/*
 * Copyright 2006 The Apache Software Foundation.
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 *
 */
/*
 * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
 */
package javax.xml.crypto.test.dsig;

import java.io.*;
import java.security.*;
import java.security.cert.Certificate;
import java.util.*;
import javax.xml.crypto.dsig.*;
import javax.xml.crypto.dsig.dom.*;
import javax.xml.crypto.dsig.keyinfo.*;
import javax.xml.crypto.dsig.spec.*;
import javax.xml.parsers.*;
import javax.xml.transform.*;
import javax.xml.transform.dom.*;
import javax.xml.transform.stream.*;
import org.w3c.dom.*;

import junit.framework.*;

import javax.xml.crypto.test.KeySelectors;

/**
 * Test that recreates merlin-xpath-filter2-three test vectors
 * but with different keys and X.509 data.
 *
 * @author Sean Mullan
 */
public class CreateInteropXFilter2Test extends TestCase {

    private XMLSignatureFactory fac;
    private KeyInfoFactory kifac;
    private DocumentBuilder db;
    private KeyStore ks;
    private Key signingKey;
    private PublicKey validatingKey;
    private Certificate signingCert;

    static {
        Security.insertProviderAt
            (new org.jcp.xml.dsig.internal.dom.XMLDSigRI(), 1);
    }

    public CreateInteropXFilter2Test(String name) {
        super(name);
    }

    public void setUp() throws Exception {
        fac = XMLSignatureFactory.getInstance
            ("DOM", new org.jcp.xml.dsig.internal.dom.XMLDSigRI());
        kifac = fac.getKeyInfoFactory();
        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
        dbf.setNamespaceAware(true);
        db = dbf.newDocumentBuilder();

        // get key & self-signed certificate from keystore
	String fs = System.getProperty("file.separator");
        FileInputStream fis = new FileInputStream
            (System.getProperty("basedir") + fs + "data" + fs + "test.jks");
        ks = KeyStore.getInstance("JKS");
        ks.load(fis, "changeit".toCharArray());
        signingKey = ks.getKey("mullan", "changeit".toCharArray());
        signingCert = ks.getCertificate("mullan");
        validatingKey = signingCert.getPublicKey();
    }

    public void test_create_sign_spec() throws Exception {
	List refs = new ArrayList(2);

	// create reference 1
	List types = new ArrayList(3);
	types.add(new XPathType(" //ToBeSigned ", XPathType.Filter.INTERSECT));
	types.add(new XPathType(" //NotToBeSigned ", XPathType.Filter.SUBTRACT));
	types.add(new XPathType(" //ReallyToBeSigned ", XPathType.Filter.UNION));
	XPathFilter2ParameterSpec xp1 = new XPathFilter2ParameterSpec(types);
	refs.add(fac.newReference
	    ("", fac.newDigestMethod(DigestMethod.SHA1, null),
	     Collections.singletonList(fac.newTransform(Transform.XPATH2, xp1)),
	     null, null));

	// create reference 2
	List trans2 = new ArrayList(2);
	trans2.add(fac.newTransform(Transform.ENVELOPED, 
	    (TransformParameterSpec) null));
	XPathFilter2ParameterSpec xp2 = new XPathFilter2ParameterSpec
	    (Collections.singletonList
		(new XPathType(" / ", XPathType.Filter.UNION)));
	trans2.add(fac.newTransform(Transform.XPATH2, xp2));
	refs.add(fac.newReference("#signature-value", 
	    fac.newDigestMethod(DigestMethod.SHA1, null), trans2, null, null));
		
        // create SignedInfo
        SignedInfo si = fac.newSignedInfo(
	    fac.newCanonicalizationMethod
	        (CanonicalizationMethod.INCLUSIVE, 
		 (C14NMethodParameterSpec) null),
	    fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null), refs);

	// create KeyInfo
	List kits = new ArrayList(2);
	kits.add(kifac.newKeyValue(validatingKey));
	List xds = new ArrayList(2);
	xds.add("CN=Sean Mullan, DC=sun, DC=com");
	xds.add(signingCert);
	kits.add(kifac.newX509Data(xds));
	KeyInfo ki = kifac.newKeyInfo(kits);

	// create XMLSignature
	XMLSignature sig = fac.newXMLSignature
	    (si, ki, null, null, "signature-value");

        Document doc = db.newDocument();
        Element tbs1 = doc.createElementNS(null, "ToBeSigned");
	Comment tbs1Com = doc.createComment(" comment ");
	Element tbs1Data = doc.createElementNS(null, "Data");
	Element tbs1ntbs = doc.createElementNS(null, "NotToBeSigned");
	Element tbs1rtbs = doc.createElementNS(null, "ReallyToBeSigned");
	Comment tbs1rtbsCom = doc.createComment(" comment ");
	Element tbs1rtbsData = doc.createElementNS(null, "Data");
	tbs1rtbs.appendChild(tbs1rtbsCom);
	tbs1rtbs.appendChild(tbs1rtbsData);
	tbs1ntbs.appendChild(tbs1rtbs);
	tbs1.appendChild(tbs1Com);
	tbs1.appendChild(tbs1Data);
	tbs1.appendChild(tbs1ntbs);

        Element tbs2 = doc.createElementNS(null, "ToBeSigned");
	Element tbs2Data = doc.createElementNS(null, "Data");
	Element tbs2ntbs = doc.createElementNS(null, "NotToBeSigned");
	Element tbs2ntbsData = doc.createElementNS(null, "Data");
	tbs2ntbs.appendChild(tbs2ntbsData);
	tbs2.appendChild(tbs2Data);
	tbs2.appendChild(tbs2ntbs);

	Element document = doc.createElementNS(null, "Document");
        document.appendChild(tbs1);
        document.appendChild(tbs2);
	doc.appendChild(document);

        DOMSignContext dsc = new DOMSignContext(signingKey, document);

        sig.sign(dsc);

//	dumpDocument(doc, new FileWriter("/tmp/foo.xml"));

        DOMValidateContext dvc = new DOMValidateContext
            (new KeySelectors.KeyValueKeySelector(), document.getLastChild());
        XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);

        assertTrue(sig.equals(sig2));

        assertTrue(sig2.validate(dvc));
    }

    private void dumpDocument(Document doc, Writer w) throws Exception {
        TransformerFactory tf = TransformerFactory.newInstance();
        Transformer trans = tf.newTransformer();
//      trans.setOutputProperty(OutputKeys.INDENT, "yes");
        trans.transform(new DOMSource(doc), new StreamResult(w));
    }
}