package net.jsign.jca;

import java.io.FileReader;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import net.jadler.Jadler;
import org.hamcrest.Matchers;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:net/jsign/jca/GaraSignSigningServiceTest.class */
public class GaraSignSigningServiceTest {
    @Before
    public void setUp() {
        Jadler.initJadler().withDefaultResponseStatus(404);
    }

    @After
    public void tearDown() {
        Jadler.closeJadler();
    }

    @Test
    public void testGetAliases() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").havingParameterEqualTo("api_version", "1.0").havingParameter("session_token").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        Assert.assertEquals("aliases", Arrays.asList("java_keystore_rsa_key", "java_keystore_ecdsa_key"), new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null)).aliases());
    }

    @Test
    public void testGetCertificateChain() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").havingParameterEqualTo("api_version", "1.0").havingParameter("session_token").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        Certificate[] certificateChain = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null)).getCertificateChain("java_keystore_rsa_key");
        Assert.assertNotNull("null chain", certificateChain);
        Assert.assertEquals("length", 3L, certificateChain.length);
        Assert.assertEquals("subject 1", "CN=rsa_code_signer, OU=test, O=Garantir, L=San Diego, ST=CA, C=US", ((X509Certificate) certificateChain[0]).getSubjectDN().getName());
        Assert.assertEquals("subject 2", "CN=intermediary_rsa_ca, OU=test, O=Garantir, L=San Diego, ST=CA, C=US", ((X509Certificate) certificateChain[1]).getSubjectDN().getName());
        Assert.assertEquals("subject 3", "CN=root_rsa_ca, OU=test, O=Garantir, L=San Diego, ST=CA, C=US", ((X509Certificate) certificateChain[2]).getSubjectDN().getName());
    }

    @Test
    public void testGetCertificateChainWithInvalidAlias() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").havingParameter("session_token").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        Assert.assertEquals("message", "Unable to retrieve GaraSign certificate 'jsign'", ((Exception) Assert.assertThrows(KeyStoreException.class, () -> {
            garaSignSigningService.getCertificateChain("jsign");
        })).getMessage());
    }

    @Test
    public void testGetCertificateChainWithError() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(200).withBody("{\"requestId\": \"keystore_request\", \"status\": \"FAILURE\", \"message\": \"Keystore not found\", \"sessionToken\": null}");
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        Assert.assertEquals("message", "Unable to retrieve the GaraSign keystore: Keystore not found", ((Exception) Assert.assertThrows(KeyStoreException.class, () -> {
            garaSignSigningService.getCertificateChain("java_keystore_rsa_key");
        })).getMessage());
    }

    @Test
    public void testGetCertificateChainWithHTTPError() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(502).withBody("Bad Gateway");
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        Assert.assertEquals("message", "Unable to retrieve the GaraSign keystore", ((Exception) Assert.assertThrows(KeyStoreException.class, () -> {
            garaSignSigningService.getCertificateChain("java_keystore_rsa_key");
        })).getMessage());
    }

    @Test
    public void testGetPrivateKey() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        SigningServicePrivateKey privateKey = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null)).getPrivateKey("java_keystore_rsa_key", (char[]) null);
        Assert.assertNotNull("null key", privateKey);
        Assert.assertEquals("id", "java_keystore_rsa_key", privateKey.getId());
        Assert.assertEquals("algorithm", "RSA", privateKey.getAlgorithm());
    }

    @Test
    public void testGetPrivateKeyWithInvalidAlias() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        Assert.assertEquals("message", "Unable to fetch GaraSign private key for the certificate 'jsign'", ((Exception) Assert.assertThrows(UnrecoverableKeyException.class, () -> {
            garaSignSigningService.getPrivateKey("jsign", (char[]) null);
        })).getMessage());
    }

