package org.eclipse.californium.elements.util;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.x500.X500Principal;
import org.eclipse.californium.elements.util.SslContextUtil;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.hamcrest.core.IsNull;
import org.junit.Assume;
import org.junit.Test;

/* loaded from: input_file:org/eclipse/californium/elements/util/SslContextUtilCredentialsTest.class */
public class SslContextUtilCredentialsTest {
    public static final String KEY_STORE_PASSWORD_HEX = "656E6450617373";
    public static final String SERVER_P12_LOCATION = "classpath://certs/server.p12";
    public static final String SERVER_PEM_LOCATION = "classpath://certs/server.pem";
    public static final String SERVER_LARGE_PEM_LOCATION = "classpath://certs/serverLarge.pem";
    public static final String PUBLIC_KEY_PEM_LOCATION = "classpath://certs/ec_public.pem";
    public static final String ALIAS_SERVER = "server";
    public static final String ALIAS_CLIENT = "client";
    public static final String ALIAS_MISSING = "missing";
    public static final X500Principal DN_SERVER = new X500Principal("C=CA, L=Ottawa, O=Eclipse IoT, OU=Californium, CN=cf-server");

    @Test
    public void testLoadCredentials() throws IOException, GeneralSecurityException {
        SslContextUtil.Credentials loadCredentials = SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
        MatcherAssert.assertThat(loadCredentials, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getPrivateKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadCredentials.getCertificateChain().length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain()[0], CoreMatchers.is(Matchers.instanceOf(X509Certificate.class)));
        X509Certificate x509Certificate = loadCredentials.getCertificateChain()[0];
        MatcherAssert.assertThat(x509Certificate.getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(x509Certificate.getSubjectX500Principal(), CoreMatchers.is(DN_SERVER));
    }

    @Test(expected = IllegalArgumentException.class)
    public void testLoadCredentialsNotFound() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "missing", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
    }

    @Test(expected = IOException.class)
    public void testLoadCredentialsNoFile() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCredentials("classpath://certs/keyStore.jksno-file", "server", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
    }

    @Test(expected = NullPointerException.class)
    public void testLoadCredentialsNullUri() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCredentials((String) null, "server", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
    }

    @Test(expected = NullPointerException.class)
    public void testLoadCredentialsNoStorePassword() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", (char[]) null, TestCertificatesTools.KEY_STORE_PASSWORD);
    }

    @Test(expected = NullPointerException.class)
    public void testLoadCredentialsNoKeyPassword() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", TestCertificatesTools.KEY_STORE_PASSWORD, (char[]) null);
    }

    @Test(expected = IOException.class)
    public void testLoadCredentialsWrongStorePassword() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", "656E6450617373".toCharArray(), TestCertificatesTools.KEY_STORE_PASSWORD);
    }

    @Test(expected = GeneralSecurityException.class)
    public void testLoadCredentialsWrongKeyPassword() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", TestCertificatesTools.KEY_STORE_PASSWORD, "656E6450617373".toCharArray());
    }

    @Test(expected = IllegalArgumentException.class)
    public void testLoadCredentialsSingleParameterWithoutAlias() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCredentials("classpath://certs/keyStore.jks#656E6450617373#656E6450617373#");
    }

    @Test
    public void testLoadCredentialsSingleParameter() throws IOException, GeneralSecurityException {
        SslContextUtil.Credentials loadCredentials = SslContextUtil.loadCredentials("classpath://certs/keyStore.jks#656E6450617373#656E6450617373#server");
        MatcherAssert.assertThat(loadCredentials, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getPrivateKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadCredentials.getCertificateChain().length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain()[0], CoreMatchers.is(Matchers.instanceOf(X509Certificate.class)));
        X509Certificate x509Certificate = loadCredentials.getCertificateChain()[0];
        MatcherAssert.assertThat(x509Certificate.getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(x509Certificate.getSubjectX500Principal(), CoreMatchers.is(DN_SERVER));
    }

    @Test
    public void testLoadCertificateChain() throws IOException, GeneralSecurityException {
        X509Certificate[] loadCertificateChain = SslContextUtil.loadCertificateChain(TestCertificatesTools.KEY_STORE_URI, "server", TestCertificatesTools.KEY_STORE_PASSWORD);
        MatcherAssert.assertThat(loadCertificateChain, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadCertificateChain.length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadCertificateChain[0].getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCertificateChain[0].getSubjectX500Principal(), CoreMatchers.is(DN_SERVER));
    }

    @Test(expected = NullPointerException.class)
    public void testLoadCertificateChainMissingAlias() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCertificateChain(TestCertificatesTools.KEY_STORE_URI, (String) null, TestCertificatesTools.KEY_STORE_PASSWORD);
    }

