package org.opensaml.saml.saml2.encryption.tests;

import com.google.common.base.Strings;
import java.util.ArrayList;
import java.util.List;
import org.opensaml.core.testing.XMLObjectBaseTestCase;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.Attribute;
import org.opensaml.saml.saml2.core.AttributeStatement;
import org.opensaml.saml.saml2.core.EncryptedAssertion;
import org.opensaml.saml.saml2.core.EncryptedAttribute;
import org.opensaml.saml.saml2.core.EncryptedID;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.NewEncryptedID;
import org.opensaml.saml.saml2.core.NewID;
import org.opensaml.saml.saml2.encryption.Encrypter;
import org.opensaml.security.credential.Credential;
import org.opensaml.xmlsec.algorithm.AlgorithmSupport;
import org.opensaml.xmlsec.encryption.support.DataEncryptionParameters;
import org.opensaml.xmlsec.encryption.support.EncryptionException;
import org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters;
import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoGenerator;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.opensaml.xmlsec.signature.KeyName;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:org/opensaml/saml/saml2/encryption/tests/SimpleEncryptionTest.class */
public class SimpleEncryptionTest extends XMLObjectBaseTestCase {
    private Encrypter encrypter;
    private DataEncryptionParameters encParams;
    private KeyEncryptionParameters kekParamsRSA;
    private List<KeyEncryptionParameters> kekParamsList;
    private KeyInfo keyInfo;
    private String expectedKeyName = "SuperSecretKey";
    private String algoURI = "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
    private String kekURIRSA = "http://www.w3.org/2001/04/xmlenc#rsa-1_5";

    @BeforeMethod
    protected void setUp() throws Exception {
        this.encParams = new DataEncryptionParameters();
        this.encParams.setAlgorithm(this.algoURI);
        this.encParams.setEncryptionCredential(AlgorithmSupport.generateSymmetricKeyAndCredential(this.algoURI));
        this.kekParamsRSA = new KeyEncryptionParameters();
        this.kekParamsRSA.setAlgorithm(this.kekURIRSA);
        this.kekParamsRSA.setEncryptionCredential(AlgorithmSupport.generateKeyPairAndCredential(this.kekURIRSA, 1024, false));
        this.kekParamsList = new ArrayList();
        this.keyInfo = buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
    }

    @Test
    public void testAssertion() {
        Assertion unmarshallElement = unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml");
        KeyName buildXMLObject = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setValue(this.expectedKeyName);
        this.keyInfo.getKeyNames().add(buildXMLObject);
        this.encParams.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.keyInfo));
        this.encrypter = new Encrypter(this.encParams, this.kekParamsList);
        EncryptedAssertion encryptedAssertion = null;
        try {
            encryptedAssertion = this.encrypter.encrypt(unmarshallElement);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedAssertion, "Encrypted object was null");
        Assert.assertTrue(encryptedAssertion instanceof EncryptedAssertion, "Encrypted object was not an instance of the expected type");
        EncryptedAssertion encryptedAssertion2 = encryptedAssertion;
        Assert.assertEquals(encryptedAssertion2.getEncryptedData().getType(), "http://www.w3.org/2001/04/xmlenc#Element", "Type attribute");
        Assert.assertEquals(encryptedAssertion2.getEncryptedData().getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedAssertion2.getEncryptedData().getKeyInfo(), "KeyInfo");
        Assert.assertEquals(((KeyName) encryptedAssertion2.getEncryptedData().getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKeyName, "KeyName");
        Assert.assertEquals(encryptedAssertion2.getEncryptedData().getKeyInfo().getEncryptedKeys().size(), 0, "Number of EncryptedKeys");
        Assert.assertFalse(Strings.isNullOrEmpty(encryptedAssertion2.getEncryptedData().getID()), "EncryptedData ID attribute was empty");
    }

