package org.opensaml.saml2.encryption;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import org.joda.time.DateTime;
import org.opensaml.common.BaseTestCase;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.EncryptedAssertion;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.core.Response;
import org.opensaml.xml.encryption.DecryptionException;
import org.opensaml.xml.encryption.EncryptedKeyResolver;
import org.opensaml.xml.encryption.EncryptionException;
import org.opensaml.xml.encryption.EncryptionParameters;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.io.UnmarshallingException;
import org.opensaml.xml.parse.XMLParserException;
import org.opensaml.xml.security.SecurityConfiguration;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.SecurityHelper;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureException;
import org.opensaml.xml.signature.SignatureValidator;
import org.opensaml.xml.signature.Signer;
import org.opensaml.xml.util.XMLHelper;
import org.opensaml.xml.validation.ValidationException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/opensaml/saml2/encryption/DecryptionPlusSigningTest.class */
public class DecryptionPlusSigningTest extends BaseTestCase {
    private KeyInfoCredentialResolver keyResolver;
    private String encURI = "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
    private EncryptionParameters encParams;
    private Encrypter encrypter;
    private Credential signingCred;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.common.BaseTestCase
    public void setUp() throws Exception {
        super.setUp();
        Credential generateKeyAndCredential = SecurityHelper.generateKeyAndCredential(this.encURI);
        generateKeyAndCredential.getSecretKey();
        this.keyResolver = new StaticKeyInfoCredentialResolver(generateKeyAndCredential);
        this.encParams = new EncryptionParameters();
        this.encParams.setAlgorithm(this.encURI);
        this.encParams.setEncryptionCredential(generateKeyAndCredential);
        this.encrypter = new Encrypter(this.encParams);
        KeyPair generateKeyPair = SecurityHelper.generateKeyPair("RSA", 1024, (String) null);
        this.signingCred = SecurityHelper.getSimpleCredential(generateKeyPair.getPublic(), generateKeyPair.getPrivate());
    }

    public void testEncryptedAssertionInResponse() throws XMLParserException, EncryptionException, NoSuchAlgorithmException, NoSuchProviderException, SecurityException, MarshallingException, SignatureException, UnmarshallingException {
        Document dom = getDOM("/data/org/opensaml/saml2/encryption/Assertion.xml");
        EncryptedAssertion encrypt = this.encrypter.encrypt(unmarshallElement("/data/org/opensaml/saml2/encryption/Assertion.xml"));
        Response buildXMLObject = buildXMLObject(Response.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setID("def456");
        buildXMLObject.setIssueInstant(new DateTime());
        Issuer buildXMLObject2 = buildXMLObject(Issuer.DEFAULT_ELEMENT_NAME);
        buildXMLObject2.setValue("urn:string:issuer");
        buildXMLObject.setIssuer(buildXMLObject2);
        buildXMLObject.getEncryptedAssertions().add(encrypt);
        Signature buildXMLObject3 = buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
        buildXMLObject3.setSigningCredential(this.signingCred);
        buildXMLObject.setSignature(buildXMLObject3);
        SecurityHelper.prepareSignatureParams(buildXMLObject3, this.signingCred, (SecurityConfiguration) null, (String) null);
        marshallerFactory.getMarshaller(buildXMLObject).marshall(buildXMLObject);
        Signer.signObject(buildXMLObject3);
        Element marshall = marshallerFactory.getMarshaller(buildXMLObject).marshall(buildXMLObject);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        XMLHelper.writeNode(marshall, byteArrayOutputStream);
        Element documentElement = parser.parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getDocumentElement();
        Response unmarshall = unmarshallerFactory.getUnmarshaller(documentElement).unmarshall(documentElement);
        try {
            new SignatureValidator(this.signingCred).validate(unmarshall.getSignature());
        } catch (ValidationException e) {
            fail("First Response signature validation failed");
        }
        EncryptedAssertion encryptedAssertion = (EncryptedAssertion) unmarshall.getEncryptedAssertions().get(0);
        Decrypter decrypter = new Decrypter(this.keyResolver, (KeyInfoCredentialResolver) null, (EncryptedKeyResolver) null);
        decrypter.setRootInNewDocument(true);
        Assertion assertion = null;
        try {
            assertion = decrypter.decrypt(encryptedAssertion);
        } catch (DecryptionException e2) {
            fail("Error on decryption of EncryptedAssertion: " + e2);
        }
        assertNotNull("Decrypted Assertion was null", assertion);
        assertEquals(dom, assertion);
        try {
            new SignatureValidator(this.signingCred).validate(unmarshall.getSignature());
        } catch (ValidationException e3) {
            fail("Second Response signature validation failed");
        }
    }

    private Document getDOM(String str) throws XMLParserException {
        return parser.parse(DecryptionPlusSigningTest.class.getResourceAsStream(str));
    }
}
