package org.opensaml.xmlsec.encryption.support.tests;

import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.SecretKey;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
import org.opensaml.core.testing.XMLObjectBaseTestCase;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.credential.CredentialSupport;
import org.opensaml.security.crypto.KeySupport;
import org.opensaml.security.testing.SecurityProviderTestSupport;
import org.opensaml.xmlsec.algorithm.AlgorithmSupport;
import org.opensaml.xmlsec.encryption.EncryptedData;
import org.opensaml.xmlsec.encryption.EncryptedKey;
import org.opensaml.xmlsec.encryption.MGF;
import org.opensaml.xmlsec.encryption.OAEPparams;
import org.opensaml.xmlsec.encryption.support.DataEncryptionParameters;
import org.opensaml.xmlsec.encryption.support.Encrypter;
import org.opensaml.xmlsec.encryption.support.EncryptionException;
import org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters;
import org.opensaml.xmlsec.encryption.support.RSAOAEPParameters;
import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoGenerator;
import org.opensaml.xmlsec.mock.SignableSimpleXMLObject;
import org.opensaml.xmlsec.signature.DigestMethod;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.opensaml.xmlsec.signature.KeyName;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import org.w3c.dom.Document;

/* loaded from: input_file:org/opensaml/xmlsec/encryption/support/tests/SimpleEncryptionTest.class */
public class SimpleEncryptionTest extends XMLObjectBaseTestCase {
    private Encrypter encrypter;
    private DataEncryptionParameters encParams;
    private List<KeyEncryptionParameters> kekParamsList;
    private KeyEncryptionParameters kekParamsAES;
    private KeyEncryptionParameters kekParamsRSA;
    private KeyInfo keyInfo;
    private KeyInfo kekKeyInfoAES;
    private KeyInfo kekKeyInfoRSA;
    private String expectedKEKKeyNameAES;
    private String expectedKEKKeyNameRSA;
    private SecurityProviderTestSupport providerSupport = new SecurityProviderTestSupport();
    private String expectedKeyName = "SuperSecretKey";
    private String expectedRecipientRSA = "CoolRecipientRSA";
    private String expectedRecipientAES = "CoolRecipientAES";
    private String targetFile = "/org/opensaml/xmlsec/encryption/support/SimpleEncryptionTest.xml";
    private String algoURI = "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
    private String kekURIRSA = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
    private String kekURIAES = "http://www.w3.org/2001/04/xmlenc#kw-aes128";

    public SimpleEncryptionTest() {
        this.expectedKEKKeyNameAES = "KEKKeyAES";
        this.expectedKEKKeyNameAES = "KEKKeyRSA";
    }

    @BeforeMethod
    protected void setUp() throws Exception {
        this.encrypter = new Encrypter();
        this.encParams = new DataEncryptionParameters();
        this.encParams.setAlgorithm(this.algoURI);
        this.encParams.setEncryptionCredential(AlgorithmSupport.generateSymmetricKeyAndCredential(this.algoURI));
        this.kekParamsList = new ArrayList();
        this.kekParamsAES = new KeyEncryptionParameters();
        this.kekParamsAES.setAlgorithm(this.kekURIAES);
        this.kekParamsAES.setEncryptionCredential(AlgorithmSupport.generateSymmetricKeyAndCredential(this.kekURIAES));
        this.kekParamsAES.setRecipient(this.expectedRecipientAES);
        this.kekParamsRSA = new KeyEncryptionParameters();
        this.kekParamsRSA.setAlgorithm(this.kekURIRSA);
        this.kekParamsRSA.setEncryptionCredential(AlgorithmSupport.generateKeyPairAndCredential(this.kekURIRSA, 1024, false));
        this.kekParamsRSA.setRecipient(this.expectedRecipientRSA);
        this.keyInfo = buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
        KeyName buildXMLObject = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setValue(this.expectedKeyName);
        this.keyInfo.getKeyNames().add(buildXMLObject);
        this.kekKeyInfoAES = buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
        KeyName buildXMLObject2 = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject2.setValue(this.expectedKEKKeyNameAES);
        this.kekKeyInfoAES.getKeyNames().add(buildXMLObject2);
        this.kekKeyInfoRSA = buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
        KeyName buildXMLObject3 = buildXMLObject(KeyName.DEFAULT_ELEMENT_NAME);
        buildXMLObject3.setValue(this.expectedKEKKeyNameRSA);
        this.kekKeyInfoRSA.getKeyNames().add(buildXMLObject3);
    }

