package org.opensaml.xmlsec.signature.support.tests;

import java.util.List;
import javax.xml.bind.ValidationException;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import net.shibboleth.utilities.java.support.xml.ElementSupport;
import net.shibboleth.utilities.java.support.xml.SerializeSupport;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
import org.apache.xml.security.signature.SignedInfo;
import org.apache.xml.security.signature.XMLSignature;
import org.opensaml.core.testing.XMLObjectBaseTestCase;
import org.opensaml.core.xml.XMLObjectBuilder;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.core.xml.io.UnmarshallingException;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.credential.CredentialSupport;
import org.opensaml.security.crypto.KeySupport;
import org.opensaml.xmlsec.keyinfo.KeyInfoSupport;
import org.opensaml.xmlsec.mock.SignableSimpleXMLObject;
import org.opensaml.xmlsec.mock.SignableSimpleXMLObjectBuilder;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.opensaml.xmlsec.signature.KeyName;
import org.opensaml.xmlsec.signature.Signature;
import org.opensaml.xmlsec.signature.impl.SignatureImpl;
import org.opensaml.xmlsec.signature.support.DocumentInternalIDContentReference;
import org.opensaml.xmlsec.signature.support.SignatureException;
import org.opensaml.xmlsec.signature.support.SignatureValidator;
import org.opensaml.xmlsec.signature.support.Signer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import org.w3c.dom.Element;

/* loaded from: input_file:org/opensaml/xmlsec/signature/support/tests/HMACSignatureTest.class */
public class HMACSignatureTest extends XMLObjectBaseTestCase {
    private Credential goodCredential;
    private Credential badCredential;
    private SignableSimpleXMLObjectBuilder sxoBuilder;
    private XMLObjectBuilder<Signature> sigBuilder;
    private XMLObjectBuilder<KeyInfo> keyInfoBuilder;
    private Integer hmacOutputLength;
    private String expectedKeyName;
    private final Logger log = LoggerFactory.getLogger(HMACSignatureTest.class);
    private String algoURI = "http://www.w3.org/2000/09/xmldsig#hmac-sha1";

    @BeforeMethod
    protected void setUp() throws Exception {
        this.hmacOutputLength = 160;
        this.expectedKeyName = "KeyFoo123";
        this.goodCredential = CredentialSupport.getSimpleCredential(KeySupport.generateKey("AES", 128, (String) null));
        this.badCredential = CredentialSupport.getSimpleCredential(KeySupport.generateKey("AES", 128, (String) null));
        this.sxoBuilder = new SignableSimpleXMLObjectBuilder();
        this.sigBuilder = XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(Signature.DEFAULT_ELEMENT_NAME);
        this.keyInfoBuilder = XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(KeyInfo.DEFAULT_ELEMENT_NAME);
    }

    @Test
    public void testSigningAndVerificationNoOutputLength() throws MarshallingException, ValidationException, SignatureException {
        SignableSimpleXMLObject xMLObjectWithSignature = getXMLObjectWithSignature(false);
        Signature signature = xMLObjectWithSignature.getSignature();
        Element marshall = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(xMLObjectWithSignature).marshall(xMLObjectWithSignature);
        Signer.signObject(signature);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Marshalled Signature: \n" + SerializeSupport.nodeToString(marshall));
        }
        SignatureValidator.validate(signature, this.goodCredential);
        try {
            SignatureValidator.validate(signature, this.badCredential);
            Assert.fail("Validated signature with invalid secret key");
        } catch (SignatureException e) {
        }
    }

    @Test
    public void testSigningAndVerificationWithOutputLength() throws MarshallingException, SignatureException {
        SignableSimpleXMLObject xMLObjectWithSignature = getXMLObjectWithSignature(true);
        Signature signature = xMLObjectWithSignature.getSignature();
        Element marshall = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(xMLObjectWithSignature).marshall(xMLObjectWithSignature);
        Signer.signObject(signature);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Marshalled Signature: \n" + SerializeSupport.nodeToString(marshall));
        }
        SignatureValidator.validate(signature, this.goodCredential);
        try {
            SignatureValidator.validate(signature, this.badCredential);
            Assert.fail("Validated signature with invalid secret key");
        } catch (SignatureException e) {
        }
    }

    @Test
    public void testUnmarshallNoOutputLength() throws XMLParserException, UnmarshallingException {
        Element documentElement = parserPool.parse(HMACSignatureTest.class.getResourceAsStream("/org/opensaml/xmlsec/signature/support/HMACSignatureNoOutputLength.xml")).getDocumentElement();
        SignableSimpleXMLObject unmarshall = XMLObjectProviderRegistrySupport.getUnmarshallerFactory().getUnmarshaller(documentElement).unmarshall(documentElement);
        Assert.assertEquals(unmarshall.getId(), "FOO", "Id attribute was not expected value");
        Signature signature = unmarshall.getSignature();
        Assert.assertNotNull(signature, "Signature was null");
        KeyInfo keyInfo = signature.getKeyInfo();
        Assert.assertNotNull(keyInfo, "Signature's KeyInfo was null");
        KeyName keyName = (KeyName) keyInfo.getKeyNames().get(0);
        Assert.assertNotNull(keyName, "KeyName was null");
        Assert.assertNotNull(StringSupport.trimOrNull(keyName.getValue()), "KeyName value was empty");
        Assert.assertNull(signature.getHMACOutputLength(), "HMACOutputLength value was not null");
    }