    @Test
    public void testAssertionAsID() {
        Assertion unmarshallElement = unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml");
        KeyName buildXMLObject = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setValue(this.expectedKeyName);
        this.keyInfo.getKeyNames().add(buildXMLObject);
        this.encParams.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.keyInfo));
        this.encrypter = new Encrypter(this.encParams, this.kekParamsList);
        EncryptedID encryptedID = null;
        try {
            encryptedID = this.encrypter.encryptAsID(unmarshallElement);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedID, "Encrypted object was null");
        Assert.assertTrue(encryptedID instanceof EncryptedID, "Encrypted object was not an instance of the expected type");
        EncryptedID encryptedID2 = encryptedID;
        Assert.assertEquals(encryptedID2.getEncryptedData().getType(), "http://www.w3.org/2001/04/xmlenc#Element", "Type attribute");
        Assert.assertEquals(encryptedID2.getEncryptedData().getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedID2.getEncryptedData().getKeyInfo(), "KeyInfo");
        Assert.assertEquals(((KeyName) encryptedID2.getEncryptedData().getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKeyName, "KeyName");
        Assert.assertEquals(encryptedID2.getEncryptedData().getKeyInfo().getEncryptedKeys().size(), 0, "Number of EncryptedKeys");
        Assert.assertFalse(Strings.isNullOrEmpty(encryptedID2.getEncryptedData().getID()), "EncryptedData ID attribute was empty");
    }

    @Test
    public void testNameID() {
        NameID nameID = unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml").getSubject().getNameID();
        KeyName buildXMLObject = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setValue(this.expectedKeyName);
        this.keyInfo.getKeyNames().add(buildXMLObject);
        this.encParams.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.keyInfo));
        this.encrypter = new Encrypter(this.encParams, this.kekParamsList);
        EncryptedID encryptedID = null;
        try {
            encryptedID = this.encrypter.encrypt(nameID);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedID, "Encrypted object was null");
        Assert.assertTrue(encryptedID instanceof EncryptedID, "Encrypted object was not an instance of the expected type");
        EncryptedID encryptedID2 = encryptedID;
        Assert.assertEquals(encryptedID2.getEncryptedData().getType(), "http://www.w3.org/2001/04/xmlenc#Element", "Type attribute");
        Assert.assertEquals(encryptedID2.getEncryptedData().getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedID2.getEncryptedData().getKeyInfo(), "KeyInfo");
        Assert.assertEquals(((KeyName) encryptedID2.getEncryptedData().getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKeyName, "KeyName");
        Assert.assertEquals(encryptedID2.getEncryptedData().getKeyInfo().getEncryptedKeys().size(), 0, "Number of EncryptedKeys");
        Assert.assertFalse(Strings.isNullOrEmpty(encryptedID2.getEncryptedData().getID()), "EncryptedData ID attribute was empty");
    }

    @Test
    public void testAttribute() {
        Attribute attribute = (Attribute) ((AttributeStatement) unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml").getAttributeStatements().get(0)).getAttributes().get(0);
        KeyName buildXMLObject = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setValue(this.expectedKeyName);
        this.keyInfo.getKeyNames().add(buildXMLObject);
        this.encParams.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.keyInfo));
        this.encrypter = new Encrypter(this.encParams, this.kekParamsList);
        EncryptedAttribute encryptedAttribute = null;
        try {
            encryptedAttribute = this.encrypter.encrypt(attribute);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedAttribute, "Encrypted object was null");
        Assert.assertTrue(encryptedAttribute instanceof EncryptedAttribute, "Encrypted object was not an instance of the expected type");
        EncryptedAttribute encryptedAttribute2 = encryptedAttribute;
        Assert.assertEquals(encryptedAttribute2.getEncryptedData().getType(), "http://www.w3.org/2001/04/xmlenc#Element", "Type attribute");
        Assert.assertEquals(encryptedAttribute2.getEncryptedData().getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedAttribute2.getEncryptedData().getKeyInfo(), "KeyInfo");
        Assert.assertEquals(((KeyName) encryptedAttribute2.getEncryptedData().getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKeyName, "KeyName");
        Assert.assertEquals(encryptedAttribute2.getEncryptedData().getKeyInfo().getEncryptedKeys().size(), 0, "Number of EncryptedKeys");
        Assert.assertFalse(Strings.isNullOrEmpty(encryptedAttribute2.getEncryptedData().getID()), "EncryptedData ID attribute was empty");
    }