    @Test
    public void testSignWithPolling() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/sign").havingParameterEqualTo("api_version", "1.0").havingParameter("session_token").havingParameter("data_to_sign").havingParameterEqualTo("key_name", "java_keystore_rsa_key").havingParameterEqualTo("signature_scheme", "SHA256withRSA").havingParameter("request_id", Matchers.nullValue()).respond().withStatus(200).withBody("{\"requestId\": \"60\", \"status\": \"IN_PROGRESS\", \"message\": \"Pending approvals\"}");
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/sign").havingParameterEqualTo("api_version", "1.0").havingParameter("session_token").havingParameter("data_to_sign", Matchers.nullValue()).havingParameter("key_name", Matchers.nullValue()).havingParameter("signature_scheme", Matchers.nullValue()).havingParameterEqualTo("request_id", "60").respond().withStatus(200).withBody("{\"requestId\": \"60\", \"status\": \"IN_PROGRESS\", \"message\": \"Pending approvals\"}").thenRespond().withStatus(200).withBody("{\"requestId\": \"60\", \"status\": \"IN_PROGRESS\", \"message\": \"Pending approvals\"}").thenRespond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-sign.json"));
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        Assert.assertNotNull("null signature", garaSignSigningService.sign(garaSignSigningService.getPrivateKey("java_keystore_rsa_key", (char[]) null), "SHA256withRSA", "Hello".getBytes()));
        Assert.assertEquals("length", 256L, r0.length);
    }

    @Test
    public void testSignWithoutPolling() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/sign").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-sign.json")).thenRespond().withStatus(200).withBody("{\"requestId\": \"60\", \"status\": \"FAILED\", \"message\": \"Data to sign is missing\"}");
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        Assert.assertNotNull("null signature", garaSignSigningService.sign(garaSignSigningService.getPrivateKey("java_keystore_rsa_key", (char[]) null), "SHA256withRSA", "Hello".getBytes()));
        Assert.assertEquals("length", 256L, r0.length);
    }

    @Test
    public void testSignWithTimeout() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/sign").respond().withStatus(200).withBody("{\"requestId\": \"60\", \"status\": \"IN_PROGRESS\", \"message\": \"Pending approvals\"}");
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        garaSignSigningService.setTimeout(5);
        SigningServicePrivateKey privateKey = garaSignSigningService.getPrivateKey("java_keystore_rsa_key", (char[]) null);
        Assert.assertEquals("message", "java.io.IOException: Signing operation 60 timed out", ((Exception) Assert.assertThrows(GeneralSecurityException.class, () -> {
            garaSignSigningService.sign(privateKey, "SHA256withRSA", "Hello".getBytes());
        })).getMessage());
    }

    @Test
    public void testSignWithFailure() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/sign").respond().withStatus(200).withBody("{\"requestId\": \"60\", \"status\": \"FAILURE\", \"message\": \"Internal server error\"}");
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        SigningServicePrivateKey privateKey = garaSignSigningService.getPrivateKey("java_keystore_rsa_key", (char[]) null);
        Assert.assertEquals("message", "java.io.IOException: Signing operation failed: Internal server error", ((Exception) Assert.assertThrows(GeneralSecurityException.class, () -> {
            garaSignSigningService.sign(privateKey, "SHA256withRSA", "Hello".getBytes());
        })).getMessage());
    }

    @Test
    public void testSignWithPollingFailure() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/authenticate").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-authenticate.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/keystore").respond().withStatus(200).withBody(new FileReader("target/test-classes/services/garasign-keystore.json"));
        Jadler.onRequest().havingMethodEqualTo("POST").havingPathEqualTo("/sign").respond().withStatus(200).withBody("{\"requestId\": \"60\", \"status\": \"IN_PROGRESS\", \"message\": \"Pending approvals\"}").thenRespond().withStatus(200).withBody("{\"requestId\": \"60\", \"status\": \"FAILURE\", \"message\": \"Internal server error\"}");
        GaraSignSigningService garaSignSigningService = new GaraSignSigningService("http://localhost:" + Jadler.port(), new GaraSignCredentials("username", "password", (KeyStore.Builder) null));
        SigningServicePrivateKey privateKey = garaSignSigningService.getPrivateKey("java_keystore_rsa_key", (char[]) null);
        Assert.assertEquals("message", "java.io.IOException: Signing operation 60 failed: Internal server error", ((Exception) Assert.assertThrows(GeneralSecurityException.class, () -> {
            garaSignSigningService.sign(privateKey, "SHA256withRSA", "Hello".getBytes());
        })).getMessage());
    }
}