    @Test
    public void testEncryptDataWithKeyNameNoKEK() {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        this.encParams.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.keyInfo));
        EncryptedData encryptedData = null;
        try {
            encryptedData = this.encrypter.encryptElement(unmarshallElement, this.encParams);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedData);
        Assert.assertEquals(encryptedData.getType(), "http://www.w3.org/2001/04/xmlenc#Element", "Type attribute");
        Assert.assertEquals(encryptedData.getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedData.getKeyInfo(), "KeyInfo");
        Assert.assertEquals(((KeyName) encryptedData.getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKeyName, "KeyName");
        Assert.assertEquals(encryptedData.getKeyInfo().getEncryptedKeys().size(), 0, "Number of EncryptedKeys");
    }

    @Test
    public void testEncryptDataSingleKEK() {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        this.kekParamsRSA.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoRSA));
        EncryptedData encryptedData = null;
        try {
            encryptedData = this.encrypter.encryptElement(unmarshallElement, this.encParams, this.kekParamsRSA);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedData);
        Assert.assertEquals(encryptedData.getType(), "http://www.w3.org/2001/04/xmlenc#Element", "Type attribute");
        Assert.assertEquals(encryptedData.getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedData.getKeyInfo(), "KeyInfo");
        List encryptedKeys = encryptedData.getKeyInfo().getEncryptedKeys();
        Assert.assertEquals(encryptedData.getKeyInfo().getEncryptedKeys().size(), 1, "Number of EncryptedKeys");
        checkKEKRSA((EncryptedKey) encryptedKeys.get(0), true);
    }

    @Test
    public void testEncryptDataMultipleKEK() {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        this.kekParamsRSA.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoRSA));
        this.kekParamsAES.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoAES));
        this.kekParamsList.add(this.kekParamsRSA);
        this.kekParamsList.add(this.kekParamsAES);
        EncryptedData encryptedData = null;
        try {
            encryptedData = this.encrypter.encryptElement(unmarshallElement, this.encParams, this.kekParamsList);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedData);
        Assert.assertEquals(encryptedData.getType(), "http://www.w3.org/2001/04/xmlenc#Element", "Type attribute");
        Assert.assertEquals(encryptedData.getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedData.getKeyInfo(), "KeyInfo");
        List encryptedKeys = encryptedData.getKeyInfo().getEncryptedKeys();
        Assert.assertEquals(encryptedData.getKeyInfo().getEncryptedKeys().size(), 2, "Number of EncryptedKeys");
        checkKEKRSA((EncryptedKey) encryptedKeys.get(0), true);
        checkKEKAES((EncryptedKey) encryptedKeys.get(1), true);
    }

    @Test
    public void testEncryptContentWithKeyNameNoKEK() {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        this.encParams.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.keyInfo));
        EncryptedData encryptedData = null;
        try {
            encryptedData = this.encrypter.encryptElementContent(unmarshallElement, this.encParams);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedData);
        Assert.assertEquals(encryptedData.getType(), "http://www.w3.org/2001/04/xmlenc#Content", "Type attribute");
        Assert.assertEquals(encryptedData.getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedData.getKeyInfo(), "KeyInfo");
        Assert.assertEquals(((KeyName) encryptedData.getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKeyName, "KeyName");
        Assert.assertEquals(encryptedData.getKeyInfo().getEncryptedKeys().size(), 0, "Number of EncryptedKeys");
    }

    @Test
    public void testEncryptContentSingleKEK() {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        this.kekParamsRSA.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoRSA));
        EncryptedData encryptedData = null;
        try {
            encryptedData = this.encrypter.encryptElementContent(unmarshallElement, this.encParams, this.kekParamsRSA);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedData);
        Assert.assertEquals(encryptedData.getType(), "http://www.w3.org/2001/04/xmlenc#Content", "Type attribute");
        Assert.assertEquals(encryptedData.getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedData.getKeyInfo(), "KeyInfo");
        List encryptedKeys = encryptedData.getKeyInfo().getEncryptedKeys();
        Assert.assertEquals(encryptedData.getKeyInfo().getEncryptedKeys().size(), 1, "Number of EncryptedKeys");
        checkKEKRSA((EncryptedKey) encryptedKeys.get(0), true);
    }

