package org.opensaml.security.crypto;

import java.io.InputStream;
import java.security.InvalidParameterException;
import java.security.KeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.SecretKey;
import org.opensaml.security.SecurityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testng.Assert;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;

/* loaded from: input_file:org/opensaml/security/crypto/KeySupportTest.class */
public class KeySupportTest {
    private final Logger log = LoggerFactory.getLogger(KeySupportTest.class);
    private String rsaPrivKeyPEMNoEncrypt = "/data/rsa-privkey-nopass.pem";
    private String rsaPrivKeyDERNoEncrypt = "/data/rsa-privkey-nopass.der";
    private String dsaPrivKeyPEMNoEncrypt = "/data/dsa-privkey-nopass.pem";
    private String dsaPrivKeyDERNoEncrypt = "/data/dsa-privkey-nopass.der";
    private char[] privKeyPassword = {'c', 'h', 'a', 'n', 'g', 'e', 'i', 't'};
    private String rsaPrivKeyPEMEncrypt = "/data/rsa-privkey-changeit-pass.pem";
    private String dsaPrivKeyPEMEncrypt = "/data/dsa-privkey-changeit-pass.pem";
    private String ecPrivKeyPEMNoEncrypt = "/data/ec-privkey-nopass.pem";

    @Test
    public void testDecodeRSAPrivateKeyPEMNoEncrypt() throws Exception {
        testPrivKey(this.rsaPrivKeyPEMNoEncrypt, null, "RSA");
    }

    @Test
    public void testDecodeRSAPrivateKeyPEMEncrypt() throws Exception {
        testPrivKey(this.rsaPrivKeyPEMEncrypt, this.privKeyPassword, "RSA");
    }

    @Test
    public void testDecodeRSAPrivateKeyDERNoEncrypt() throws Exception {
        testPrivKey(this.rsaPrivKeyDERNoEncrypt, null, "RSA");
    }

    @Test
    public void testDecodeDSAPrivateKeyPEMNoEncrypt() throws Exception {
        testPrivKey(this.dsaPrivKeyPEMNoEncrypt, null, "DSA");
    }

    @Test
    public void testDecodeDSAPrivateKeyPEMEncrypt() throws Exception {
        testPrivKey(this.dsaPrivKeyPEMEncrypt, this.privKeyPassword, "DSA");
    }

    @Test
    public void testDecodeDSAPrivateKeyDERNoEncrypt() throws Exception {
        testPrivKey(this.dsaPrivKeyDERNoEncrypt, null, "DSA");
    }

    @Test
    public void testDecodeECPrivateKeyPEMNoEncrypt() throws Exception {
        testPrivKey(this.ecPrivKeyPEMNoEncrypt, null, "EC");
    }

    @Test
    public void testDerivePublicKey() throws Exception {
        PrivateKey testPrivKey = testPrivKey(this.rsaPrivKeyPEMNoEncrypt, null, "RSA");
        PublicKey derivePublicKey = KeySupport.derivePublicKey(testPrivKey);
        Assert.assertNotNull(derivePublicKey);
        Assert.assertEquals(derivePublicKey.getAlgorithm(), "RSA");
        Assert.assertTrue(KeySupport.matchKeyPair(derivePublicKey, testPrivKey));
        PrivateKey testPrivKey2 = testPrivKey(this.dsaPrivKeyPEMNoEncrypt, null, "DSA");
        PublicKey derivePublicKey2 = KeySupport.derivePublicKey(testPrivKey2);
        Assert.assertNotNull(derivePublicKey2);
        Assert.assertEquals(derivePublicKey2.getAlgorithm(), "DSA");
        Assert.assertTrue(KeySupport.matchKeyPair(derivePublicKey2, testPrivKey2));
    }

    @Test
    public void testKeyPairMatching() throws NoSuchAlgorithmException, NoSuchProviderException, SecurityException {
        KeyPair generateKeyPair = KeySupport.generateKeyPair("RSA", 1024, (String) null);
        KeyPair generateKeyPair2 = KeySupport.generateKeyPair("RSA", 1024, (String) null);
        KeyPair generateKeyPair3 = KeySupport.generateKeyPair("DSA", 1024, (String) null);
        KeyPair generateKeyPair4 = KeySupport.generateKeyPair("DSA", 1024, (String) null);
        Assert.assertTrue(KeySupport.matchKeyPair(generateKeyPair.getPublic(), generateKeyPair.getPrivate()));
        Assert.assertTrue(KeySupport.matchKeyPair(generateKeyPair2.getPublic(), generateKeyPair2.getPrivate()));
        Assert.assertFalse(KeySupport.matchKeyPair(generateKeyPair.getPublic(), generateKeyPair2.getPrivate()));
        Assert.assertFalse(KeySupport.matchKeyPair(generateKeyPair2.getPublic(), generateKeyPair.getPrivate()));
        Assert.assertTrue(KeySupport.matchKeyPair(generateKeyPair3.getPublic(), generateKeyPair3.getPrivate()));
        Assert.assertTrue(KeySupport.matchKeyPair(generateKeyPair4.getPublic(), generateKeyPair4.getPrivate()));
        Assert.assertFalse(KeySupport.matchKeyPair(generateKeyPair3.getPublic(), generateKeyPair4.getPrivate()));
        Assert.assertFalse(KeySupport.matchKeyPair(generateKeyPair4.getPublic(), generateKeyPair3.getPrivate()));
        try {
            Assert.assertFalse(KeySupport.matchKeyPair(generateKeyPair.getPublic(), generateKeyPair4.getPrivate()));
            Assert.fail("Key algorithm mismatch should have caused evaluation failure");
        } catch (SecurityException e) {
        }
        try {
            Assert.assertFalse(KeySupport.matchKeyPair(generateKeyPair.getPublic(), (PrivateKey) null));
            Assert.fail("Null key should have caused failure");
        } catch (SecurityException e2) {
        }
        try {
            Assert.assertFalse(KeySupport.matchKeyPair((PublicKey) null, generateKeyPair.getPrivate()));
            Assert.fail("Key algorithm mismatch should have caused evaluation failure");
        } catch (SecurityException e3) {
        }
    }

