package org.apache.xml.security.test.dom.signature;

import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.nio.charset.StandardCharsets;
import javax.crypto.SecretKey;
import org.apache.xml.security.Init;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.utils.XMLUtils;
import org.junit.Assert;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.class */
public class HMACOutputLengthTest {
    static Logger LOG = LoggerFactory.getLogger(HMACOutputLengthTest.class);
    private static final String BASEDIR;
    private static final String SEP;

    public HMACOutputLengthTest() throws Exception {
        Init.init();
    }

    @Test
    public void test_signature_enveloping_hmac_sha1_trunclen_0() throws Exception {
        try {
            validate("signature-enveloping-hmac-sha1-trunclen-0-attack.xml");
            Assert.fail("Expected HMACOutputLength exception");
        } catch (XMLSignatureException e) {
            if (e.getMsgID().equals("algorithms.HMACOutputLengthMin")) {
                return;
            }
            Assert.fail(e.getMessage());
        }
    }

    @Test
    public void test_signature_enveloping_hmac_sha1_trunclen_8() throws Exception {
        try {
            validate("signature-enveloping-hmac-sha1-trunclen-8-attack.xml");
        } catch (XMLSignatureException e) {
            if (e.getMsgID().equals("algorithms.HMACOutputLengthMin")) {
                return;
            }
            Assert.fail(e.getMessage());
        }
    }

    @Test
    public void test_generate_hmac_sha1_40() throws Exception {
        try {
            new XMLSignature(XMLUtils.newDocument(), (String) null, "http://www.w3.org/2000/09/xmldsig#hmac-sha1", 40, "http://www.w3.org/TR/2001/REC-xml-c14n-20010315").sign(getSecretKey("secret".getBytes(StandardCharsets.US_ASCII)));
            Assert.fail("Expected HMACOutputLength Exception");
        } catch (XMLSignatureException e) {
            if (e.getMsgID().equals("algorithms.HMACOutputLengthMin")) {
                return;
            }
            Assert.fail(e.getMessage());
        }
    }

    @Test
    public void testValidHMACOutputLength() throws Exception {
        Document newDocument = XMLUtils.newDocument();
        newDocument.appendChild(newDocument.createComment(" Comment before "));
        Element createElementNS = newDocument.createElementNS("", "RootElement");
        newDocument.appendChild(createElementNS);
        createElementNS.appendChild(newDocument.createTextNode("Some simple text\n"));
        XMLUtils.createElementInSignatureSpace(newDocument, "CanonicalizationMethod").setAttributeNS(null, "Algorithm", "http://www.w3.org/2001/10/xml-exc-c14n#");
        XMLSignature xMLSignature = new XMLSignature(newDocument, (String) null, "http://www.w3.org/2000/09/xmldsig#hmac-sha1", 160);
        createElementNS.appendChild(xMLSignature.getElement());
        newDocument.appendChild(newDocument.createComment(" Comment after "));
        Transforms transforms = new Transforms(newDocument);
        transforms.addTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
        transforms.addTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments");
        xMLSignature.addDocument("", transforms, "http://www.w3.org/2001/04/xmlenc#sha256");
        SecretKey createSecretKey = xMLSignature.createSecretKey("secret".getBytes(StandardCharsets.US_ASCII));
        xMLSignature.sign(createSecretKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        XMLUtils.outputDOMc14nWithComments(newDocument, byteArrayOutputStream);
        Assert.assertTrue(new String(byteArrayOutputStream.toByteArray()).contains("ds:HMACOutputLength>160</ds:HMACOutputLength>"));
        NodeList elementsByTagNameNS = newDocument.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new Exception("Couldn't find signature Element");
        }
        Assert.assertTrue(new XMLSignature((Element) elementsByTagNameNS.item(0), (String) null).checkSignatureValue(createSecretKey));
    }

    private boolean validate(String str) throws Exception {
        File file = new File(BASEDIR + SEP + "src/test/resources" + SEP + "javax" + SEP + "xml" + SEP + "crypto" + SEP + "dsig" + SEP, str);
        NodeList elementsByTagNameNS = XMLUtils.read(new FileInputStream(file), false).getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new Exception("Couldn't find signature Element");
        }
        XMLSignature xMLSignature = new XMLSignature((Element) elementsByTagNameNS.item(0), file.toURI().toString());
        return xMLSignature.checkSignatureValue(xMLSignature.createSecretKey("secret".getBytes(StandardCharsets.US_ASCII)));
    }

    private SecretKey getSecretKey(final byte[] bArr) {
        return new SecretKey() { // from class: org.apache.xml.security.test.dom.signature.HMACOutputLengthTest.1
            private static final long serialVersionUID = -6527915934685938837L;

            @Override // java.security.Key
            public String getFormat() {
                return "RAW";
            }

            @Override // java.security.Key
            public byte[] getEncoded() {
                return bArr;
            }

            @Override // java.security.Key
            public String getAlgorithm() {
                return "SECRET";
            }
        };
    }

    static {
        BASEDIR = System.getProperty("basedir") == null ? "./" : System.getProperty("basedir");
        SEP = System.getProperty("file.separator");
    }
}