    @Test
    public void testUnmarshallWithOutputLength() throws XMLParserException, UnmarshallingException {
        Element documentElement = parserPool.parse(HMACSignatureTest.class.getResourceAsStream("/org/opensaml/xmlsec/signature/support/HMACSignatureWithOutputLength.xml")).getDocumentElement();
        SignableSimpleXMLObject unmarshall = XMLObjectProviderRegistrySupport.getUnmarshallerFactory().getUnmarshaller(documentElement).unmarshall(documentElement);
        Assert.assertEquals(unmarshall.getId(), "FOO", "Id attribute was not expected value");
        Signature signature = unmarshall.getSignature();
        Assert.assertNotNull(signature, "Signature was null");
        KeyInfo keyInfo = signature.getKeyInfo();
        Assert.assertNotNull(keyInfo, "Signature's KeyInfo was null");
        KeyName keyName = (KeyName) keyInfo.getKeyNames().get(0);
        Assert.assertNotNull(keyName, "KeyName was null");
        Assert.assertNotNull(StringSupport.trimOrNull(keyName.getValue()), "KeyName value was empty");
        Assert.assertNotNull(signature.getHMACOutputLength(), "HMACOutputLength value was null");
        Assert.assertEquals(signature.getHMACOutputLength(), this.hmacOutputLength, "HMACOutputLength value was incorrect value");
    }

    @Test
    public void testMarshallNoOutputLength() throws MarshallingException {
        SignableSimpleXMLObject xMLObjectWithSignature = getXMLObjectWithSignature(false);
        SignatureImpl signature = xMLObjectWithSignature.getSignature();
        XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(xMLObjectWithSignature).marshall(xMLObjectWithSignature);
        Assert.assertNotNull(signature.getDOM(), "Signature DOM was null");
        XMLSignature xMLSignature = signature.getXMLSignature();
        Assert.assertNotNull(xMLSignature, "Apache XMLSignature was null");
        SignedInfo signedInfo = xMLSignature.getSignedInfo();
        Assert.assertNotNull(signedInfo, "Apache SignedInfo was null");
        Assert.assertTrue(ElementSupport.getChildElementsByTagNameNS(signedInfo.getSignatureMethodElement(), "http://www.w3.org/2000/09/xmldsig#", "HMACOutputLength").isEmpty(), "Signature method should not have HMACOutputLength child");
    }

    @Test
    public void testMarshallWithOutputLength() throws MarshallingException {
        SignableSimpleXMLObject xMLObjectWithSignature = getXMLObjectWithSignature(true);
        SignatureImpl signature = xMLObjectWithSignature.getSignature();
        XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(xMLObjectWithSignature).marshall(xMLObjectWithSignature);
        Assert.assertNotNull(signature.getDOM(), "Signature DOM was null");
        XMLSignature xMLSignature = signature.getXMLSignature();
        Assert.assertNotNull(xMLSignature, "Apache XMLSignature was null");
        SignedInfo signedInfo = xMLSignature.getSignedInfo();
        Assert.assertNotNull(signedInfo, "Apache SignedInfo was null");
        List childElementsByTagNameNS = ElementSupport.getChildElementsByTagNameNS(signedInfo.getSignatureMethodElement(), "http://www.w3.org/2000/09/xmldsig#", "HMACOutputLength");
        Assert.assertFalse(childElementsByTagNameNS.isEmpty(), "Signature method should have HMACOutputLength child");
        String trimOrNull = StringSupport.trimOrNull(((Element) childElementsByTagNameNS.get(0)).getTextContent());
        Assert.assertNotNull(trimOrNull, "Output length value was empty");
        Assert.assertEquals(Integer.valueOf(trimOrNull), this.hmacOutputLength, "Output length was not the expected value");
    }

    private SignableSimpleXMLObject getXMLObjectWithSignature(boolean z) {
        SignableSimpleXMLObject buildObject = this.sxoBuilder.buildObject();
        buildObject.setId("FOO");
        Signature signature = (Signature) this.sigBuilder.buildObject(Signature.DEFAULT_ELEMENT_NAME);
        signature.setSigningCredential(this.goodCredential);
        signature.setCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
        signature.setSignatureAlgorithm(this.algoURI);
        if (z) {
            signature.setHMACOutputLength(this.hmacOutputLength);
        }
        DocumentInternalIDContentReference documentInternalIDContentReference = new DocumentInternalIDContentReference("FOO");
        documentInternalIDContentReference.getTransforms().add("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
        documentInternalIDContentReference.getTransforms().add("http://www.w3.org/2001/10/xml-exc-c14n#");
        documentInternalIDContentReference.setDigestAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
        signature.getContentReferences().add(documentInternalIDContentReference);
        KeyInfo buildObject2 = this.keyInfoBuilder.buildObject(KeyInfo.DEFAULT_ELEMENT_NAME);
        KeyInfoSupport.addKeyName(buildObject2, this.expectedKeyName);
        signature.setKeyInfo(buildObject2);
        buildObject.setSignature(signature);
        return buildObject;
    }
}