    @Test
    public void testEncryptContentMultipleKEK() {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        this.kekParamsAES.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoAES));
        this.kekParamsRSA.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoRSA));
        this.kekParamsList.add(this.kekParamsRSA);
        this.kekParamsList.add(this.kekParamsAES);
        EncryptedData encryptedData = null;
        try {
            encryptedData = this.encrypter.encryptElementContent(unmarshallElement, this.encParams, this.kekParamsList);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedData);
        Assert.assertEquals(encryptedData.getType(), "http://www.w3.org/2001/04/xmlenc#Content", "Type attribute");
        Assert.assertEquals(encryptedData.getEncryptionMethod().getAlgorithm(), this.algoURI, "Algorithm attribute");
        Assert.assertNotNull(encryptedData.getKeyInfo(), "KeyInfo");
        List encryptedKeys = encryptedData.getKeyInfo().getEncryptedKeys();
        Assert.assertEquals(encryptedData.getKeyInfo().getEncryptedKeys().size(), 2, "Number of EncryptedKeys");
        checkKEKRSA((EncryptedKey) encryptedKeys.get(0), true);
        checkKEKAES((EncryptedKey) encryptedKeys.get(1), true);
    }

    @Test
    public void testEncryptKeySingleKEK() throws NoSuchAlgorithmException, NoSuchProviderException, XMLParserException, KeyException {
        SecretKey generateSymmetricKey = AlgorithmSupport.generateSymmetricKey(this.algoURI);
        this.kekParamsRSA.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoRSA));
        EncryptedKey encryptedKey = null;
        try {
            encryptedKey = this.encrypter.encryptKey(generateSymmetricKey, this.kekParamsRSA, parserPool.newDocument());
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        checkKEKRSA(encryptedKey, true);
    }

    @Test
    public void testEncryptKeyMultipleKEK() throws NoSuchAlgorithmException, NoSuchProviderException, XMLParserException, KeyException {
        SecretKey generateSymmetricKey = AlgorithmSupport.generateSymmetricKey(this.algoURI);
        this.kekParamsAES.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoAES));
        this.kekParamsRSA.setKeyInfoGenerator(new StaticKeyInfoGenerator(this.kekKeyInfoRSA));
        this.kekParamsList.add(this.kekParamsAES);
        this.kekParamsList.add(this.kekParamsRSA);
        List list = null;
        try {
            list = this.encrypter.encryptKey(generateSymmetricKey, this.kekParamsList, parserPool.newDocument());
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertEquals(list.size(), 2, "Number of EncryptedKeys");
        checkKEKAES((EncryptedKey) list.get(0), true);
        checkKEKRSA((EncryptedKey) list.get(1), true);
    }

    @Test
    public void testAutoKeyGen() {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        this.encParams.setEncryptionCredential((Credential) null);
        this.kekParamsList.add(this.kekParamsRSA);
        EncryptedData encryptedData = null;
        try {
            encryptedData = this.encrypter.encryptElement(unmarshallElement, this.encParams, this.kekParamsRSA);
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertNotNull(encryptedData);
        try {
            encryptedData = this.encrypter.encryptElement(unmarshallElement, this.encParams, this.kekParamsList);
        } catch (EncryptionException e2) {
            Assert.fail("Object encryption failed: " + e2);
        }
        Assert.assertNotNull(encryptedData);
    }

    @Test
    public void testAutoKeyGenNoKEK() {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        this.encParams.setEncryptionCredential((Credential) null);
        this.kekParamsList.clear();
        try {
            this.encrypter.encryptElement(unmarshallElement, this.encParams);
            Assert.fail("Object encryption should have failed: no KEK supplied with auto key generation for data encryption");
        } catch (EncryptionException e) {
        }
        try {
            this.encrypter.encryptElement(unmarshallElement, this.encParams, this.kekParamsList);
            Assert.fail("Object encryption should have failed: no KEK supplied with auto key generation for data encryption");
        } catch (EncryptionException e2) {
        }
    }

    @Test
    public void testEncryptKeyDigestMethodsRSAOAEP() throws NoSuchAlgorithmException, NoSuchProviderException, XMLParserException, KeyException {
        SecretKey generateSymmetricKey = AlgorithmSupport.generateSymmetricKey(this.algoURI);
        this.kekParamsRSA.setAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
        EncryptedKey encryptedKey = null;
        try {
            encryptedKey = this.encrypter.encryptKey(generateSymmetricKey, this.kekParamsRSA, parserPool.newDocument());
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertFalse(encryptedKey.getEncryptionMethod().getUnknownXMLObjects(DigestMethod.DEFAULT_ELEMENT_NAME).isEmpty(), "EncryptedKey/EncryptionMethod/DigestMethod list was empty");
        Assert.assertEquals(((DigestMethod) encryptedKey.getEncryptionMethod().getUnknownXMLObjects(DigestMethod.DEFAULT_ELEMENT_NAME).get(0)).getAlgorithm(), "http://www.w3.org/2000/09/xmldsig#sha1", "DigestMethod algorithm URI had unexpected value");
    }

