package org.opensaml.saml.saml2.encryption;

import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
import org.opensaml.core.xml.XMLObjectBaseTestCase;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.Attribute;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.NewID;
import org.opensaml.security.credential.BasicCredential;
import org.opensaml.security.credential.Credential;
import org.opensaml.xmlsec.algorithm.AlgorithmSupport;
import org.opensaml.xmlsec.encryption.support.DataEncryptionParameters;
import org.opensaml.xmlsec.encryption.support.DecryptionException;
import org.opensaml.xmlsec.encryption.support.EncryptedKeyResolver;
import org.opensaml.xmlsec.encryption.support.EncryptionException;
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import org.w3c.dom.Document;

/* loaded from: input_file:org/opensaml/saml/saml2/encryption/SimpleDecryptionTest.class */
public class SimpleDecryptionTest extends XMLObjectBaseTestCase {
    private KeyInfoCredentialResolver keyResolver;
    private String encURI = "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
    private DataEncryptionParameters encParams;
    private Encrypter encrypter;

    @BeforeMethod
    protected void setUp() throws Exception {
        Credential generateSymmetricKeyAndCredential = AlgorithmSupport.generateSymmetricKeyAndCredential(this.encURI);
        generateSymmetricKeyAndCredential.getSecretKey();
        this.keyResolver = new StaticKeyInfoCredentialResolver(generateSymmetricKeyAndCredential);
        this.encParams = new DataEncryptionParameters();
        this.encParams.setAlgorithm(this.encURI);
        this.encParams.setEncryptionCredential(generateSymmetricKeyAndCredential);
        this.encrypter = new Encrypter(this.encParams);
    }

    @Test
    public void testEncryptedAssertion() throws XMLParserException, EncryptionException {
        Document dom = getDOM("/org/opensaml/saml/saml2/encryption/Assertion.xml");
        Assertion assertion = null;
        try {
            assertion = new Decrypter(this.keyResolver, (KeyInfoCredentialResolver) null, (EncryptedKeyResolver) null).decrypt(this.encrypter.encrypt(unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml")));
        } catch (DecryptionException e) {
            Assert.fail("Error on decryption of encrypted SAML 2 type to element: " + e);
        }
        Assert.assertNotNull(assertion, "Decrypted target was null");
        Assert.assertTrue(assertion instanceof Assertion, "Decrypted target was not the expected type");
        assertXMLEquals(dom, assertion);
    }

    @Test
    public void testEncryptedAssertionAsID() throws XMLParserException, EncryptionException {
        Document dom = getDOM("/org/opensaml/saml/saml2/encryption/Assertion.xml");
        SAMLObject sAMLObject = null;
        try {
            sAMLObject = new Decrypter(this.keyResolver, (KeyInfoCredentialResolver) null, (EncryptedKeyResolver) null).decrypt(this.encrypter.encryptAsID(unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml")));
        } catch (DecryptionException e) {
            Assert.fail("Error on decryption of encrypted SAML 2 type to element: " + e);
        }
        Assert.assertNotNull(sAMLObject, "Decrypted target was null");
        Assert.assertTrue(sAMLObject instanceof Assertion, "Decrypted target was not the expected type");
        assertXMLEquals(dom, sAMLObject);
    }

    @Test
    public void testEncryptedNameID() throws XMLParserException, EncryptionException {
        Document dom = getDOM("/org/opensaml/saml/saml2/encryption/NameID.xml");
        SAMLObject sAMLObject = null;
        try {
            sAMLObject = new Decrypter(this.keyResolver, (KeyInfoCredentialResolver) null, (EncryptedKeyResolver) null).decrypt(this.encrypter.encrypt(unmarshallElement("/org/opensaml/saml/saml2/encryption/NameID.xml")));
        } catch (DecryptionException e) {
            Assert.fail("Error on decryption of encrypted SAML 2 type to element: " + e);
        }
        Assert.assertNotNull(sAMLObject, "Decrypted target was null");
        Assert.assertTrue(sAMLObject instanceof NameID, "Decrypted target was not the expected type");
        assertXMLEquals(dom, sAMLObject);
    }

    @Test
    public void testEncryptedNewID() throws XMLParserException, EncryptionException {
        Document dom = getDOM("/org/opensaml/saml/saml2/encryption/NewID.xml");
        NewID newID = null;
        try {
            newID = new Decrypter(this.keyResolver, (KeyInfoCredentialResolver) null, (EncryptedKeyResolver) null).decrypt(this.encrypter.encrypt(unmarshallElement("/org/opensaml/saml/saml2/encryption/NewID.xml")));
        } catch (DecryptionException e) {
            Assert.fail("Error on decryption of encrypted SAML 2 type to element: " + e);
        }
        Assert.assertNotNull(newID, "Decrypted target was null");
        Assert.assertTrue(newID instanceof NewID, "Decrypted target was not the expected type");
        assertXMLEquals(dom, newID);
    }

    @Test
    public void testEncryptedAttribute() throws XMLParserException, EncryptionException {
        Document dom = getDOM("/org/opensaml/saml/saml2/encryption/Attribute.xml");
        Attribute attribute = null;
        try {
            attribute = new Decrypter(this.keyResolver, (KeyInfoCredentialResolver) null, (EncryptedKeyResolver) null).decrypt(this.encrypter.encrypt(unmarshallElement("/org/opensaml/saml/saml2/encryption/Attribute.xml")));
        } catch (DecryptionException e) {
            Assert.fail("Error on decryption of encrypted SAML 2 type to element: " + e);
        }
        Assert.assertNotNull(attribute, "Decrypted target was null");
        Assert.assertTrue(attribute instanceof Attribute, "Decrypted target was not the expected type");
        assertXMLEquals(dom, attribute);
    }

    @Test
    public void testErrorInvalidDataDecryptionKey() throws XMLParserException, EncryptionException, NoSuchAlgorithmException, NoSuchProviderException, KeyException {
        StaticKeyInfoCredentialResolver staticKeyInfoCredentialResolver = new StaticKeyInfoCredentialResolver(new BasicCredential(AlgorithmSupport.generateSymmetricKey(this.encURI)));
        try {
            new Decrypter(staticKeyInfoCredentialResolver, (KeyInfoCredentialResolver) null, (EncryptedKeyResolver) null).decrypt(this.encrypter.encrypt(unmarshallElement("/org/opensaml/saml/saml2/encryption/Assertion.xml")));
            Assert.fail("Decryption should have failed due to bad decryption key");
        } catch (DecryptionException e) {
        }
    }

    private Document getDOM(String str) throws XMLParserException {
        return parserPool.parse(SimpleDecryptionTest.class.getResourceAsStream(str));
    }
}
