistValidator.class);
    }

    @Test
    public void testNotBlacklisted() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLBlacklistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(getCertificate("ok.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 0, 0);
    }

    @Test
    public void test1024on1024noRestriction() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLBlacklistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(getCertificate("1024.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 1, 0);
    }

    @Test
    public void test1024on1024Restricted() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLBlacklistValidator.setKeySize(1024);
        x509RSAOpenSSLBlacklistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(getCertificate("1024.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 1, 0);
    }

    @Test
    public void test1024on1024Restricted2() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLBlacklistValidator.setKeySize(2048);
        x509RSAOpenSSLBlacklistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(getCertificate("1024.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 0, 0);
    }

    @Test
    public void test2048on1024noRestriction() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLBlacklistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        X509Certificate certificate = getCertificate("2048.pem");
        x509RSAOpenSSLBlacklistValidator.validate(certificate, mockItem, "stage");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(certificate, mockItem, "stage"), Validator.Action.CONTINUE);
    }

    @Test
    public void test2048on2048noRestriction() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("2048.txt"));
        x509RSAOpenSSLBlacklistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        X509Certificate certificate = getCertificate("2048.pem");
        x509RSAOpenSSLBlacklistValidator.validate(certificate, mockItem, "stage");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(certificate, mockItem, "stage"), Validator.Action.CONTINUE);
    }

    @Test
    public void test2048on2048Restricted() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("2048.txt"));
        x509RSAOpenSSLBlacklistValidator.setKeySize(2048);
        x509RSAOpenSSLBlacklistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        X509Certificate certificate = getCertificate("2048.pem");
        x509RSAOpenSSLBlacklistValidator.validate(certificate, mockItem, "stage");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(certificate, mockItem, "stage"), Validator.Action.CONTINUE);
    }

    @Test
    public void test2048on2048Restricted2() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("2048.txt"));
        x509RSAOpenSSLBlacklistValidator.setKeySize(1024);
        x509RSAOpenSSLBlacklistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(getCertificate("2048.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 0, 0);
    }

    @Test
    public void testBlankLineIssue9() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(getClasspathResource("issue9.txt"));
        x509RSAOpenSSLBlacklistValidator.initialize();
    }

    @Test
    public void classPathResource() throws Exception {
        X509RSAOpenSSLBlacklistValidator x509RSAOpenSSLBlacklistValidator = new X509RSAOpenSSLBlacklistValidator();
        x509RSAOpenSSLBlacklistValidator.setBlacklistResource(new ClassPathResource("net/shibboleth/metadata/validate/x509/debian-2048.txt"));
        x509RSAOpenSSLBlacklistValidator.setKeySize(2048);
        x509RSAOpenSSLBlacklistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLBlacklistValidator.validate(getCertificate("2048.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 1, 0);
    }
}