    @Test
    public void testEncryptKeyDigestMethodsRSAv15() throws NoSuchAlgorithmException, NoSuchProviderException, XMLParserException, KeyException {
        SecretKey generateSymmetricKey = AlgorithmSupport.generateSymmetricKey(this.algoURI);
        this.kekParamsRSA.setAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-1_5");
        EncryptedKey encryptedKey = null;
        try {
            encryptedKey = this.encrypter.encryptKey(generateSymmetricKey, this.kekParamsRSA, parserPool.newDocument());
        } catch (EncryptionException e) {
            Assert.fail("Object encryption failed: " + e);
        }
        Assert.assertTrue(encryptedKey.getEncryptionMethod().getUnknownXMLObjects(DigestMethod.DEFAULT_ELEMENT_NAME).isEmpty(), "EncryptedKey/EncryptionMethod/DigestMethod list was NOT empty");
    }

    @Test
    public void testEncryptDataBadKEKDSA() throws NoSuchAlgorithmException, NoSuchProviderException {
        SignableSimpleXMLObject unmarshallElement = unmarshallElement(this.targetFile);
        KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
        keyEncryptionParameters.setEncryptionCredential(CredentialSupport.getSimpleCredential(KeySupport.generateKeyPair("DSA", 1024, (String) null).getPublic(), (PrivateKey) null));
        try {
            this.encrypter.encryptElement(unmarshallElement, this.encParams, keyEncryptionParameters);
            Assert.fail("Object encryption succeeded, should have failed with DSA key attempt");
        } catch (EncryptionException e) {
        }
    }

    @Test
    public void testRSAOAEPParameters() throws NoSuchAlgorithmException, NoSuchProviderException, XMLParserException, KeyException, EncryptionException {
        this.providerSupport.loadBC();
        try {
            Document newDocument = parserPool.newDocument();
            SecretKey generateSymmetricKey = AlgorithmSupport.generateSymmetricKey(this.algoURI);
            KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
            keyEncryptionParameters.setEncryptionCredential(AlgorithmSupport.generateKeyPairAndCredential(this.kekURIRSA, 1024, false));
            keyEncryptionParameters.setAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
            keyEncryptionParameters.setRSAOAEPParameters((RSAOAEPParameters) null);
            EncryptedKey encryptKey = this.encrypter.encryptKey(generateSymmetricKey, keyEncryptionParameters, newDocument);
            Assert.assertEquals(getDigestMethod(encryptKey), "http://www.w3.org/2000/09/xmldsig#sha1");
            Assert.assertNull(getMGF(encryptKey));
            Assert.assertNull(getOAEPParams(encryptKey));
            keyEncryptionParameters.setRSAOAEPParameters(new RSAOAEPParameters());
            EncryptedKey encryptKey2 = this.encrypter.encryptKey(generateSymmetricKey, keyEncryptionParameters, newDocument);
            Assert.assertEquals(getDigestMethod(encryptKey2), "http://www.w3.org/2000/09/xmldsig#sha1");
            Assert.assertNull(getMGF(encryptKey2));
            Assert.assertNull(getOAEPParams(encryptKey2));
            keyEncryptionParameters.setRSAOAEPParameters(new RSAOAEPParameters("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2009/xmlenc11#mgf1sha256", "9lWu3Q=="));
            EncryptedKey encryptKey3 = this.encrypter.encryptKey(generateSymmetricKey, keyEncryptionParameters, newDocument);
            Assert.assertEquals(getDigestMethod(encryptKey3), "http://www.w3.org/2001/04/xmlenc#sha256");
            Assert.assertNull(getMGF(encryptKey3));
            Assert.assertEquals(getOAEPParams(encryptKey3), "9lWu3Q==");
            keyEncryptionParameters.setAlgorithm("http://www.w3.org/2009/xmlenc11#rsa-oaep");
            keyEncryptionParameters.setRSAOAEPParameters((RSAOAEPParameters) null);
            EncryptedKey encryptKey4 = this.encrypter.encryptKey(generateSymmetricKey, keyEncryptionParameters, newDocument);
            Assert.assertEquals(getDigestMethod(encryptKey4), "http://www.w3.org/2000/09/xmldsig#sha1");
            Assert.assertEquals(getMGF(encryptKey4), "http://www.w3.org/2009/xmlenc11#mgf1sha1");
            Assert.assertNull(getOAEPParams(encryptKey4));
            keyEncryptionParameters.setRSAOAEPParameters(new RSAOAEPParameters());
            EncryptedKey encryptKey5 = this.encrypter.encryptKey(generateSymmetricKey, keyEncryptionParameters, newDocument);
            Assert.assertEquals(getDigestMethod(encryptKey5), "http://www.w3.org/2000/09/xmldsig#sha1");
            Assert.assertEquals(getMGF(encryptKey5), "http://www.w3.org/2009/xmlenc11#mgf1sha1");
            Assert.assertNull(getOAEPParams(encryptKey5));
            keyEncryptionParameters.setRSAOAEPParameters(new RSAOAEPParameters("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2009/xmlenc11#mgf1sha256", "9lWu3Q=="));
            EncryptedKey encryptKey6 = this.encrypter.encryptKey(generateSymmetricKey, keyEncryptionParameters, newDocument);
            Assert.assertEquals(getDigestMethod(encryptKey6), "http://www.w3.org/2001/04/xmlenc#sha256");
            Assert.assertEquals(getMGF(encryptKey6), "http://www.w3.org/2009/xmlenc11#mgf1sha256");
            Assert.assertEquals(getOAEPParams(encryptKey6), "9lWu3Q==");
            this.providerSupport.unloadBC();
        } catch (Throwable th) {
            this.providerSupport.unloadBC();
            throw th;
        }
    }

