package net.trajano.openidconnect.crypto.test;

import java.io.InputStream;
import java.lang.annotation.Annotation;
import java.lang.reflect.Type;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import net.trajano.openidconnect.crypto.Encoding;
import net.trajano.openidconnect.crypto.JoseHeader;
import net.trajano.openidconnect.crypto.JsonWebAlgorithm;
import net.trajano.openidconnect.crypto.JsonWebKey;
import net.trajano.openidconnect.rs.JsonWebKeyProvider;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:net/trajano/openidconnect/crypto/test/JweTest.class */
public class JweTest {
    private static final String RSA_OAEP_JCA = "RSA/ECB/OAEPWithSHA-1AndMGF1Padding";
    private byte[] aad;
    private byte[] cek;
    private byte[] iv;
    private JsonWebKey privateJwk;
    private JsonWebKey publicJwk;
    final String decoded = "The true sign of intelligence is not knowledge but imagination.";
    private String joseHeader = "{\"alg\":\"RSA-OAEP\",\"enc\":\"A256GCM\"}";
    final String jwe = "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.OKOawDo13gRp2ojaHV7LFpZcgV7T6DVZKTyKOMTYUmKoTCVJRgckCL9kiMT03JGeipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-StnImGyFDbSv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp5XnZAYpQdb76FdIKLaVmqgfwX7XWRxv2322i-vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je81860ppamavo35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi6UklfCpIMfIjf7iGdXKHzg.48V1_ALb6US04U3b.5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A.XFBoMYUZodetZdvTiFvSkQ";

    @Before
    public void setKeys() throws Exception {
        int[] iArr = {177, 161, 244, 128, 84, 143, 225, 115, 63, 180, 3, 255, 107, 154, 212, 246, 138, 7, 110, 91, 112, 46, 34, 105, 47, 130, 203, 46, 122, 234, 64, 252};
        this.cek = new byte[iArr.length];
        for (int i = 0; i < iArr.length; i++) {
            this.cek[i] = (byte) iArr[i];
        }
        int[] iArr2 = {227, 197, 117, 252, 2, 219, 233, 68, 180, 225, 77, 219};
        this.iv = new byte[iArr2.length];
        for (int i2 = 0; i2 < iArr2.length; i2++) {
            this.iv[i2] = (byte) iArr2[i2];
        }
        int[] iArr3 = {101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 48, 69, 116, 84, 48, 70, 70, 85, 67, 73, 115, 73, 109, 86, 117, 89, 121, 73, 54, 73, 107, 69, 121, 78, 84, 90, 72, 81, 48, 48, 105, 102, 81};
        this.aad = new byte[iArr3.length];
        for (int i3 = 0; i3 < iArr3.length; i3++) {
            this.aad[i3] = (byte) iArr3[i3];
        }
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("appendix.A.1.3.jwk");
        JsonWebKeyProvider jsonWebKeyProvider = new JsonWebKeyProvider();
        jsonWebKeyProvider.isReadable(JsonWebKey.class, (Type) null, (Annotation[]) null, (MediaType) null);
        this.privateJwk = jsonWebKeyProvider.readFrom(JsonWebKey.class, (Type) null, (Annotation[]) null, (MediaType) null, (MultivaluedMap) null, resourceAsStream);
        resourceAsStream.close();
        InputStream resourceAsStream2 = Thread.currentThread().getContextClassLoader().getResourceAsStream("appendix.A.1.3.pub");
        JsonWebKeyProvider jsonWebKeyProvider2 = new JsonWebKeyProvider();
        jsonWebKeyProvider2.isReadable(JsonWebKey.class, (Type) null, (Annotation[]) null, (MediaType) null);
        this.publicJwk = jsonWebKeyProvider2.readFrom(JsonWebKey.class, (Type) null, (Annotation[]) null, (MediaType) null, (MultivaluedMap) null, resourceAsStream2);
        resourceAsStream2.close();
    }

    @Test
    public void testBuildJoseHeader() throws Exception {
        JoseHeader joseHeader = new JoseHeader();
        joseHeader.setAlg("RSA-OAEP");
        joseHeader.setEnc("A256GCM");
        Assert.assertEquals(this.joseHeader, joseHeader.toString());
    }

    @Test
    public void testCekEncryptDecryptWithProvidedKey() throws Exception {
        byte[] base64urlDecode = Encoding.base64urlDecode("OKOawDo13gRp2ojaHV7LFpZcgV7T6DVZKTyKOMTYUmKoTCVJRgckCL9kiMT03JGeipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-StnImGyFDbSv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp5XnZAYpQdb76FdIKLaVmqgfwX7XWRxv2322i-vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je81860ppamavo35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi6UklfCpIMfIjf7iGdXKHzg");
        Cipher cipher = Cipher.getInstance(RSA_OAEP_JCA);
        cipher.init(2, this.privateJwk.toJcaKey());
        Assert.assertArrayEquals(this.cek, cipher.doFinal(base64urlDecode));
    }

    @Test
    public void testDecryptJweExampleFromSpec() throws Exception {
        try {
            Assert.assertEquals("The true sign of intelligence is not knowledge but imagination.", new String(JWE.decrypt("eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.OKOawDo13gRp2ojaHV7LFpZcgV7T6DVZKTyKOMTYUmKoTCVJRgckCL9kiMT03JGeipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-StnImGyFDbSv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp5XnZAYpQdb76FdIKLaVmqgfwX7XWRxv2322i-vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je81860ppamavo35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi6UklfCpIMfIjf7iGdXKHzg.48V1_ALb6US04U3b.5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A.XFBoMYUZodetZdvTiFvSkQ", this.privateJwk)));
        } catch (NoSuchAlgorithmException e) {
            System.out.println(e + " ignoring.");
        }
    }

