package org.opensaml.xml.security;

import java.io.InputStream;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import junit.framework.TestCase;
import org.opensaml.xml.Configuration;

/* loaded from: input_file:org/opensaml/xml/security/SecurityHelperTest.class */
public class SecurityHelperTest extends TestCase {
    private String rsaPrivKeyPEMNoEncrypt = "/data/rsa-privkey-nopass.pem";
    private String rsaPrivKeyDERNoEncrypt = "/data/rsa-privkey-nopass.der";
    private String dsaPrivKeyPEMNoEncrypt = "/data/dsa-privkey-nopass.pem";
    private String dsaPrivKeyDERNoEncrypt = "/data/dsa-privkey-nopass.der";
    private char[] privKeyPassword = {'c', 'h', 'a', 'n', 'g', 'e', 'i', 't'};
    private String rsaPrivKeyPEMEncrypt = "/data/rsa-privkey-changeit-pass.pem";
    private String dsaPrivKeyPEMEncrypt = "/data/dsa-privkey-changeit-pass.pem";

    protected void setUp() throws Exception {
        super.setUp();
        Configuration.setGlobalSecurityConfiguration(DefaultSecurityConfigurationBootstrap.buildDefaultConfig());
    }

    public void testDecodeRSAPrivateKeyPEMNoEncrypt() throws Exception {
        testPrivKey(this.rsaPrivKeyPEMNoEncrypt, null, "RSA");
    }

    public void testDecodeRSAPrivateKeyPEMEncrypt() throws Exception {
        testPrivKey(this.rsaPrivKeyPEMEncrypt, this.privKeyPassword, "RSA");
    }

    public void testDecodeRSAPrivateKeyDERNoEncrypt() throws Exception {
        testPrivKey(this.rsaPrivKeyDERNoEncrypt, null, "RSA");
    }

    public void testDecodeDSAPrivateKeyPEMNoEncrypt() throws Exception {
        testPrivKey(this.dsaPrivKeyPEMNoEncrypt, null, "DSA");
    }

    public void testDecodeDSAPrivateKeyPEMEncrypt() throws Exception {
        testPrivKey(this.dsaPrivKeyPEMEncrypt, this.privKeyPassword, "DSA");
    }

    public void testDecodeDSAPrivateKeyDERNoEncrypt() throws Exception {
        testPrivKey(this.dsaPrivKeyDERNoEncrypt, null, "DSA");
    }

    public void testDerivePublicKey() throws Exception {
        PrivateKey testPrivKey = testPrivKey(this.rsaPrivKeyPEMNoEncrypt, null, "RSA");
        PublicKey derivePublicKey = SecurityHelper.derivePublicKey(testPrivKey);
        assertNotNull(derivePublicKey);
        assertEquals("RSA", derivePublicKey.getAlgorithm());
        assertTrue(SecurityHelper.matchKeyPair(derivePublicKey, testPrivKey));
        PrivateKey testPrivKey2 = testPrivKey(this.dsaPrivKeyPEMNoEncrypt, null, "DSA");
        PublicKey derivePublicKey2 = SecurityHelper.derivePublicKey(testPrivKey2);
        assertNotNull(derivePublicKey2);
        assertEquals("DSA", derivePublicKey2.getAlgorithm());
        assertTrue(SecurityHelper.matchKeyPair(derivePublicKey2, testPrivKey2));
    }

    public void testKeyAlgorithmURIMappings() {
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#rsa-1_5"));
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"));
        assertEquals("AES", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#kw-aes128"));
        assertEquals("AES", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#kw-aes192"));
        assertEquals("AES", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#kw-aes256"));
        assertEquals("DESede", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#kw-tripledes"));
        assertEquals("AES", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc"));
        assertEquals("AES", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#aes192-cbc"));
        assertEquals("AES", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#aes256-cbc"));
        assertEquals("DESede", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmlenc#tripledes-cbc"));
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2000/09/xmldsig#rsa-sha1"));
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2000/09/xmldsig#rsa-sha1"));
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"));
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"));
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"));
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#rsa-md5"));
        assertEquals("RSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"));
        assertEquals("DSA", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2000/09/xmldsig#dsa-sha1"));
        assertEquals("EC", SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"));
        assertNull(SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2000/09/xmldsig#hmac-sha1"));
        assertNull(SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"));
        assertNull(SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"));
        assertNull(SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"));
        assertNull(SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#hmac-md5"));
        assertNull(SecurityHelper.getKeyAlgorithmFromURI("http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"));
    }

    public void testKeyPairMatching() throws NoSuchAlgorithmException, NoSuchProviderException, SecurityException {
        KeyPair generateKeyPair = SecurityHelper.generateKeyPair("RSA", 1024, (String) null);
        KeyPair generateKeyPair2 = SecurityHelper.generateKeyPair("RSA", 1024, (String) null);
        KeyPair generateKeyPair3 = SecurityHelper.generateKeyPair("DSA", 1024, (String) null);
        KeyPair generateKeyPair4 = SecurityHelper.generateKeyPair("DSA", 1024, (String) null);
        assertTrue(SecurityHelper.matchKeyPair(generateKeyPair.getPublic(), generateKeyPair.getPrivate()));
        assertTrue(SecurityHelper.matchKeyPair(generateKeyPair2.getPublic(), generateKeyPair2.getPrivate()));
        assertFalse(SecurityHelper.matchKeyPair(generateKeyPair.getPublic(), generateKeyPair2.getPrivate()));
        assertFalse(SecurityHelper.matchKeyPair(generateKeyPair2.getPublic(), generateKeyPair.getPrivate()));
        assertTrue(SecurityHelper.matchKeyPair(generateKeyPair3.getPublic(), generateKeyPair3.getPrivate()));
        assertTrue(SecurityHelper.matchKeyPair(generateKeyPair4.getPublic(), generateKeyPair4.getPrivate()));
        assertFalse(SecurityHelper.matchKeyPair(generateKeyPair3.getPublic(), generateKeyPair4.getPrivate()));
        assertFalse(SecurityHelper.matchKeyPair(generateKeyPair4.getPublic(), generateKeyPair3.getPrivate()));
        try {
            assertFalse(SecurityHelper.matchKeyPair(generateKeyPair.getPublic(), generateKeyPair4.getPrivate()));
            fail("Key algorithm mismatch should have caused evaluation failure");
        } catch (SecurityException e) {
        }
        try {
            assertFalse(SecurityHelper.matchKeyPair(generateKeyPair.getPublic(), (PrivateKey) null));
            fail("Null key should have caused failure");
        } catch (SecurityException e2) {
        }
        try {
            assertFalse(SecurityHelper.matchKeyPair((PublicKey) null, generateKeyPair.getPrivate()));
            fail("Key algorithm mismatch should have caused evaluation failure");
        } catch (SecurityException e3) {
        }
    }

    protected PrivateKey testPrivKey(String str, char[] cArr, String str2) throws Exception {
        InputStream resourceAsStream = SecurityHelperTest.class.getResourceAsStream(str);
        byte[] bArr = new byte[resourceAsStream.available()];
        resourceAsStream.read(bArr);
        PrivateKey decodePrivateKey = SecurityHelper.decodePrivateKey(bArr, cArr);
        assertNotNull(decodePrivateKey);
        assertEquals(str2, decodePrivateKey.getAlgorithm());
        return decodePrivateKey;
    }
}
