package net.shibboleth.metadata.validate.x509;

import java.io.IOException;
import java.security.cert.X509Certificate;
import net.shibboleth.metadata.testing.MockItem;
import net.shibboleth.metadata.validate.Validator;
import net.shibboleth.metadata.validate.x509.testing.BaseX509ValidatorTest;
import net.shibboleth.shared.component.ComponentInitializationException;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/metadata/validate/x509/X509RSAOpenSSLKeylistValidatorTest.class */
public class X509RSAOpenSSLKeylistValidatorTest extends BaseX509ValidatorTest {
    public X509RSAOpenSSLKeylistValidatorTest() throws Exception {
        super(X509RSAOpenSSLKeylistValidator.class);
    }

    @Test
    @Deprecated(forRemoval = true, since = "0.10.0")
    public void testNotBadLegacy() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setBlacklistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(getCertificate("ok.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 0, 0);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    @Deprecated(forRemoval = true, since = "0.10.0")
    public void testGetResourceLegacy() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setId("test");
        Assert.assertNull(x509RSAOpenSSLKeylistValidator.getBlacklistResource());
        Resource classpathResource = getClasspathResource("1024.txt");
        Assert.assertNotNull(classpathResource);
        x509RSAOpenSSLKeylistValidator.setBlacklistResource(classpathResource);
        Assert.assertSame(x509RSAOpenSSLKeylistValidator.getBlacklistResource(), classpathResource);
        x509RSAOpenSSLKeylistValidator.initialize();
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void testNotBad() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(getCertificate("ok.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 0, 0);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void test1024on1024noRestriction() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(getCertificate("1024.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 1, 0);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void test1024on1024Restricted() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLKeylistValidator.setKeySize(1024);
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(getCertificate("1024.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 1, 0);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void test1024on1024Restricted2() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLKeylistValidator.setKeySize(2048);
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(getCertificate("1024.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 0, 0);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void test2048on1024noRestriction() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("1024.txt"));
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        X509Certificate certificate = getCertificate("2048.pem");
        x509RSAOpenSSLKeylistValidator.validate(certificate, mockItem, "stage");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(certificate, mockItem, "stage"), Validator.Action.CONTINUE);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void test2048on2048noRestriction() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("2048.txt"));
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.getKeySize(), 0);
        MockItem mockItem = new MockItem("foo");
        X509Certificate certificate = getCertificate("2048.pem");
        x509RSAOpenSSLKeylistValidator.validate(certificate, mockItem, "stage");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(certificate, mockItem, "stage"), Validator.Action.CONTINUE);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void test2048on2048Restricted() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("2048.txt"));
        x509RSAOpenSSLKeylistValidator.setKeySize(2048);
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        X509Certificate certificate = getCertificate("2048.pem");
        x509RSAOpenSSLKeylistValidator.validate(certificate, mockItem, "stage");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(certificate, mockItem, "stage"), Validator.Action.CONTINUE);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void test2048on2048Restricted2() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("2048.txt"));
        x509RSAOpenSSLKeylistValidator.setKeySize(1024);
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(getCertificate("2048.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 0, 0);
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void testBlankLineIssue9() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(getClasspathResource("issue9.txt"));
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test
    public void mda198() throws Exception {
        Assert.assertNull(new X509RSAOpenSSLKeylistValidator().getId(), "unset ID should be null");
    }

    @Test
    public void mda219() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        Resource classpathResource = getClasspathResource("does-not-exist.txt");
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.setKeylistResource(classpathResource);
        try {
            x509RSAOpenSSLKeylistValidator.initialize();
            Assert.fail("expected exception");
        } catch (ComponentInitializationException e) {
            Throwable cause = e.getCause();
            Assert.assertNotNull(cause, "exception had no cause");
            Assert.assertTrue(cause instanceof IOException, "cause should have been an IOException");
        }
    }

    @Test
    public void testGetResource() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setId("test");
        Assert.assertNull(x509RSAOpenSSLKeylistValidator.getKeylistResource());
        Resource classpathResource = getClasspathResource("1024.txt");
        Assert.assertNotNull(classpathResource);
        x509RSAOpenSSLKeylistValidator.setKeylistResource(classpathResource);
        Assert.assertSame(x509RSAOpenSSLKeylistValidator.getKeylistResource(), classpathResource);
        x509RSAOpenSSLKeylistValidator.initialize();
        x509RSAOpenSSLKeylistValidator.destroy();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    public void testNoResource() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
    }

    @Test
    public void classPathResource() throws Exception {
        X509RSAOpenSSLKeylistValidator x509RSAOpenSSLKeylistValidator = new X509RSAOpenSSLKeylistValidator();
        x509RSAOpenSSLKeylistValidator.setKeylistResource(new ClassPathResource("net/shibboleth/metadata/keylists/rsa/debian-2048.txt"));
        x509RSAOpenSSLKeylistValidator.setKeySize(2048);
        x509RSAOpenSSLKeylistValidator.setId("test");
        x509RSAOpenSSLKeylistValidator.initialize();
        MockItem mockItem = new MockItem("foo");
        Assert.assertEquals(x509RSAOpenSSLKeylistValidator.validate(getCertificate("2048.pem"), mockItem, "stage"), Validator.Action.CONTINUE);
        errorsAndWarnings(mockItem, 1, 0);
    }
}
