package org.eclipse.californium.elements.util;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.hamcrest.CoreMatchers;
import org.hamcrest.Matchers;
import org.hamcrest.core.IsNull;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/eclipse/californium/elements/util/SslContextUtilTrustTest.class */
public class SslContextUtilTrustTest {
    public static final String TRUST_STORE_PASSWORD_HEX = "726F6F7450617373";
    public static final String TRUST_STORE_LOCATION = "classpath://certs/trustStore.jks";
    public static final String TRUST_P12_LOCATION = "classpath://certs/trustStore.p12";
    public static final String TRUST_PEM_LOCATION = "classpath://certs/trustStore.pem";
    public static final String ALIAS_CA = "ca";
    public static final String ALIAS_MISSING = "missing";
    public static final String DN_CA = "C=CA, L=Ottawa, O=Eclipse IoT, OU=Californium, CN=cf-ca";
    public static final String DN_CA2 = "C=CA, L=Ottawa, O=Eclipse IoT, OU=Californium, CN=cf-ca2";
    public static final String DN_CA_RSA = "C=CA, L=Ottawa, O=Eclipse IoT, OU=Californium, CN=cf-ca-rsa";
    public static final String DN_ROOT = "C=CA, L=Ottawa, O=Eclipse IoT, OU=Californium, CN=cf-root";
    public static final char[] TRUST_STORE_PASSWORD = "rootPass".toCharArray();
    public static final char[] TRUST_STORE_WRONG_PASSWORD = "wrongPass".toCharArray();

    @Test
    public void testLoadTrustedCertificates() throws IOException, GeneralSecurityException {
        Certificate[] loadTrustedCertificates = SslContextUtil.loadTrustedCertificates(TRUST_STORE_LOCATION, (String) null, TRUST_STORE_PASSWORD);
        Assert.assertThat(loadTrustedCertificates, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustedCertificates.length), CoreMatchers.is(5));
        Assert.assertThat(loadTrustedCertificates[0], CoreMatchers.is(Matchers.instanceOf(X509Certificate.class)));
        Assert.assertThat(loadTrustedCertificates[0].getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(((X509Certificate) loadTrustedCertificates[0]).getSubjectDN().getName(), CoreMatchers.anyOf(CoreMatchers.is(DN_CA), CoreMatchers.is(DN_CA2), CoreMatchers.is(DN_CA_RSA), CoreMatchers.is(DN_ROOT)));
    }

    @Test
    public void testLoadFilteredTrustedCertificates() throws IOException, GeneralSecurityException {
        Certificate[] loadTrustedCertificates = SslContextUtil.loadTrustedCertificates(TRUST_STORE_LOCATION, "ca", TRUST_STORE_PASSWORD);
        Assert.assertThat(loadTrustedCertificates, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustedCertificates.length), CoreMatchers.is(1));
        Assert.assertThat(loadTrustedCertificates[0], CoreMatchers.is(Matchers.instanceOf(X509Certificate.class)));
        Assert.assertThat(((X509Certificate) loadTrustedCertificates[0]).getSubjectDN().getName(), CoreMatchers.is(DN_CA));
    }

    @Test(expected = IllegalArgumentException.class)
    public void testLoadFilteredTrustedCertificatesNotFound() throws IOException, GeneralSecurityException {
        SslContextUtil.loadTrustedCertificates(TRUST_STORE_LOCATION, "missing", TRUST_STORE_PASSWORD);
    }

    @Test(expected = IOException.class)
    public void testLoadTrustedCertificatesNoFile() throws IOException, GeneralSecurityException {
        SslContextUtil.loadTrustedCertificates("classpath://certs/trustStore.jksno-file", (String) null, TRUST_STORE_PASSWORD);
    }

    @Test(expected = NullPointerException.class)
    public void testLoadTrustedCertificatesNullUri() throws IOException, GeneralSecurityException {
        SslContextUtil.loadTrustedCertificates((String) null, (String) null, TRUST_STORE_PASSWORD);
    }

    @Test(expected = NullPointerException.class)
    public void testLoadTrustedCertificatesNoPassword() throws IOException, GeneralSecurityException {
        SslContextUtil.loadTrustedCertificates(TRUST_STORE_LOCATION, (String) null, (char[]) null);
    }

    @Test(expected = IOException.class)
    public void testLoadTrustedCertificatesWrongPassword() throws IOException, GeneralSecurityException {
        SslContextUtil.loadTrustedCertificates(TRUST_STORE_LOCATION, (String) null, TRUST_STORE_WRONG_PASSWORD);
    }

    @Test
    public void testLoadTrustedCertificatesSingleParameterWithoutAlias() throws IOException, GeneralSecurityException {
        Certificate[] loadTrustedCertificates = SslContextUtil.loadTrustedCertificates("classpath://certs/trustStore.jks#726F6F7450617373#");
        Assert.assertThat(loadTrustedCertificates, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustedCertificates.length), CoreMatchers.is(Matchers.greaterThan(0)));
        Assert.assertThat(loadTrustedCertificates[0], CoreMatchers.is(Matchers.instanceOf(X509Certificate.class)));
        Assert.assertThat(loadTrustedCertificates[0].getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
    }

    @Test
    public void testLoadTrustedCertificatesSingleParameter() throws IOException, GeneralSecurityException {
        Certificate[] loadTrustedCertificates = SslContextUtil.loadTrustedCertificates("classpath://certs/trustStore.jks#726F6F7450617373#ca");
        Assert.assertThat(loadTrustedCertificates, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustedCertificates.length), CoreMatchers.is(1));
        Assert.assertThat(loadTrustedCertificates[0], CoreMatchers.is(Matchers.instanceOf(X509Certificate.class)));
        Assert.assertThat(((X509Certificate) loadTrustedCertificates[0]).getSubjectDN().getName(), CoreMatchers.is(DN_CA));
    }