    @Test(expected = IllegalArgumentException.class)
    public void testLoadCertificateChainEmptyAlias() throws IOException, GeneralSecurityException {
        SslContextUtil.loadCertificateChain(TestCertificatesTools.KEY_STORE_URI, "", TestCertificatesTools.KEY_STORE_PASSWORD);
    }

    @Test
    public void testLoadKeyManager() throws IOException, GeneralSecurityException {
        KeyManager[] loadKeyManager = SslContextUtil.loadKeyManager(TestCertificatesTools.KEY_STORE_URI, (String) null, TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
        MatcherAssert.assertThat(loadKeyManager, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadKeyManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadKeyManager[0], CoreMatchers.is(Matchers.instanceOf(X509KeyManager.class)));
    }

    @Test(expected = GeneralSecurityException.class)
    public void testLoadKeyManagerCertificateNotFound() throws IOException, GeneralSecurityException {
        SslContextUtil.loadKeyManager(TestCertificatesTools.KEY_STORE_URI, "missing", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
    }

    @Test
    public void testCreateKeyManager() throws IOException, GeneralSecurityException {
        SslContextUtil.Credentials loadCredentials = SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
        KeyManager[] createKeyManager = SslContextUtil.createKeyManager("test", loadCredentials.getPrivateKey(), loadCredentials.getCertificateChain());
        MatcherAssert.assertThat(createKeyManager, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(createKeyManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(createKeyManager[0], CoreMatchers.is(Matchers.instanceOf(X509KeyManager.class)));
    }

    @Test(expected = NullPointerException.class)
    public void testCreateKeytManagerNullPrivateKey() throws IOException, GeneralSecurityException {
        SslContextUtil.createKeyManager("test", (PrivateKey) null, SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD).getCertificateChain());
    }

    @Test(expected = NullPointerException.class)
    public void testCreateKeytManagerNullCertChain() throws IOException, GeneralSecurityException {
        SslContextUtil.createKeyManager("test", SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD).getPrivateKey(), (X509Certificate[]) null);
    }

    @Test(expected = IllegalArgumentException.class)
    public void testCreateKeyManagerEmptyCertChain() throws IOException, GeneralSecurityException {
        SslContextUtil.createKeyManager("test", SslContextUtil.loadCredentials(TestCertificatesTools.KEY_STORE_URI, "server", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD).getPrivateKey(), new X509Certificate[0]);
    }

    @Test
    public void testLoadP12Credentials() throws IOException, GeneralSecurityException {
        SslContextUtil.Credentials loadCredentials = SslContextUtil.loadCredentials(SERVER_P12_LOCATION, "server", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
        MatcherAssert.assertThat(loadCredentials, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getPrivateKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadCredentials.getCertificateChain().length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain()[0], CoreMatchers.is(Matchers.instanceOf(X509Certificate.class)));
        X509Certificate x509Certificate = loadCredentials.getCertificateChain()[0];
        MatcherAssert.assertThat(x509Certificate.getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(x509Certificate.getSubjectX500Principal(), CoreMatchers.is(DN_SERVER));
    }

    @Test
    public void testLoadP12KeyManager() throws IOException, GeneralSecurityException {
        KeyManager[] loadKeyManager = SslContextUtil.loadKeyManager(SERVER_P12_LOCATION, (String) null, TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
        MatcherAssert.assertThat(loadKeyManager, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadKeyManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadKeyManager[0], CoreMatchers.is(Matchers.instanceOf(X509KeyManager.class)));
    }

    @Test
    public void testLoadPemCredentials() throws IOException, GeneralSecurityException {
        SslContextUtil.Credentials loadCredentials = SslContextUtil.loadCredentials(SERVER_PEM_LOCATION, (String) null, (char[]) null, (char[]) null);
        MatcherAssert.assertThat(loadCredentials, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getPrivateKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadCredentials.getCertificateChain().length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain()[0], CoreMatchers.is(Matchers.instanceOf(X509Certificate.class)));
        X509Certificate x509Certificate = loadCredentials.getCertificateChain()[0];
        MatcherAssert.assertThat(x509Certificate.getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(x509Certificate.getSubjectX500Principal(), CoreMatchers.is(DN_SERVER));
    }

    @Test
    public void testLoadPemKeyManager() throws IOException, GeneralSecurityException {
        KeyManager[] loadKeyManager = SslContextUtil.loadKeyManager(SERVER_PEM_LOCATION, (String) null, (char[]) null, (char[]) null);
        MatcherAssert.assertThat(loadKeyManager, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadKeyManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadKeyManager[0], CoreMatchers.is(Matchers.instanceOf(X509KeyManager.class)));
    }

    @Test
    public void testLoadLargePemKeyManager() throws IOException, GeneralSecurityException {
        KeyManager[] loadKeyManager = SslContextUtil.loadKeyManager(SERVER_LARGE_PEM_LOCATION, (String) null, (char[]) null, (char[]) null);
        MatcherAssert.assertThat(loadKeyManager, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadKeyManager.length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadKeyManager[0], CoreMatchers.is(Matchers.instanceOf(X509KeyManager.class)));
    }

