package net.jsign.jca;

import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.smartcardio.CardException;
import net.jsign.DigestAlgorithm;
import net.jsign.jca.PIVCard;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Test;

/* loaded from: input_file:net/jsign/jca/PIVCardTest.class */
public class PIVCardTest {
    public static void assumeCardPresent() throws Exception {
        try {
            Assume.assumeTrue("PIV card not found", SmartCard.getTerminal("Yubikey") != null);
        } catch (CardException e) {
            Assume.assumeNoException("PIV card not found", e);
        }
    }

    @Test
    public void testGetCard() throws Exception {
        assumeCardPresent();
        Assert.assertNotNull("card not found", PIVCard.getCard());
    }

    @Test
    public void testSignRSA() throws Exception {
        assumeCardPresent();
        PIVCard card = PIVCard.getCard();
        Assert.assertNotNull("card not found", card);
        card.verify("123456");
        PIVCard.Key key = PIVCard.Key.SIGNATURE;
        int i = card.getKeyInfo(key).size;
        byte[] bytes = "Hello PIV card".getBytes();
        byte[] sign = card.sign(key, bytes);
        Assert.assertNotNull("result", sign);
        Assert.assertEquals("result length (bits)", i, sign.length * 8);
        PublicKey publicKey = card.getCertificate(key).getPublicKey();
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(2, publicKey);
        cipher.update(sign);
        Assert.assertArrayEquals("encrypted message", bytes, cipher.doFinal());
    }

    @Test
    public void testSignSHA1withECDSA() throws Exception {
        testSignECDSA(DigestAlgorithm.SHA1);
    }

    @Test
    public void testSignSHA256withECDSA() throws Exception {
        testSignECDSA(DigestAlgorithm.SHA256);
    }

    @Test
    public void testSignSHA384withECDSA() throws Exception {
        testSignECDSA(DigestAlgorithm.SHA384);
    }

    @Test
    public void testSignSHA512withECDSA() throws Exception {
        testSignECDSA(DigestAlgorithm.SHA512);
    }

    public void testSignECDSA(DigestAlgorithm digestAlgorithm) throws Exception {
        assumeCardPresent();
        PIVCard card = PIVCard.getCard();
        Assert.assertNotNull("card not found", card);
        card.verify("123456");
        PIVCard.Key key = PIVCard.Key.CARD_AUTHENTICATION;
        int i = card.getKeyInfo(key).size;
        byte[] bytes = "Hello PIV card".getBytes();
        byte[] digest = digestAlgorithm.getMessageDigest().digest(bytes);
        if (digest.length > i / 8) {
            digest = Arrays.copyOf(digest, i / 8);
        }
        byte[] sign = card.sign(key, digest);
        Assert.assertNotNull("result", sign);
        Signature signature = Signature.getInstance(digestAlgorithm.name() + "withECDSA");
        signature.initVerify(card.getCertificate(key));
        signature.update(bytes);
        Assert.assertTrue(signature.getAlgorithm() + " signature verification failed", signature.verify(sign));
    }

    @Test
    public void testGetData() throws Exception {
        assumeCardPresent();
        PIVCard card = PIVCard.getCard();
        Assert.assertNotNull("card not found", card);
        byte[] data = card.getData(6275330);
        Assert.assertNotNull("result", data);
        Assert.assertTrue("result length", data.length >= 61);
    }

    @Test
    public void testGetVersion() throws Exception {
        assumeCardPresent();
        PIVCard card = PIVCard.getCard();
        Assert.assertNotNull("card not found", card);
        Assert.assertNotNull("version", card.getVersion());
    }

    @Test
    public void testGetAvailableKeys() throws Exception {
        assumeCardPresent();
        PIVCard card = PIVCard.getCard();
        Assert.assertNotNull("card not found", card);
        Assert.assertNotNull("keys", card.getAvailableKeys());
        Assert.assertEquals("number of keys", 2L, r0.size());
    }

    @Test
    public void testGetKeyInfo() throws Exception {
        assumeCardPresent();
        PIVCard card = PIVCard.getCard();
        Assert.assertNotNull("card not found", card);
        PIVCard.KeyInfo keyInfo = card.getKeyInfo(PIVCard.Key.SIGNATURE);
        Assert.assertNotNull("key info not found", keyInfo);
        Assert.assertEquals("Algorithm", "RSA", keyInfo.algorithm);
        Assert.assertEquals("Size", 2048L, keyInfo.size);
        Assert.assertEquals("RSA-2048 identifier", 7L, keyInfo.algorithmId);
    }

    @Test
    public void testGetCertificate() throws Exception {
        assumeCardPresent();
        PIVCard card = PIVCard.getCard();
        Assert.assertNotNull("card not found", card);
        X509Certificate x509Certificate = (X509Certificate) card.getCertificate(PIVCard.Key.SIGNATURE);
        Assert.assertNotNull("certificate not found", x509Certificate);
        Assert.assertEquals("subject", "CN=Jsign Code Signing Test Certificate 2024 (RSA)", x509Certificate.getSubjectDN().getName());
    }

    @Test
    public void testGetKey() {
        Assert.assertNull(PIVCard.Key.of((String) null));
        Assert.assertNull(PIVCard.Key.of("JSIGN"));
        for (PIVCard.Key key : PIVCard.Key.values()) {
            Assert.assertEquals(key.name() + " key with uppercase name", key, PIVCard.Key.of(key.name()));
            Assert.assertEquals(key.name() + " key with lowercase name", key, PIVCard.Key.of(key.name().toLowerCase()));
            Assert.assertEquals(key.name() + " key with alias", key, PIVCard.Key.of(key.alias));
            String hexString = Integer.toHexString(key.slot);
            Assert.assertEquals(key.name() + " key with slot " + hexString, key, PIVCard.Key.of(hexString));
        }
    }
}
