package org.bouncycastle.tsp.test;

import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Date;
import junit.framework.TestCase;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.cms.jcajce.JcaSignerInfoVerifierBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.bouncycastle.tsp.TSPAlgorithms;
import org.bouncycastle.tsp.TimeStampRequestGenerator;
import org.bouncycastle.tsp.TimeStampResponse;
import org.bouncycastle.tsp.TimeStampResponseGenerator;
import org.bouncycastle.tsp.TimeStampToken;
import org.bouncycastle.tsp.TimeStampTokenGenerator;

/* loaded from: input_file:org/bouncycastle/tsp/test/PQCTSPTest.class */
public class PQCTSPTest extends TestCase {
    private static final String BC = "BC";

    public void setUp() {
        Security.addProvider(new BouncyCastleProvider());
    }

    public void testLMS() throws Exception {
        try {
            KeyPair generateKeyPair = KeyPairGenerator.getInstance("LMS", BC).generateKeyPair();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            PublicKey publicKey = generateKeyPair.getPublic();
            ContentSigner build = new JcaContentSignerBuilder("LMS").setProvider(BC).build(privateKey);
            JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(new X500Name("CN=Test"), BigInteger.valueOf(1L), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), new X500Name("CN=Test"), publicKey);
            jcaX509v3CertificateBuilder.addExtension(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(KeyPurposeId.id_kp_timeStamping));
            X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(jcaX509v3CertificateBuilder.build(build));
            TimeStampToken timeStampToken = new TimeStampResponse(new TimeStampResponseGenerator(new TimeStampTokenGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()).setContentDigest(new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_512)).build(new JcaContentSignerBuilder("LMS").setProvider(BC).build(privateKey), certificate), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2")), TSPAlgorithms.ALLOWED).generate(new TimeStampRequestGenerator().generate(TSPAlgorithms.SHA3_512, new byte[64], BigInteger.valueOf(100L)), new BigInteger("23"), new Date()).getEncoded()).getTimeStampToken();
            timeStampToken.validate(new JcaSignerInfoVerifierBuilder(new JcaDigestCalculatorProviderBuilder().build()).setProvider(BC).build(certificate));
            assertNotNull("no signingCertificate attribute found", timeStampToken.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificate));
        } catch (Exception e) {
            fail("error setting up keys - " + e);
        }
    }

    public void testSPHINCSPlus() throws Exception {
        try {
            KeyPair generateKeyPair = KeyPairGenerator.getInstance("SPHINCS+", BC).generateKeyPair();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            PublicKey publicKey = generateKeyPair.getPublic();
            ContentSigner build = new JcaContentSignerBuilder("SPHINCS+").setProvider(BC).build(privateKey);
            JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(new X500Name("CN=Test"), BigInteger.valueOf(1L), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), new X500Name("CN=Test"), publicKey);
            jcaX509v3CertificateBuilder.addExtension(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(KeyPurposeId.id_kp_timeStamping));
            X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(jcaX509v3CertificateBuilder.build(build));
            TimeStampToken timeStampToken = new TimeStampResponse(new TimeStampResponseGenerator(new TimeStampTokenGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()).setContentDigest(new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_256)).build(new JcaContentSignerBuilder("SPHINCS+").setProvider(BC).build(privateKey), certificate), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2")), TSPAlgorithms.ALLOWED).generate(new TimeStampRequestGenerator().generate(TSPAlgorithms.SHA3_256, new byte[32], BigInteger.valueOf(100L)), new BigInteger("23"), new Date()).getEncoded()).getTimeStampToken();
            timeStampToken.validate(new JcaSignerInfoVerifierBuilder(new JcaDigestCalculatorProviderBuilder().build()).setProvider(BC).build(certificate));
            assertNotNull("no signingCertificate attribute found", timeStampToken.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificate));
        } catch (Exception e) {
            fail("error setting up keys - " + e);
        }
    }
}