    @Test
    public void testNewID() {
        NewID buildXMLObject = buildXMLObject(NewID.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setValue("SomeNewID");
        KeyName buildXMLObject2 = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject2.setValue(this.expectedKeyName);
        this.keyInfo.getKeyNames().add(buildXMLObject2);
        this.encParams.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.keyInfo));
        this.encrypter = new Encrypter(this.encParams, this.kekParamsList);
        NewEncryptedID newEncryptedID = null;
        try {
            newEncryptedID = this.encrypter.encrypt(buildXMLObject);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(newEncryptedID, "Encrypted object was null");
        Assert.assertTrue(newEncryptedID instanceof NewEncryptedID, "Encrypted object was not an instance of the expected type");
        NewEncryptedID newEncryptedID2 = newEncryptedID;
        Assert.assertEquals(newEncryptedID2.getEncryptedData().getType(), "http://www.w3.org/2001/04/xmlenc#Element", "Type attribute");
        Assert.assertEquals(newEncryptedID2.getEncryptedData().getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(newEncryptedID2.getEncryptedData().getKeyInfo(), "KeyInfo");
        Assert.assertEquals(((KeyName) newEncryptedID2.getEncryptedData().getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKeyName, "KeyName");
        Assert.assertEquals(newEncryptedID2.getEncryptedData().getKeyInfo().getEncryptedKeys().size(), 0, "Number of EncryptedKeys");
        Assert.assertFalse(Strings.isNullOrEmpty(newEncryptedID2.getEncryptedData().getID()), "EncryptedData ID attribute was empty");
    }

    @Test
    public void testReuse() {
        Assertion unmarshallElement = unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml");
        Attribute attribute = (Attribute) ((AttributeStatement) unmarshallElement.getAttributeStatements().get(0)).getAttributes().get(0);
        Attribute attribute2 = (Attribute) ((AttributeStatement) unmarshallElement.getAttributeStatements().get(0)).getAttributes().get(1);
        KeyName buildXMLObject = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setValue(this.expectedKeyName);
        this.keyInfo.getKeyNames().add(buildXMLObject);
        this.encParams.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.keyInfo));
        this.encrypter = new Encrypter(this.encParams, this.kekParamsList);
        EncryptedAttribute encryptedAttribute = null;
        try {
            encryptedAttribute = this.encrypter.encrypt(attribute);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedAttribute, "Encrypted object was null");
        Assert.assertTrue(encryptedAttribute instanceof EncryptedAttribute, "Encrypted object was not an instance of the expected type");
        EncryptedAttribute encryptedAttribute2 = null;
        try {
            encryptedAttribute2 = this.encrypter.encrypt(attribute2);
        } catch (EncryptionException e2) {
            Assert.fail("Object encryption failed: " + e2);
        }
        Assert.assertNotNull(encryptedAttribute2, "Encrypted object was null");
        Assert.assertTrue(encryptedAttribute2 instanceof EncryptedAttribute, "Encrypted object was not an instance of the expected type");
    }

    @Test
    public void testAutoKeyGen() {
        Assertion unmarshallElement = unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml");
        this.encParams.setEncryptionCredential((Credential) null);
        this.kekParamsList.add(this.kekParamsRSA);
        this.encrypter = new Encrypter(this.encParams, this.kekParamsList);
        EncryptedAssertion encryptedAssertion = null;
        try {
            encryptedAssertion = this.encrypter.encrypt(unmarshallElement);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedAssertion, "Encrypted object was null");
        Assert.assertTrue(encryptedAssertion instanceof EncryptedAssertion, "Encrypted object was not an instance of the expected type");
    }

    @Test
    public void testAutoKeyGenNoKEK() {
        Assertion unmarshallElement = unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml");
        this.encParams.setEncryptionCredential((Credential) null);
        this.kekParamsList.clear();
        this.encrypter = new Encrypter(this.encParams, this.kekParamsList);
        try {
            this.encrypter.encrypt(unmarshallElement);
            Assert.fail("Object encryption should have failed: no KEK supplied with auto key generation for data encryption");
        } catch (EncryptionException e) {
        }
    }
}
