package net.ripe.rpki.commons.crypto.cms.ghostbuster;

import java.io.File;
import java.math.BigInteger;
import java.net.URI;
import java.security.KeyPair;
import javax.security.auth.x500.X500Principal;
import net.ripe.ipresource.IpResourceSet;
import net.ripe.rpki.commons.crypto.ValidityPeriod;
import net.ripe.rpki.commons.crypto.util.KeyPairFactoryTest;
import net.ripe.rpki.commons.crypto.x509cert.X509CertificateInformationAccessDescriptor;
import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificate;
import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificateBuilder;
import net.ripe.rpki.commons.validation.ValidationCheck;
import net.ripe.rpki.commons.validation.ValidationResult;
import org.apache.commons.io.FileUtils;
import org.joda.time.DateTime;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;

/* loaded from: input_file:net/ripe/rpki/commons/crypto/cms/ghostbuster/GhostbustersCmsParserTest.class */
public class GhostbustersCmsParserTest {
    private static final X500Principal TEST_DN = new X500Principal("CN=issuer");
    private static final KeyPair TEST_KEY_PAIR = KeyPairFactoryTest.TEST_KEY_PAIR;
    private static final URI TEST_ROA_LOCATION = URI.create("rsync://certificate/repository/filename.roa");
    private static final URI TEST_CA_LOCATION = URI.create("rsync://certificate/repository/ca.cer");
    private static final URI CRL_DP = URI.create("rsync://certificate/repository/filename.crl");
    private static final BigInteger ROA_CERT_SERIAL = BigInteger.TEN;

    @Test
    @Ignore("This GBR actually does not conform to the RFC")
    public void testShouldParseGoodGbr() throws Exception {
        byte[] readFileToByteArray = FileUtils.readFileToByteArray(new File("src/test/resources/conformance/root/goodRealGbrNothingIsWrong.gbr"));
        GhostbustersCmsParser ghostbustersCmsParser = new GhostbustersCmsParser();
        ghostbustersCmsParser.parse(ValidationResult.withLocation("test1.gbr"), readFileToByteArray);
        Assert.assertEquals("BEGIN:VCARD\r\nVERSION:3.0\r\nADR:;;5147 Crystal Springs Drive NE;Bainbridge Island;Washington;98110;Uni\r\n ted States\r\nEMAIL:randy@psg.com\r\nFN:Randy Bush\r\nN:;;;;\r\nORG:RGnet\\, LLC\r\nTEL:+1 206 356 8341\r\nEND:VCARD\r\n", ghostbustersCmsParser.getGhostbustersCms().getVCardContent());
    }

    @Test
    public void ghostbusters_record_must_have_vcard() {
        ValidationResult validatePayload = validatePayload("");
        Assert.assertTrue(validatePayload.hasFailures());
        Assert.assertEquals("ghostbusters.record.single.vcard", ((ValidationCheck) validatePayload.getFailuresForCurrentLocation().iterator().next()).getKey());
    }

    @Test
    public void ghostbusters_record_must_have_single_vcard() {
        ValidationResult validatePayload = validatePayload("BEGIN:VCARD\r\nEND:VCARD\r\nBEGIN:VCARD\nEND:VCARD\n");
        Assert.assertTrue(validatePayload.hasFailures());
        Assert.assertEquals("ghostbusters.record.single.vcard", ((ValidationCheck) validatePayload.getFailuresForCurrentLocation().iterator().next()).getKey());
    }

    private ValidationResult validatePayload(String str) {
        byte[] encoded = new GhostbustersCmsBuilder().withCertificate(createCertificate()).withVCardPayload(str).withSignatureProvider("SunRsaSign").getEncoded(TEST_KEY_PAIR.getPrivate());
        GhostbustersCmsParser ghostbustersCmsParser = new GhostbustersCmsParser();
        ValidationResult withLocation = ValidationResult.withLocation("test2.gbr");
        ghostbustersCmsParser.parse(withLocation, encoded);
        return withLocation;
    }

    @Test(expected = IllegalArgumentException.class)
    public void testShouldParseBadGbr() throws Exception {
        byte[] readFileToByteArray = FileUtils.readFileToByteArray(new File("src/test/resources/conformance/root/badGBRNotVCard.gbr"));
        GhostbustersCmsParser ghostbustersCmsParser = new GhostbustersCmsParser();
        ghostbustersCmsParser.parse(ValidationResult.withLocation("test2.gbr"), readFileToByteArray);
        ghostbustersCmsParser.getGhostbustersCms().getVCardContent();
    }

    private static X509ResourceCertificate createCertificate() {
        X509ResourceCertificateBuilder x509ResourceCertificateBuilder = new X509ResourceCertificateBuilder();
        x509ResourceCertificateBuilder.withCa(false).withIssuerDN(TEST_DN).withSubjectDN(TEST_DN).withSerial(ROA_CERT_SERIAL);
        x509ResourceCertificateBuilder.withPublicKey(TEST_KEY_PAIR.getPublic());
        x509ResourceCertificateBuilder.withSigningKeyPair(TEST_KEY_PAIR);
        x509ResourceCertificateBuilder.withValidityPeriod(new ValidityPeriod(new DateTime().minusMinutes(1), new DateTime().plusYears(1)));
        x509ResourceCertificateBuilder.withResources(IpResourceSet.ALL_PRIVATE_USE_RESOURCES);
        x509ResourceCertificateBuilder.withCrlDistributionPoints(new URI[]{CRL_DP});
        x509ResourceCertificateBuilder.withSubjectInformationAccess(new X509CertificateInformationAccessDescriptor[]{new X509CertificateInformationAccessDescriptor(X509CertificateInformationAccessDescriptor.ID_AD_SIGNED_OBJECT, TEST_ROA_LOCATION)});
        x509ResourceCertificateBuilder.withAuthorityInformationAccess(new X509CertificateInformationAccessDescriptor[]{new X509CertificateInformationAccessDescriptor(X509CertificateInformationAccessDescriptor.ID_CA_CA_ISSUERS, TEST_CA_LOCATION)});
        return x509ResourceCertificateBuilder.build();
    }
}
