package net.shibboleth.metadata.validate.x509;

import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import javax.annotation.Nonnull;
import net.shibboleth.metadata.ErrorStatus;
import net.shibboleth.metadata.testing.MockItem;
import net.shibboleth.metadata.validate.Validator;
import net.shibboleth.metadata.validate.x509.testing.BaseX509ValidatorTest;
import org.springframework.core.io.Resource;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/metadata/validate/x509/MDA183Test.class */
public class MDA183Test extends BaseX509ValidatorTest {
    static final /* synthetic */ boolean $assertionsDisabled;

    protected MDA183Test() throws Exception {
        super(MDA183Test.class);
    }

    private void verifyKey(KeyStore keyStore, @Nonnull String str, String str2, Validator<X509Certificate> validator, int i) throws Exception {
        Key key = keyStore.getKey(str, str2.toCharArray());
        Assert.assertTrue(key instanceof RSAPrivateKey);
        Assert.assertEquals(((RSAPrivateKey) key).getModulus().bitLength(), i);
        Certificate certificate = keyStore.getCertificate(str);
        if (!$assertionsDisabled && certificate == null) {
            throw new AssertionError();
        }
        MockItem mockItem = new MockItem("mock");
        validator.validate((X509Certificate) certificate, mockItem, str);
        if (mockItem.getItemMetadata().get(ErrorStatus.class).size() == 0) {
            Assert.fail("certificate " + str + " was not matched");
        }
    }

    @Test
    public void testMDA183jetty() throws Exception {
        Validator<X509Certificate> compromisedKeyValidator = getCompromisedKeyValidator(1024);
        Validator<X509Certificate> compromisedKeyValidator2 = getCompromisedKeyValidator(2048);
        Resource classpathResource = getClasspathResource("keystore.jks");
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(classpathResource.getInputStream(), "storepwd".toCharArray());
        verifyKey(keyStore, "jetty", "keypwd", compromisedKeyValidator2, 2048);
        verifyKey(keyStore, "mykey", "keypwd", compromisedKeyValidator, 1024);
    }

    static {
        $assertionsDisabled = !MDA183Test.class.desiredAssertionStatus();
    }
}
