package ch.postfinance.sdk.test;

import ch.postfinance.sdk.exception.PostFinanceCheckoutSdkException;
import ch.postfinance.sdk.model.WebhookEncryptionPublicKey;
import ch.postfinance.sdk.util.EncryptionUtil;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.security.Security;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:ch/postfinance/sdk/test/EncryptionUtilTest.class */
public class EncryptionUtilTest {
    private static final String SIGNATURE_ALGORITHM = "SHA256withECDSA";
    private static final String VALID_CONTENT_TO_VERIFY = "{\"entityId\":11,\"eventId\":35,\"listenerEntityId\":1472041829003,\"listenerEntityTechnicalName\":\"Transaction\",\"spaceId\":1,\"state\":\"PROCESSING\",\"timestamp\":\"2023-12-19T13:43:35+0000\",\"webhookListenerId\":2}";
    private static final String VALID_CONTENT_SIGNATURE = "MEYCIQCTzbMrMsOAC6T57T9kQTb1iGZVg2R7n6pY9A4ML4P31gIhAIOoav8cG8x0jpRWQztqSJIC8gXWKq+4DuENEySvmMYf";
    private static final String VALID_ENCODED_PUBLIC_KEY = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEdWq7ZBGsjUzhBO3e6mzUBLpjpV3TQw1bL1rk3ocjn5C5qne7TY0OBBhiWgaPtWlvUcqASz903vtfeSTQma+SBA==";
    private static WebhookEncryptionPublicKey VALID_PUBLIC_KEY;

    @BeforeClass
    public static void init() {
        setupSecurityProvider();
        setupValidPublicKeyAsApiObject();
    }

    @Test
    public void validationShouldPassForValidContentSignatureAndKey() {
        Assert.assertTrue("Valid public key, signature and content must fit each other", EncryptionUtil.isContentValid(VALID_CONTENT_TO_VERIFY, VALID_CONTENT_SIGNATURE, VALID_PUBLIC_KEY, "BC", SIGNATURE_ALGORITHM));
    }

    @Test
    public void validationShouldFailForBadContent() {
        Assert.assertFalse("Invalid content should fail validation", EncryptionUtil.isContentValid("ModifiedContent", VALID_CONTENT_SIGNATURE, VALID_PUBLIC_KEY, "BC", SIGNATURE_ALGORITHM));
    }

    @Test
    public void validationShouldFailForBadSignatureFormat() {
        Assert.assertThrows("Invalid signature should fail validation", PostFinanceCheckoutSdkException.class, () -> {
            EncryptionUtil.isContentValid(VALID_CONTENT_TO_VERIFY, "InvalidModifiedSignature", VALID_PUBLIC_KEY, "BC", SIGNATURE_ALGORITHM);
        });
    }

    @Test
    public void validationShouldFailForBadSignatureBase64Format() {
        Assert.assertThrows("Invalid signature should fail validation", PostFinanceCheckoutSdkException.class, () -> {
            EncryptionUtil.isContentValid(VALID_CONTENT_TO_VERIFY, "MEYCIQCTzbMrMsOAC6T57T9kQTb1iGZVg2R7n6pY9A4ML4P31gIhAIOoav8cG8x0jpRWQztqSJIC8gXWKq", VALID_PUBLIC_KEY, "BC", SIGNATURE_ALGORITHM);
        });
    }

    @Test
    public void validationShouldFailForBadPublicKeyFormat() {
        Assert.assertThrows("Invalid public key should fail validation", PostFinanceCheckoutSdkException.class, () -> {
            EncryptionUtil.isContentValid(VALID_CONTENT_TO_VERIFY, VALID_CONTENT_SIGNATURE, getPublicKeyAsApiObject("InvalidModifiedPublicKey"), "BC", SIGNATURE_ALGORITHM);
        });
    }

    @Test
    public void validationShouldFailForBadPublicKeyBase64Format() {
        Assert.assertThrows("Invalid public key should fail validation", IllegalArgumentException.class, () -> {
            EncryptionUtil.isContentValid(VALID_CONTENT_TO_VERIFY, VALID_CONTENT_SIGNATURE, getPublicKeyAsApiObject("MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEdWq7ZBGsjUzhBO3e6mzUBLpjpV3TQw1bL1rk3ocjn5C5qne7TY0OBBhiWgaPtWlvUcqASz903vtfeSTQm"), "BC", SIGNATURE_ALGORITHM);
        });
    }

    private static void setupValidPublicKeyAsApiObject() {
        VALID_PUBLIC_KEY = getPublicKeyAsApiObject(VALID_ENCODED_PUBLIC_KEY);
    }

    private static WebhookEncryptionPublicKey getPublicKeyAsApiObject(String str) {
        try {
            return (WebhookEncryptionPublicKey) new ObjectMapper().readValue("{\n    \"id\": \"123456890\",\n    \"publicKey\": \"" + str + "\"\n}", WebhookEncryptionPublicKey.class);
        } catch (JsonProcessingException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    private static void setupSecurityProvider() {
        Security.addProvider(new BouncyCastleProvider());
    }
}