    @Test
    public void testLoadPemPublicKey() throws IOException, GeneralSecurityException {
        MatcherAssert.assertThat(SslContextUtil.loadPublicKey(PUBLIC_KEY_PEM_LOCATION, (String) null, (char[]) null), CoreMatchers.is(IsNull.notNullValue()));
    }

    @Test
    public void testLoadPemPrivateKey() throws IOException, GeneralSecurityException {
        MatcherAssert.assertThat(SslContextUtil.loadPrivateKey(SERVER_PEM_LOCATION, (String) null, (char[]) null, (char[]) null), CoreMatchers.is(IsNull.notNullValue()));
    }

    @Test
    public void testLoadPemPrivateKeyV2() throws IOException, GeneralSecurityException {
        MatcherAssert.assertThat(SslContextUtil.loadPrivateKey("classpath://certs/ec_private.pem", (String) null, (char[]) null, (char[]) null), CoreMatchers.is(IsNull.notNullValue()));
    }

    @Test
    public void testLoadPemCredentialsV2() throws IOException, GeneralSecurityException {
        SslContextUtil.Credentials loadCredentials = SslContextUtil.loadCredentials("classpath://certs/ec_private.pem", (String) null, (char[]) null, (char[]) null);
        MatcherAssert.assertThat(loadCredentials, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getPrivateKey(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        TestCertificatesTools.assertSigning("PEMv2", loadCredentials.getPrivateKey(), loadCredentials.getPublicKey(), "SHA256withECDSA");
    }

    @Test
    public void testLoadEdDsaCredentials() throws IOException, GeneralSecurityException {
        Assume.assumeTrue("ED25519 requires JCE support!", JceProviderUtil.isSupported("Ed25519"));
        Assume.assumeTrue("classpath://certs/eddsaKeyStore.jks missing!", SslContextUtil.isAvailableFromUri(TestCertificatesTools.EDDSA_KEY_STORE_URI));
        SslContextUtil.Credentials loadCredentials = SslContextUtil.loadCredentials(TestCertificatesTools.EDDSA_KEY_STORE_URI, "clienteddsa", TestCertificatesTools.KEY_STORE_PASSWORD, TestCertificatesTools.KEY_STORE_PASSWORD);
        MatcherAssert.assertThat(loadCredentials, CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain(), CoreMatchers.is(IsNull.notNullValue()));
        MatcherAssert.assertThat(Integer.valueOf(loadCredentials.getCertificateChain().length), CoreMatchers.is(Matchers.greaterThan(0)));
        MatcherAssert.assertThat(loadCredentials.getCertificateChain()[0].getPublicKey(), CoreMatchers.is(IsNull.notNullValue()));
        TestCertificatesTools.assertSigning("JKS", loadCredentials.getPrivateKey(), loadCredentials.getPublicKey(), "ED25519");
    }

    @Test
    public void testLoadPemPrivateKeyEd25519() throws IOException, GeneralSecurityException {
        Assume.assumeTrue("ED25519 requires JCE support!", JceProviderUtil.isSupported("Ed25519"));
        MatcherAssert.assertThat(SslContextUtil.loadPrivateKey("classpath://certs/ed25519_private.pem", (String) null, (char[]) null, (char[]) null), CoreMatchers.is(IsNull.notNullValue()));
    }

    @Test
    public void testLoadPemPublicKeyEd25519() throws IOException, GeneralSecurityException {
        Assume.assumeTrue("ED25519 requires JCE support!", JceProviderUtil.isSupported("Ed25519"));
        MatcherAssert.assertThat(SslContextUtil.loadPublicKey("classpath://certs/ed25519_public.pem", (String) null, (char[]) null), CoreMatchers.is(IsNull.notNullValue()));
    }

    @Test
    public void testLoadPemPrivateKeyEd448() throws IOException, GeneralSecurityException {
        Assume.assumeTrue("ED448 requires JCE support!", JceProviderUtil.isSupported("Ed448"));
        MatcherAssert.assertThat(SslContextUtil.loadPrivateKey("classpath://certs/ed448_private.pem", (String) null, (char[]) null, (char[]) null), CoreMatchers.is(IsNull.notNullValue()));
    }

    @Test
    public void testLoadPemPublicKeyEd448() throws IOException, GeneralSecurityException {
        Assume.assumeTrue("ED448 requires JCE support!", JceProviderUtil.isSupported("Ed448"));
        MatcherAssert.assertThat(SslContextUtil.loadPublicKey("classpath://certs/ed448_public.pem", (String) null, (char[]) null), CoreMatchers.is(IsNull.notNullValue()));
    }
}
