package net.jsign.jca;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Arrays;
import java.util.Base64;
import net.jadler.Jadler;
import org.apache.commons.io.FileUtils;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:net/jsign/jca/OracleCloudSigningServiceTest.class */
public class OracleCloudSigningServiceTest {
    @Before
    public void setUp() {
        Jadler.initJadlerListeningOn(18080).withDefaultResponseStatus(404);
    }

    @After
    public void tearDown() {
        Jadler.closeJadler();
    }

    private OracleCloudCredentials getCredentials() throws Exception {
        File createTempFile = File.createTempFile("ociconfig", null);
        FileUtils.writeStringToFile(createTempFile, "[DEFAULT]\nuser=ocid1.user.oc1..abcdefghijk\ntenancy=ocid1.tenancy.oc1..abcdefghijk\nregion=eu-paris-1\nkey_file=target/test-classes/keystores/privatekey.pkcs8.pem\nfingerprint=97:a2:2f:f5:e8:39:d3:44:b7:63:f2:4e:31:18:a6:62\npass_phrase=password\n", "UTF-8");
        OracleCloudCredentials oracleCloudCredentials = new OracleCloudCredentials();
        oracleCloudCredentials.load(createTempFile, "DEFAULT");
        return oracleCloudCredentials;
    }

    private SigningService getTestService() throws Exception {
        return new OracleCloudSigningService(getCredentials(), str -> {
            try {
                FileInputStream fileInputStream = new FileInputStream("target/test-classes/keystores/jsign-test-certificate-full-chain.pem");
                Throwable th = null;
                try {
                    try {
                        Certificate[] certificateArr = (Certificate[]) CertificateFactory.getInstance("X.509").generateCertificates(fileInputStream).toArray(new Certificate[0]);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        return certificateArr;
                    } finally {
                    }
                } finally {
                }
            } catch (IOException | CertificateException e) {
                throw new RuntimeException(e);
            }
        }) { // from class: net.jsign.jca.OracleCloudSigningServiceTest.1
            String getVaultEndpoint() {
                return "http://localhost:" + Jadler.port();
            }

            String getKeyEndpoint(String str2) {
                return "http://localhost:" + Jadler.port();
            }
        };
    }

    @Test
    public void testGetVaultEndpoint() throws Exception {
        Assert.assertEquals("endpoint", "https://kms.eu-paris-1.oraclecloud.com", new OracleCloudSigningService(getCredentials(), str -> {
            return null;
        }).getVaultEndpoint());
    }

    @Test
    public void testGetKeyEndpoint() throws Exception {
        Assert.assertEquals("endpoint", "https://h5tafwboaahxq-crypto.kms.eu-paris-1.oci.oraclecloud.com", new OracleCloudSigningService(getCredentials(), str -> {
            return null;
        }).getKeyEndpoint("ocid1.key.oc1.eu-paris-1.h5tafwboaahxq.abrwiljrwkhgllb5zfqchmvdkmqnzutqeq5pz7yo6z7yhl2zyn2yncwzxiza"));
    }

    @Test
    public void testGetKeyEndpointWithInvalidKey() throws Exception {
        OracleCloudSigningService oracleCloudSigningService = new OracleCloudSigningService(getCredentials(), str -> {
            return null;
        });
        String str2 = "ocid1.tenancy.oc1..abcdefghijk";
        Assert.assertEquals("message", "Invalid key id: ocid1.tenancy.oc1..abcdefghijk", ((Exception) Assert.assertThrows(IllegalArgumentException.class, () -> {
            oracleCloudSigningService.getKeyEndpoint(str2);
        })).getMessage());
    }

    @Test
    public void testIsUnknownHost() throws Exception {
        OracleCloudSigningService oracleCloudSigningService = new OracleCloudSigningService(getCredentials(), str -> {
            return null;
        });
        Assert.assertFalse(oracleCloudSigningService.isUnknownHost("google.com"));
        Assert.assertTrue(oracleCloudSigningService.isUnknownHost("google.jsign"));
    }

