package ca.uhn.hl7v2.hoh.sign;

import ca.uhn.hl7v2.hoh.util.repackage.Base64;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import org.junit.Assert;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ca/uhn/hl7v2/hoh/sign/BouncyCastleCmsMessageSignerTest.class */
public class BouncyCastleCmsMessageSignerTest {
    private static final String HELLO_WORLD = "HELLO WORLD!!!!!aa";
    private static final Logger ourLog = LoggerFactory.getLogger(BouncyCastleCmsMessageSignerTest.class);

    @Test
    public void testSignAndVerify() throws Exception {
        String sign = createSigner().sign(HELLO_WORLD.getBytes(Base64.CharEncoding.US_ASCII));
        ourLog.info("Signed ({} bytes): {}", Integer.valueOf(sign.length()), sign);
        createVerifier().verify(HELLO_WORLD.getBytes(Base64.CharEncoding.US_ASCII), sign);
    }

    public static BouncyCastleCmsMessageSigner createVerifier() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        BouncyCastleCmsMessageSigner bouncyCastleCmsMessageSigner = new BouncyCastleCmsMessageSigner();
        bouncyCastleCmsMessageSigner.setKeyStore(loadTrustStore());
        bouncyCastleCmsMessageSigner.setKeyAlias(getKeystoreKeyAlias());
        bouncyCastleCmsMessageSigner.setAliasPassword(getKeystoreKeyAliasPassword());
        return bouncyCastleCmsMessageSigner;
    }

    public static BouncyCastleCmsMessageSigner createSigner() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        BouncyCastleCmsMessageSigner bouncyCastleCmsMessageSigner = new BouncyCastleCmsMessageSigner();
        bouncyCastleCmsMessageSigner.setKeyStore(getKeystore());
        bouncyCastleCmsMessageSigner.setKeyAlias(getKeystoreKeyAlias());
        bouncyCastleCmsMessageSigner.setAliasPassword(getKeystoreKeyAliasPassword());
        return bouncyCastleCmsMessageSigner;
    }

    private static KeyStore loadTrustStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(BouncyCastleCmsMessageSignerTest.class.getResourceAsStream("/truststore.jks"), getKeystoreKeyAliasPassword().toCharArray());
        return keyStore;
    }

    private static String getKeystoreKeyAliasPassword() {
        return "changeit";
    }

    private static String getKeystoreKeyAlias() {
        return "testcert";
    }

    private static KeyStore getKeystore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(BouncyCastleCmsMessageSignerTest.class.getResourceAsStream("/keystore.jks"), getKeystoreKeyAliasPassword().toCharArray());
        return keyStore;
    }

    @Test
    public void testTryToSignWithPublicKey() throws Exception {
        BouncyCastleCmsMessageSigner createSigner = createSigner();
        createSigner.setKeyStore(loadTrustStore());
        try {
            createSigner.sign(HELLO_WORLD.getBytes(Base64.CharEncoding.US_ASCII));
            Assert.fail();
        } catch (SignatureFailureException e) {
            Assert.assertTrue(e.toString(), e.getMessage().contains("Key is not a private key: "));
        }
    }

    @Test
    public void testSignAndVerifyStringChanged() throws Exception {
        String sign = createSigner().sign(HELLO_WORLD.getBytes(Base64.CharEncoding.US_ASCII));
        ourLog.info("Signed ({} bytes): {}", Integer.valueOf(sign.length()), sign);
        try {
            createVerifier().verify("HELLO WORLD....".getBytes(Base64.CharEncoding.US_ASCII), sign);
            Assert.fail();
        } catch (SignatureVerificationException e) {
        }
    }
}
