package org.bitrepository.protocol.security;

import java.io.ByteArrayInputStream;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;
import org.jaccept.structure.ExtendedTestCase;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:org/bitrepository/protocol/security/CertificateIDTest.class */
public class CertificateIDTest extends ExtendedTestCase {
    @Test(groups = {"regressiontest"})
    public void positiveCertificateIdentificationTest() throws Exception {
        addDescription("Tests that a certificate can be identified based on the correct signature.");
        addStep("Create CertificateID object based on the certificate used to sign the data", "CertificateID object not null");
        Security.addProvider(new BouncyCastleProvider());
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(SecurityTestConstants.getPositiveCertificate().getBytes("UTF-8")));
        CertificateID certificateID = new CertificateID(x509Certificate.getIssuerX500Principal(), x509Certificate.getSerialNumber());
        addStep("Create CertificateID object based on signature", "Certificate object not null");
        SignerInformation signerInformation = (SignerInformation) new CMSSignedData(new CMSProcessableByteArray(SecurityTestConstants.getTestData().getBytes("UTF-8")), Base64.decode(SecurityTestConstants.getSignature().getBytes())).getSignerInfos().getSigners().iterator().next();
        CertificateID certificateID2 = new CertificateID(signerInformation.getSID().getIssuer(), signerInformation.getSID().getSerialNumber());
        addStep("Assert that the two CertificateID objects are equal", "Assert succeeds");
        Assert.assertEquals(certificateID, certificateID2);
    }

    @Test(groups = {"regressiontest"})
    public void negativeCertificateIdentificationTest() throws Exception {
        addDescription("Tests that a certificate is not identified based on a incorrect signature.");
        addStep("Create CertificateID object based on a certificate not used for signing the data", "CertificateID object not null");
        Security.addProvider(new BouncyCastleProvider());
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(SecurityTestConstants.getNegativeCertificate().getBytes("UTF-8")));
        CertificateID certificateID = new CertificateID(x509Certificate.getIssuerX500Principal(), x509Certificate.getSerialNumber());
        addStep("Create CertificateID object based on signature", "Certificate object not null");
        SignerInformation signerInformation = (SignerInformation) new CMSSignedData(new CMSProcessableByteArray(SecurityTestConstants.getTestData().getBytes("UTF-8")), Base64.decode(SecurityTestConstants.getSignature().getBytes())).getSignerInfos().getSigners().iterator().next();
        CertificateID certificateID2 = new CertificateID(signerInformation.getSID().getIssuer(), signerInformation.getSID().getSerialNumber());
        addStep("Assert that the two CertificateID objects are equal", "Assert succeeds");
        Assert.assertNotSame(certificateID, certificateID2);
    }
}
