package be.ehealth.technicalconnector.service.kgss;

import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.exception.UnsealConnectorException;
import be.ehealth.technicalconnector.service.ServiceFactory;
import be.ehealth.technicalconnector.service.keydepot.KeyDepotManager;
import be.ehealth.technicalconnector.service.keydepot.KeyDepotManagerFactory;
import be.ehealth.technicalconnector.service.sts.security.KeyStoreInfo;
import be.ehealth.technicalconnector.service.sts.security.impl.KeyStoreCredential;
import be.ehealth.technicalconnector.session.Session;
import be.ehealth.technicalconnector.utils.ConnectorExceptionUtils;
import be.ehealth.technicalconnector.utils.ConnectorXmlUtils;
import be.ehealth.technicalconnector.utils.IdentifierType;
import be.ehealth.technicalconnector.utils.KeyStoreManager;
import be.fgov.ehealth.etee.crypto.utils.KeyManager;
import be.fgov.ehealth.etee.kgss._1_0.protocol.CredentialType;
import be.fgov.ehealth.etee.kgss._1_0.protocol.GetKeyRequestContent;
import be.fgov.ehealth.etee.kgss._1_0.protocol.GetKeyResponseContent;
import be.fgov.ehealth.etee.kgss._1_0.protocol.GetNewKeyRequestContent;
import be.fgov.ehealth.etee.kgss._1_0.protocol.GetNewKeyResponseContent;
import be.fgov.ehealth.technicalconnector.tests.junit.rule.SessionRule;
import java.util.Map;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.Test;

/* loaded from: input_file:be/ehealth/technicalconnector/service/kgss/KGSServiceIntegrationTest.class */
public class KGSServiceIntegrationTest {

    @ClassRule
    public static SessionRule rule = SessionRule.withActiveSession().build();
    private String keystoreLocation = rule.getSessionProperty("test.keystore.location");
    private String keystoreAlias = rule.getSessionProperty("test.keystore.alias");
    private String keystorePassword = rule.getSessionProperty("test.keystore.password");

    @Test
    public void testGetNewKey() throws Exception {
        GetNewKeyResponseContent retrieveResponseForTest = retrieveResponseForTest();
        Assert.assertNotNull(retrieveResponseForTest);
        Assert.assertNotNull(retrieveResponseForTest.getNewKeyIdentifier());
    }

    @Test
    public void testGetNewKeyWithoutEtk() throws Exception {
        GetNewKeyResponseContent retrieveResponseForTest = retrieveResponseForTest();
        Assert.assertNotNull(retrieveResponseForTest);
        Assert.assertNotNull(retrieveResponseForTest.getNewKeyIdentifier());
    }

    private GetNewKeyResponseContent retrieveResponseForTest() throws Exception {
        GetNewKeyRequestContent getNewKeyRequestContent = new GetNewKeyRequestContent();
        getNewKeyRequestContent.setETK(KeyDepotManagerFactory.getKeyDepotManager().getETK(KeyDepotManager.EncryptionTokenType.HOLDER_OF_KEY).getEncoded());
        CredentialType credentialType = new CredentialType();
        credentialType.setNamespace(rule.getSessionProperty("test.kgss.ns"));
        credentialType.setName(rule.getSessionProperty("test.kgss.name"));
        credentialType.getValues().add(rule.getSessionProperty("test.kgss.value"));
        getNewKeyRequestContent.getAllowedReaders().add(credentialType);
        ConnectorXmlUtils.dump(getNewKeyRequestContent);
        return (GetNewKeyResponseContent) invoke(getNewKeyRequestContent, GetNewKeyResponseContent.class);
    }

    private <T> T invoke(Object obj, Class<T> cls) throws Exception {
        KeyStoreCredential keyStoreCredential = new KeyStoreCredential(this.keystoreLocation, this.keystoreAlias, this.keystorePassword);
        KeyStoreCredential keyStoreCredential2 = new KeyStoreCredential(this.keystoreLocation, this.keystoreAlias, this.keystorePassword);
        byte[] kgssEtk = getKgssEtk();
        KeyStoreInfo keyStoreInfo = new KeyStoreInfo(this.keystoreLocation, this.keystorePassword.toCharArray(), this.keystoreAlias, this.keystorePassword.toCharArray());
        Map decryptionKeys = KeyManager.getDecryptionKeys(new KeyStoreManager(keyStoreInfo.getKeystorePath(), keyStoreInfo.getKeystorePassword()).getKeyStore(), keyStoreInfo.getKeystorePassword());
        KgssService kgssService = ServiceFactory.getKgssService();
        if (obj instanceof GetNewKeyRequestContent) {
            return (T) kgssService.getNewKey((GetNewKeyRequestContent) obj, keyStoreCredential, decryptionKeys, kgssEtk);
        }
        if (!(obj instanceof GetKeyRequestContent)) {
            return null;
        }
        return (T) kgssService.getKey((GetKeyRequestContent) obj, keyStoreCredential, keyStoreCredential2, Session.getInstance().getSession().getSAMLToken().getAssertion(), decryptionKeys, kgssEtk);
    }

    @Test
    public void testGetKeyWithEtk() throws Exception {
        testGetKey(true);
    }

    @Test
    public void testGetKeyWithSymmKey() throws Exception {
        try {
            testGetKey(false);
        } catch (UnsealConnectorException e) {
            ConnectorExceptionUtils.processUnsealConnectorException(e, new String[0]);
        }
    }

    private void testGetKey(boolean z) throws Exception {
        byte[] newKeyIdentifier = retrieveResponseForTest().getNewKeyIdentifier();
        GetKeyRequestContent getKeyRequestContent = new GetKeyRequestContent();
        if (z) {
            getKeyRequestContent.setETK(KeyDepotManagerFactory.getKeyDepotManager().getETK(KeyDepotManager.EncryptionTokenType.HOLDER_OF_KEY).getEncoded());
        }
        getKeyRequestContent.setKeyIdentifier(newKeyIdentifier);
        Assert.assertNotNull(((GetKeyResponseContent) invoke(getKeyRequestContent, GetKeyResponseContent.class)).getKey());
    }

    private byte[] getKgssEtk() throws TechnicalConnectorException {
        return KeyDepotManagerFactory.getKeyDepotManager().getEtk(IdentifierType.lookup("CBE", (String) null, 48), Long.valueOf("0809394427"), "KGSS").getEncoded();
    }
}