    private void checkKEKAES(EncryptedKey encryptedKey, boolean z) {
        Assert.assertNotNull(encryptedKey, "EncryptedKey was null");
        Assert.assertEquals(encryptedKey.getEncryptionMethod().getAlgorithm(), this.kekURIAES, "Algorithm attribute");
        Assert.assertEquals(encryptedKey.getRecipient(), this.expectedRecipientAES, "Recipient attribute");
        if (!z) {
            Assert.assertNull(encryptedKey.getKeyInfo(), "Unexpected KeyInfo was present");
            return;
        }
        Assert.assertNotNull(encryptedKey.getKeyInfo(), "KeyInfo was not present");
        Assert.assertNotNull(encryptedKey.getKeyInfo().getKeyNames().get(0), "KeyName was not present");
        Assert.assertEquals(((KeyName) encryptedKey.getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKEKKeyNameAES, "Unexpected KEK KeyName");
    }

    private void checkKEKRSA(EncryptedKey encryptedKey, boolean z) {
        Assert.assertNotNull(encryptedKey, "EncryptedKey was null");
        Assert.assertEquals(encryptedKey.getEncryptionMethod().getAlgorithm(), this.kekURIRSA, "Algorithm attribute");
        Assert.assertEquals(encryptedKey.getRecipient(), this.expectedRecipientRSA, "Recipient attribute");
        if (!z) {
            Assert.assertNull(encryptedKey.getKeyInfo(), "Unexpected KeyInfo was present");
            return;
        }
        Assert.assertNotNull(encryptedKey.getKeyInfo(), "KeyInfo was not present");
        Assert.assertNotNull(encryptedKey.getKeyInfo().getKeyNames().get(0), "KeyName was not present");
        Assert.assertEquals(((KeyName) encryptedKey.getKeyInfo().getKeyNames().get(0)).getValue(), this.expectedKEKKeyNameRSA, "Unexpected KEK KeyName");
    }

    private String getDigestMethod(EncryptedKey encryptedKey) {
        List unknownXMLObjects = encryptedKey.getEncryptionMethod().getUnknownXMLObjects(DigestMethod.DEFAULT_ELEMENT_NAME);
        if (unknownXMLObjects == null || unknownXMLObjects.size() <= 0) {
            return null;
        }
        return ((DigestMethod) unknownXMLObjects.get(0)).getAlgorithm();
    }

    private String getMGF(EncryptedKey encryptedKey) {
        List unknownXMLObjects = encryptedKey.getEncryptionMethod().getUnknownXMLObjects(MGF.DEFAULT_ELEMENT_NAME);
        if (unknownXMLObjects == null || unknownXMLObjects.size() <= 0) {
            return null;
        }
        return ((MGF) unknownXMLObjects.get(0)).getAlgorithm();
    }

    private String getOAEPParams(EncryptedKey encryptedKey) {
        OAEPparams oAEPparams = encryptedKey.getEncryptionMethod().getOAEPparams();
        if (oAEPparams != null) {
            return oAEPparams.getValue();
        }
        return null;
    }
}
