package org.nuxeo.ecm.core.blob.binary;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Collections;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.apache.commons.io.IOUtils;
import org.junit.Assert;
import org.junit.Test;
import org.nuxeo.ecm.core.api.NuxeoException;
import org.nuxeo.runtime.test.NXRuntimeTestCase;

/* loaded from: input_file:org/nuxeo/ecm/core/blob/binary/TestAESBinaryManager.class */
public class TestAESBinaryManager extends NXRuntimeTestCase {
    private static final String KEY_STORE_TYPE = "JCEKS";
    private static final String KEY_STORE_PASSWORD = "keystoresecret";
    private static final String KEY_ALIAS = "myaeskey";
    private static final String KEY_PASSWORD = "keysecret";
    private static final String CONTENT = "this is a file au café";
    private static final String CONTENT_MD5 = "d25ea4f4642073b7f218024d397dbaef";
    private static final String UTF8 = "UTF-8";

    @Test
    public void testEncryptDecryptWithPassword() throws Exception {
        AESBinaryManager aESBinaryManager = new AESBinaryManager();
        aESBinaryManager.digestAlgorithm = aESBinaryManager.getDefaultDigestAlgorithm();
        aESBinaryManager.initializeOptions(String.format("%s=%s", "password", "mypassword"));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Assert.assertEquals(CONTENT_MD5, aESBinaryManager.storeAndDigest(new ByteArrayInputStream(CONTENT.getBytes(UTF8)), byteArrayOutputStream));
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        aESBinaryManager.decrypt(new ByteArrayInputStream(byteArray), byteArrayOutputStream2);
        Assert.assertEquals(CONTENT, new String(byteArrayOutputStream2.toByteArray(), UTF8));
        aESBinaryManager.initializeOptions(String.format("%s=%s", "password", "badpassword"));
        ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
        try {
            aESBinaryManager.decrypt(new ByteArrayInputStream(byteArray), byteArrayOutputStream3);
            Assert.assertFalse(CONTENT.equals(new String(byteArrayOutputStream3.toByteArray(), UTF8)));
        } catch (NuxeoException e) {
            String message = e.getMessage();
            Assert.assertTrue(message, message.contains("Given final block not properly padded"));
        }
        aESBinaryManager.close();
    }

    @Test
    public void testEncryptDecryptWithKeyStore() throws Exception {
        File createTempFile = File.createTempFile("nuxeoKeyStore_", "");
        createTempFile.delete();
        createKeyStore(createTempFile);
        String format = String.format("%s=%s,%s=%s,%s=%s,%s=%s,%s=%s", "keyStoreType", KEY_STORE_TYPE, "keyStoreFile", createTempFile.getPath(), "keyStorePassword", KEY_STORE_PASSWORD, "keyAlias", KEY_ALIAS, "keyPassword", KEY_PASSWORD);
        AESBinaryManager aESBinaryManager = new AESBinaryManager();
        aESBinaryManager.digestAlgorithm = aESBinaryManager.getDefaultDigestAlgorithm();
        aESBinaryManager.initializeOptions(format);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Assert.assertEquals(CONTENT_MD5, aESBinaryManager.storeAndDigest(new ByteArrayInputStream(CONTENT.getBytes(UTF8)), byteArrayOutputStream));
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        aESBinaryManager.decrypt(new ByteArrayInputStream(byteArray), byteArrayOutputStream2);
        Assert.assertEquals(CONTENT, new String(byteArrayOutputStream2.toByteArray(), UTF8));
        aESBinaryManager.close();
    }

    protected void createKeyStore(File file) throws GeneralSecurityException, IOException {
        AESBinaryManager.setUnlimitedJCEPolicy();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        SecretKey generateKey = keyGenerator.generateKey();
        KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
        keyStore.load(null, null);
        keyStore.setKeyEntry(KEY_ALIAS, generateKey, KEY_PASSWORD.toCharArray(), null);
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        keyStore.store(fileOutputStream, KEY_STORE_PASSWORD.toCharArray());
        fileOutputStream.close();
    }

    @Test
    public void testAESBinaryManager() throws Exception {
        AESBinaryManager aESBinaryManager = new AESBinaryManager();
        aESBinaryManager.initialize("repo", Collections.singletonMap("key", String.format("%s=%s", "password", "mypassword")));
        Assert.assertNull(aESBinaryManager.getBinary(CONTENT_MD5));
        Binary binary = aESBinaryManager.getBinary(new ByteArrayInputStream(CONTENT.getBytes(UTF8)));
        Assert.assertNotNull(binary);
        Assert.assertEquals(CONTENT_MD5, binary.getDigest());
        Binary binary2 = aESBinaryManager.getBinary(CONTENT_MD5);
        Assert.assertNotNull(binary2);
        Assert.assertEquals(r0.length, binary2.getLength());
        InputStream stream = binary2.getStream();
        Throwable th = null;
        try {
            Assert.assertEquals(CONTENT, IOUtils.toString(stream, UTF8));
            if (stream != null) {
                if (0 != 0) {
                    try {
                        stream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    stream.close();
                }
            }
            aESBinaryManager.close();
        } catch (Throwable th3) {
            if (stream != null) {
                if (0 != 0) {
                    try {
                        stream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    stream.close();
                }
            }
            throw th3;
        }
    }
}
