package net.jsign.jca;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Test;

/* loaded from: input_file:net/jsign/jca/SigningServiceTest.class */
public class SigningServiceTest {
    public void testCustomProvider(Provider provider, KeyStore keyStore, String str, String str2) throws Exception {
        Assert.assertNotNull("Certificate chain not found", keyStore.getCertificateChain(str));
        Assert.assertNotEquals("Empty certificate chain", 0L, r0.length);
        Key key = keyStore.getKey(str, str2.toCharArray());
        Assert.assertNotNull("Private key not found", key);
        Signature signature = Signature.getInstance("SHA256withRSA", provider);
        signature.initSign((PrivateKey) key);
        signature.update("Hello World".getBytes());
        byte[] sign = signature.sign();
        Assert.assertNotNull("signature null", sign);
        Signature signature2 = Signature.getInstance("SHA256withRSA", provider);
        signature2.initSign((PrivateKey) key);
        signature2.update("Hello".getBytes());
        signature2.update(" ".getBytes());
        signature2.update("World".getBytes());
        Assert.assertArrayEquals("signature", sign, signature2.sign());
    }

    @Test
    public void testLocalProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new LocalKeyStoreSigningService("target/test-classes/keystores/keystore.jks", "password", "password"));
        KeyStore keyStore = KeyStore.getInstance("LOCALKEYSTORE", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "secret".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "test", "password");
    }

    @Test
    public void testOpenPGPCardProvider() throws Exception {
        OpenPGPCardTest.assumeCardPresent();
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new OpenPGPCardSigningService((String) null, "123456", str -> {
            try {
                FileInputStream fileInputStream = new FileInputStream("target/test-classes/keystores/jsign-test-certificate-full-chain-reversed.pem");
                Throwable th = null;
                try {
                    try {
                        Certificate[] certificateArr = (Certificate[]) CertificateFactory.getInstance("X.509").generateCertificates(fileInputStream).toArray(new Certificate[0]);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        return certificateArr;
                    } finally {
                    }
                } finally {
                }
            } catch (IOException | CertificateException e) {
                throw new RuntimeException(e);
            }
        }));
        KeyStore keyStore = KeyStore.getInstance("OPENPGP", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "123456".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "AUTHENTICATION", "123456");
    }

    @Test
    public void testPIVCardProvider() throws Exception {
        PIVCardTest.assumeCardPresent();
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new PIVCardSigningService((String) null, "123456", str -> {
            try {
                FileInputStream fileInputStream = new FileInputStream("target/test-classes/keystores/jsign-test-certificate-full-chain-reversed.pem");
                Throwable th = null;
                try {
                    try {
                        Certificate[] certificateArr = (Certificate[]) CertificateFactory.getInstance("X.509").generateCertificates(fileInputStream).toArray(new Certificate[0]);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        return certificateArr;
                    } finally {
                    }
                } finally {
                }
            } catch (IOException | CertificateException e) {
                throw new RuntimeException(e);
            }
        }));
        KeyStore keyStore = KeyStore.getInstance("PIV", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "123456".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "SIGNATURE", "123456");
    }

    @Test
    public void testAmazonProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new AmazonSigningService("eu-west-3", new AmazonCredentials(AWS.getAccessKey(), AWS.getSecretKey(), (String) null), str -> {
            try {
                FileInputStream fileInputStream = new FileInputStream("target/test-classes/keystores/jsign-test-certificate-full-chain-reversed.pem");
                Throwable th = null;
                try {
                    try {
                        Certificate[] certificateArr = (Certificate[]) CertificateFactory.getInstance("X.509").generateCertificates(fileInputStream).toArray(new Certificate[0]);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        return certificateArr;
                    } finally {
                    }
                } finally {
                }
            } catch (IOException | CertificateException e) {
                throw new RuntimeException(e);
            }
        }));
        KeyStore keyStore = KeyStore.getInstance("AWS", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "test", "");
    }

    @Test
    public void testAzureProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new AzureKeyVaultSigningService("jsignvault", Azure.getAccessToken()));
        KeyStore keyStore = KeyStore.getInstance("AZUREKEYVAULT", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "jsign", "");
    }

    @Test
    public void testGoogleCloudProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new GoogleCloudSigningService("projects/fifth-glider-316809/locations/global/keyRings/jsignkeyring", GoogleCloud.getAccessToken(), str -> {
            try {
                FileInputStream fileInputStream = new FileInputStream("target/test-classes/keystores/jsign-test-certificate-full-chain.pem");
                Throwable th = null;
                try {
                    try {
                        Certificate[] certificateArr = (Certificate[]) CertificateFactory.getInstance("X.509").generateCertificates(fileInputStream).toArray(new Certificate[0]);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        return certificateArr;
                    } finally {
                    }
                } finally {
                }
            } catch (IOException | CertificateException e) {
                throw new RuntimeException(e);
            }
        }));
        KeyStore keyStore = KeyStore.getInstance("GOOGLECLOUD", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "test", "");
    }