    @Test
    public void testGetAliases() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("GET").havingPathEqualTo("/20180608/vaults").havingQueryStringEqualTo("compartmentId=ocid1.tenancy.oc1..abcdefghijk").respond().withStatus(200).withContentType("application/json").withBody(new FileReader("target/test-classes/services/oraclecloud-listvaults.json"));
        Jadler.onRequest().havingMethodEqualTo("GET").havingPathEqualTo("/20180608/keys").havingQueryStringEqualTo("compartmentId=ocid1.tenancy.oc1..abcdefghijk").respond().withStatus(200).withContentType("application/json").withBody(new FileReader("target/test-classes/services/oraclecloud-listkeys.json"));
        Assert.assertEquals("aliases", Arrays.asList("ocid1.key.oc1.eu-paris-1.h5tafwboaahxq.abrwiljrwkhgllb5zfqchmvdkmqnzutqeq5pz7yo6z7yhl2zyn2yncwzxiza", "ocid1.key.oc1.eu-paris-1.h5tafwboaahxq.abrwiljr7tub2mmyv5x2w6hwdlbpa3l567vih67yypquqkm4pjgk4cx7rkpa"), getTestService().aliases());
    }

    @Test
    public void testGetAliasesWithError() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("GET").havingPathEqualTo("/20180608/vaults").havingQueryStringEqualTo("compartmentId=ocid1.tenancy.oc1..abcdefghijk").respond().withStatus(400).withContentType("application/json").withBody("{\"code\":\"InvalidParameter\", \"message\":\"The compartmentId must be an ocid.\"}");
        SigningService testService = getTestService();
        testService.getClass();
        Assert.assertThrows(KeyStoreException.class, testService::aliases);
    }

    @Test
    public void testSign() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/20180608/sign").respond().withStatus(200).withContentType("application/json").withBody(new FileReader("target/test-classes/services/oraclecloud-sign.json"));
        SigningService testService = getTestService();
        Assert.assertEquals("signature", "MiZ/YXfluqyuMfR3cnChG7+K7JmU2b8SzBAc6+WOpWQwIV4GfkLcRe0A68H45Lf+XPiMPPLrs7EqOv1EAnkYDFx5AqZBTWBfoaBeqKpy30OBvNbxIsaTLsaJYGypwmHOUTP+Djz7FxQUyM0uWVfUnHUDT564gQLz0cta6PKE/oMUo9fZhpv5VQcgfrbdUlPaD/cSAOb833ZSRzPWbnqztWO6py5sUugvqGFHKhsEXesx5yrPvJTKu5HVF3QM3E8YrgnVfFK14W8oyTJmXIWQxfYpwm/CW037UmolDMqwc3mjx1758kR+9lOcf8c/LSmD/SVD18SDSK4FyLQWOmn16A==", Base64.getEncoder().encodeToString(testService.sign(testService.getPrivateKey("ocid1.key.oc1.eu-paris-1.h5tafwboaahxq.abrwiljrwkhgllb5zfqchmvdkmqnzutqeq5pz7yo6z7yhl2zyn2yncwzxiza", (char[]) null), "SHA256withRSA", "Hello".getBytes())));
    }

    @Test
    public void testSignWithInvalidKey() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/20180608/sign").respond().withStatus(404).withContentType("application/json").withBody(new FileReader("target/test-classes/services/oraclecloud-error.json"));
        SigningService testService = getTestService();
        SigningServicePrivateKey privateKey = testService.getPrivateKey("ocid1.key.oc1.eu-paris-2.h5tafwboaahxq.abrwiljrwkhgllb5zfqchmvdkmqnzutqeq5pz7yo6z7yhl2zyn2yncwzxiza", (char[]) null);
        Assert.assertEquals("message", "NotAuthorizedOrNotFound: resource does not exist or you are not authorized to access it.", ((Exception) Assert.assertThrows(GeneralSecurityException.class, () -> {
            testService.sign(privateKey, "SHA256withRSA", "Hello".getBytes());
        })).getCause().getMessage());
    }

    @Test
    public void testSignWithInvalidAlgorithm() throws Exception {
        SigningService testService = getTestService();
        SigningServicePrivateKey privateKey = testService.getPrivateKey("ocid1.key.oc1.eu-paris-1.h5tafwboaahxq.abrwiljrwkhgllb5zfqchmvdkmqnzutqeq5pz7yo6z7yhl2zyn2yncwzxiza", (char[]) null);
        Assert.assertEquals("message", "Unsupported signing algorithm: SHA1withRSA", ((Exception) Assert.assertThrows(GeneralSecurityException.class, () -> {
            testService.sign(privateKey, "SHA1withRSA", "Hello".getBytes());
        })).getMessage());
    }
}