    @Test(expected = IllegalArgumentException.class)
    public void testLoadTrustedCertificatesSingleParameterError() throws IOException, GeneralSecurityException {
        SslContextUtil.loadTrustedCertificates("classpath://certs/trustStore.jks#726F6F7450617373");
    }

    @Test
    public void testLoadTrustManager() throws IOException, GeneralSecurityException {
        TrustManager[] loadTrustManager = SslContextUtil.loadTrustManager(TRUST_STORE_LOCATION, (String) null, TRUST_STORE_PASSWORD);
        Assert.assertThat(loadTrustManager, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        Assert.assertThat(loadTrustManager[0], CoreMatchers.is(Matchers.instanceOf(X509TrustManager.class)));
    }

    @Test(expected = IllegalArgumentException.class)
    public void testLoadTrustManagerCertificateNotFound() throws IOException, GeneralSecurityException {
        SslContextUtil.loadTrustManager(TRUST_STORE_LOCATION, "missing", TRUST_STORE_PASSWORD);
    }

    @Test
    public void testCreateTrustManager() throws IOException, GeneralSecurityException {
        TrustManager[] createTrustManager = SslContextUtil.createTrustManager("test", SslContextUtil.loadTrustedCertificates(TRUST_STORE_LOCATION, (String) null, TRUST_STORE_PASSWORD));
        Assert.assertThat(createTrustManager, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(createTrustManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        Assert.assertThat(createTrustManager[0], CoreMatchers.is(Matchers.instanceOf(X509TrustManager.class)));
    }

    @Test(expected = NullPointerException.class)
    public void testCreateTrustManagerNullCertificates() throws IOException, GeneralSecurityException {
        SslContextUtil.createTrustManager("test", (Certificate[]) null);
    }

    @Test(expected = IllegalArgumentException.class)
    public void testCreateTrustManagerEmptyCertificates() throws IOException, GeneralSecurityException {
        SslContextUtil.createTrustManager("test", new Certificate[0]);
    }

    @Test
    public void testLoadP12TrustedCertificates() throws IOException, GeneralSecurityException {
        Certificate[] loadTrustedCertificates = SslContextUtil.loadTrustedCertificates(TRUST_P12_LOCATION, (String) null, TRUST_STORE_PASSWORD);
        Assert.assertThat(loadTrustedCertificates, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustedCertificates.length), CoreMatchers.is(5));
        X509Certificate x509Certificate = (X509Certificate) loadTrustedCertificates[0];
        Assert.assertThat(x509Certificate.getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(x509Certificate.getSubjectDN().getName(), CoreMatchers.anyOf(CoreMatchers.is(DN_CA), CoreMatchers.is(DN_CA2), CoreMatchers.is(DN_CA_RSA), CoreMatchers.is(DN_ROOT)));
    }

    @Test
    public void testLoadP12TrustedCertificatesWithAlias() throws IOException, GeneralSecurityException {
        Certificate[] loadTrustedCertificates = SslContextUtil.loadTrustedCertificates(TRUST_P12_LOCATION, "ca", TRUST_STORE_PASSWORD);
        Assert.assertThat(loadTrustedCertificates, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustedCertificates.length), CoreMatchers.is(1));
        X509Certificate x509Certificate = (X509Certificate) loadTrustedCertificates[0];
        Assert.assertThat(x509Certificate.getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(x509Certificate.getSubjectDN().getName(), CoreMatchers.is(DN_CA));
    }

    @Test
    public void testLoadP12TrustManager() throws IOException, GeneralSecurityException {
        TrustManager[] loadTrustManager = SslContextUtil.loadTrustManager(TRUST_P12_LOCATION, (String) null, TRUST_STORE_PASSWORD);
        Assert.assertThat(loadTrustManager, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        Assert.assertThat(loadTrustManager[0], CoreMatchers.is(Matchers.instanceOf(X509TrustManager.class)));
    }

    @Test
    public void testLoadP12TrustManagerWithAlias() throws IOException, GeneralSecurityException {
        TrustManager[] loadTrustManager = SslContextUtil.loadTrustManager(TRUST_P12_LOCATION, "ca", TRUST_STORE_PASSWORD);
        Assert.assertThat(loadTrustManager, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        Assert.assertThat(loadTrustManager[0], CoreMatchers.is(Matchers.instanceOf(X509TrustManager.class)));
    }

    @Test
    public void testLoadPemTrustedCertificates() throws IOException, GeneralSecurityException {
        Certificate[] loadTrustedCertificates = SslContextUtil.loadTrustedCertificates(TRUST_PEM_LOCATION, (String) null, (char[]) null);
        Assert.assertThat(loadTrustedCertificates, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustedCertificates.length), CoreMatchers.is(5));
        X509Certificate x509Certificate = (X509Certificate) loadTrustedCertificates[0];
        Assert.assertThat(x509Certificate.getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(x509Certificate.getSubjectDN().getName(), CoreMatchers.anyOf(CoreMatchers.is(DN_CA), CoreMatchers.is(DN_CA2), CoreMatchers.is(DN_CA_RSA), CoreMatchers.is(DN_ROOT)));
    }

    @Test
    public void testLoadPemTrustManager() throws IOException, GeneralSecurityException {
        TrustManager[] loadTrustManager = SslContextUtil.loadTrustManager(TRUST_PEM_LOCATION, (String) null, (char[]) null);
        Assert.assertThat(loadTrustManager, CoreMatchers.is(IsNull.notNullValue()));
        Assert.assertThat(Integer.valueOf(loadTrustManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        Assert.assertThat(loadTrustManager[0], CoreMatchers.is(Matchers.instanceOf(X509TrustManager.class)));
    }
}