    @Test
    public void testDigiCertProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new DigiCertOneSigningService(DigiCertONE.getApiKey(), new File(DigiCertONE.getClientCertificateFile()), DigiCertONE.getClientCertificatePassword()));
        KeyStore keyStore = KeyStore.getInstance("DIGICERTONE", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "353d4f18-5325-4b78-b17c-f92375cf40ec", "");
    }

    @Test
    public void testESignerProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new ESignerSigningService("https://cs-try.ssl.com", "esigner_demo", "esignerDemo#1"));
        KeyStore keyStore = KeyStore.getInstance("ESIGNER", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, keyStore.aliases().nextElement(), "RDXYgV9qju+6/7GnMf1vCbKexXVJmUVr+86Wq/8aIGg=");
    }

    @Test
    public void testOracleCloudProvider() throws Exception {
        Assume.assumeTrue("OCI configuration not found", OracleCloudCredentials.getConfigFile().exists());
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new OracleCloudSigningService(OracleCloudCredentials.getDefault(), str -> {
            try {
                FileInputStream fileInputStream = new FileInputStream("target/test-classes/keystores/jsign-test-certificate-full-chain.pem");
                Throwable th = null;
                try {
                    try {
                        Certificate[] certificateArr = (Certificate[]) CertificateFactory.getInstance("X.509").generateCertificates(fileInputStream).toArray(new Certificate[0]);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        return certificateArr;
                    } finally {
                    }
                } finally {
                }
            } catch (IOException | CertificateException e) {
                throw new RuntimeException(e);
            }
        }));
        KeyStore keyStore = KeyStore.getInstance("ORACLECLOUD", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "ocid1.key.oc1.eu-paris-1.h5tafwboaahxq.abrwiljrwkhgllb5zfqchmvdkmqnzutqeq5pz7yo6z7yhl2zyn2yncwzxiza", "");
    }

    @Test
    public void testTrustedSigningProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new AzureTrustedSigningService("https://weu.codesigning.azure.net", Azure.getAccessToken("https://codesigning.azure.net")));
        KeyStore keyStore = KeyStore.getInstance("TRUSTEDSIGNING", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        testCustomProvider(signingServiceJcaProvider, keyStore, "MyAccount/MyProfile", "");
    }

    @Test
    public void testGaraSignProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new GaraSignSigningService((String) null, new GaraSignCredentials("demo_user", "password", "target/test-classes/keystores/keystore.p12", "password")));
        KeyStore keyStore = KeyStore.getInstance("GARASIGN", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        Assert.assertEquals("message", "Failed to authenticate with GaraSign: Error authenticating user", ((Exception) Assert.assertThrows(Exception.class, () -> {
            testCustomProvider(signingServiceJcaProvider, keyStore, "windows_codesign", "");
        })).getCause().getMessage());
    }

    @Test
    public void testSignServerProvider() throws Exception {
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new SignServerSigningService("https://example.com/signserver", new SignServerCredentials("username", "password", "target/test-classes/keystores/keystore.p12", "password")));
        KeyStore keyStore = KeyStore.getInstance("SIGNSERVER", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        Assert.assertEquals("message", "Unable to retrieve the certificate chain 'default'", ((Exception) Assert.assertThrows(Exception.class, () -> {
            testCustomProvider(signingServiceJcaProvider, keyStore, "default", "");
        })).getMessage());
    }

    @Test
    public void testSignPathProvider() throws Exception {
        String str = System.getenv("SIGNPATH_ORGANIZATION_ID");
        String str2 = System.getenv("SIGNPATH_API_TOKEN");
        Assume.assumeNotNull(new Object[]{"SIGNPATH_ORGANIZATION_ID environment variable not defined", str});
        Assume.assumeNotNull(new Object[]{"SIGNPATH_API_TOKEN environment variable not defined", str2});
        SigningServiceJcaProvider signingServiceJcaProvider = new SigningServiceJcaProvider(new SignPathSigningService(str, str2));
        KeyStore keyStore = KeyStore.getInstance("SIGNPATH", (Provider) signingServiceJcaProvider);
        keyStore.load(null, "".toCharArray());
        Assert.assertEquals("message", "Unable to retrieve SignPath signing policy 'default'", ((Exception) Assert.assertThrows(Exception.class, () -> {
            testCustomProvider(signingServiceJcaProvider, keyStore, "default", "");
        })).getMessage());
        testCustomProvider(signingServiceJcaProvider, keyStore, "jsign/rsa-2048", "");
    }
}