    @Test
    public void testEncryptDecryptJweExampleFromSpec() throws Exception {
        if (Arrays.asList(JsonWebAlgorithm.getEncAlgorithms()).contains("A256GCM")) {
            Assert.assertEquals("The true sign of intelligence is not knowledge but imagination.", new String(JWE.decrypt(JWE.encrypt("The true sign of intelligence is not knowledge but imagination.".getBytes(), this.publicJwk, "RSA-OAEP", "A256GCM"), this.privateJwk)));
        } else {
            System.out.println("A256GCM is not supported ignoring.");
        }
    }

    @Test
    public void testExampleWithCompressionComparison() throws Exception {
        byte[] bytes = "atarashii kaze ga fuite, warattari, naitari, utatte mitari, atarashii kaze ga fuite, warattari, naitari, utatte mitari, atarashii kaze ga fuite, warattari, naitari, utatte mitari".getBytes();
        Assert.assertTrue(JWE.encrypt(bytes, this.publicJwk, "RSA-OAEP", "A128CBC", true).length() < JWE.encrypt(bytes, this.publicJwk, "RSA-OAEP", "A128CBC", false).length());
    }

    @Test
    public void testJweExampleFromSpecJweAssembly() throws Exception {
        Cipher cipher = Cipher.getInstance(RSA_OAEP_JCA);
        cipher.init(1, this.publicJwk.toJcaKey());
        cipher.doFinal(this.cek);
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, this.iv);
        try {
            Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
            cipher2.init(1, new SecretKeySpec(this.cek, "AES"), gCMParameterSpec);
            cipher2.updateAAD(this.aad);
            byte[] doFinal = cipher2.doFinal("The true sign of intelligence is not knowledge but imagination.".getBytes());
            String base64urlEncode = Encoding.base64urlEncode(doFinal, 0, doFinal.length - 16);
            String base64urlEncode2 = Encoding.base64urlEncode(doFinal, doFinal.length - 16, 16);
            Assert.assertEquals("5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A", base64urlEncode);
            Assert.assertEquals("XFBoMYUZodetZdvTiFvSkQ", base64urlEncode2);
        } catch (NoSuchAlgorithmException e) {
            System.out.println(e + " ignored");
        }
    }

    @Test
    public void testKeyEncodings() {
        Assert.assertEquals("eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ", Encoding.base64urlEncode(this.joseHeader));
        Assert.assertEquals("48V1_ALb6US04U3b", Encoding.base64urlEncode(this.iv));
    }

    @Test
    public void testRandomExample() throws Exception {
        Assert.assertEquals("Live long and prosper.", new String(JWE.decrypt(JWE.encrypt("Live long and prosper.".getBytes(), this.publicJwk, "RSA-OAEP", "A128CBC"), this.privateJwk)));
    }

    @Test
    public void testRandomExample2() throws Exception {
        Assert.assertEquals("Live long and prosper.", new String(JWE.decrypt(JWE.encrypt("Live long and prosper.".getBytes(), this.publicJwk, "RSA1_5", "A128CBC"), this.privateJwk)));
    }

    @Test
    public void testRandomExampleWithCompression() throws Exception {
        Assert.assertEquals("Live long and prosper.", new String(JWE.decrypt(JWE.encrypt("Live long and prosper.".getBytes(), this.publicJwk, "RSA-OAEP", "A128CBC", true), this.privateJwk)));
    }

    @Test
    public void testReallyLongExample() throws Exception {
        byte[] bArr = new byte[204080];
        new Random().nextBytes(bArr);
        Assert.assertArrayEquals(bArr, JWE.decrypt(JWE.encrypt(bArr, this.publicJwk, "RSA-OAEP", "A128CBC"), this.privateJwk));
    }

    @Test
    public void testReallyLongExampleWithCompression() throws Exception {
        byte[] bArr = new byte[204080];
        new Random().nextBytes(bArr);
        Assert.assertArrayEquals(bArr, JWE.decrypt(JWE.encrypt(bArr, this.publicJwk, "RSA-OAEP", "A128CBC", true), this.privateJwk));
    }

    @Test
    public void testRsaPrivateKey() throws Exception {
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("appendix.A.1.3.jwk");
        JsonWebKeyProvider jsonWebKeyProvider = new JsonWebKeyProvider();
        jsonWebKeyProvider.isReadable(JsonWebKey.class, (Type) null, (Annotation[]) null, (MediaType) null);
        JsonWebKey readFrom = jsonWebKeyProvider.readFrom(JsonWebKey.class, (Type) null, (Annotation[]) null, (MediaType) null, (MultivaluedMap) null, resourceAsStream);
        resourceAsStream.close();
        Assert.assertNotNull((RSAPrivateKey) readFrom.toJcaKey());
    }

    @Test
    public void testRsaPublicKey() throws Exception {
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("appendix.A.1.3.pub");
        JsonWebKeyProvider jsonWebKeyProvider = new JsonWebKeyProvider();
        jsonWebKeyProvider.isReadable(JsonWebKey.class, (Type) null, (Annotation[]) null, (MediaType) null);
        JsonWebKey readFrom = jsonWebKeyProvider.readFrom(JsonWebKey.class, (Type) null, (Annotation[]) null, (MediaType) null, (MultivaluedMap) null, resourceAsStream);
        resourceAsStream.close();
        Assert.assertNotNull((RSAPublicKey) readFrom.toJcaKey());
    }
}