    @Test
    public void testKeyLength() throws NoSuchAlgorithmException, NoSuchProviderException {
        KeyPair generateKeyPair = KeySupport.generateKeyPair("RSA", 1024, (String) null);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair.getPublic()), 1024);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair.getPrivate()), 1024);
        KeyPair generateKeyPair2 = KeySupport.generateKeyPair("RSA", 2048, (String) null);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair2.getPublic()), 2048);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair2.getPrivate()), 2048);
        KeyPair generateKeyPair3 = KeySupport.generateKeyPair("RSA", 4096, (String) null);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair3.getPublic()), 4096);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair3.getPrivate()), 4096);
        KeyPair generateKeyPair4 = KeySupport.generateKeyPair("DSA", 512, (String) null);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair4.getPublic()), 512);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair4.getPrivate()), 512);
        KeyPair generateKeyPair5 = KeySupport.generateKeyPair("DSA", 1024, (String) null);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair5.getPublic()), 1024);
        Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair5.getPrivate()), 1024);
        try {
            KeyPair generateKeyPair6 = KeySupport.generateKeyPair("EC", 112, (String) null);
            Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair6.getPublic()), 112);
            Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair6.getPrivate()), 112);
        } catch (InvalidParameterException | NoSuchAlgorithmException e) {
            this.log.warn("EC-112 failed", e);
        }
        try {
            KeyPair generateKeyPair7 = KeySupport.generateKeyPair("EC", 256, (String) null);
            Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair7.getPublic()), 256);
            Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair7.getPrivate()), 256);
        } catch (InvalidParameterException | NoSuchAlgorithmException e2) {
            this.log.warn("EC-256 failed", e2);
        }
        try {
            KeyPair generateKeyPair8 = KeySupport.generateKeyPair("EC", 571, (String) null);
            Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair8.getPublic()), 571);
            Assert.assertEquals(KeySupport.getKeyLength(generateKeyPair8.getPrivate()), 571);
        } catch (InvalidParameterException | NoSuchAlgorithmException e3) {
            this.log.warn("EC-571 failed", e3);
        }
        Assert.assertEquals(KeySupport.getKeyLength(KeySupport.generateKey("AES", 128, (String) null)), 128);
        Assert.assertEquals(KeySupport.getKeyLength(KeySupport.generateKey("AES", 192, (String) null)), 192);
        Assert.assertEquals(KeySupport.getKeyLength(KeySupport.generateKey("AES", 256, (String) null)), 256);
        Assert.assertEquals(KeySupport.getKeyLength(KeySupport.generateKey("DES", 56, (String) null)), 64);
        Assert.assertEquals(KeySupport.getKeyLength(KeySupport.generateKey("DESede", 112, (String) null)), 192);
        Assert.assertEquals(KeySupport.getKeyLength(KeySupport.generateKey("DESede", 168, (String) null)), 192);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public Object[][] decodeSecretKeyData() {
        return new Object[]{new Object[]{128, "AES"}, new Object[]{192, "AES"}, new Object[]{256, "AES"}, new Object[]{64, "DES"}, new Object[]{168, "DESede"}, new Object[]{192, "DESede"}};
    }

    @Test(dataProvider = "decodeSecretKeyData")
    public void testDecodeSecretKey(Integer num, String str) throws NoSuchAlgorithmException, KeyException {
        byte[] bArr = new byte[num.intValue() / 8];
        SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
        SecretKey decodeSecretKey = KeySupport.decodeSecretKey(bArr, str);
        Assert.assertNotNull(decodeSecretKey);
        Assert.assertEquals(decodeSecretKey.getAlgorithm(), str);
        Assert.assertEquals(decodeSecretKey.getEncoded(), bArr);
    }

    protected PrivateKey testPrivKey(String str, char[] cArr, String str2) throws Exception {
        InputStream resourceAsStream = KeySupportTest.class.getResourceAsStream(str);
        byte[] bArr = new byte[resourceAsStream.available()];
        resourceAsStream.read(bArr);
        PrivateKey decodePrivateKey = KeySupport.decodePrivateKey(bArr, cArr);
        Assert.assertNotNull(decodePrivateKey);
        Assert.assertEquals(decodePrivateKey.getAlgorithm(), str2);
        PrivateKey decodePrivateKey2 = KeySupport.decodePrivateKey(KeySupportTest.class.getResourceAsStream(str), cArr);
        Assert.assertNotNull(decodePrivateKey2);
        Assert.assertEquals(decodePrivateKey2.getAlgorithm(), str2);
        return decodePrivateKey2;
    }
}
