package org.eclipse.smarthome.io.net.http.internal;

import java.io.Serializable;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.security.auth.x500.X500Principal;
import org.eclipse.smarthome.io.net.http.TlsTrustManagerProvider;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;

/* loaded from: input_file:org/eclipse/smarthome/io/net/http/internal/ExtensibleTrustManagerTest.class */
public class ExtensibleTrustManagerTest {
    private ExtensibleTrustManager subject;

    @Mock
    private TlsTrustManagerProvider trustmanagerProvider;

    @Mock
    private X509ExtendedTrustManager trustmanager;

    @Mock
    private X509Certificate topOfChain;

    @Mock
    private X509Certificate bottomOfChain;
    private X509Certificate[] chain;

    @Before
    public void setup() {
        MockitoAnnotations.initMocks(this);
        Mockito.when(this.trustmanagerProvider.getHostName()).thenReturn("example.org");
        Mockito.when(this.trustmanagerProvider.getTrustManager()).thenReturn(this.trustmanager);
        this.subject = new ExtensibleTrustManager();
        this.subject.addTlsTrustManagerProvider(this.trustmanagerProvider);
        this.chain = new X509Certificate[]{this.topOfChain, this.bottomOfChain};
    }

    @Test
    public void shouldForwardCallsToMockForMatchingCN() throws CertificateException {
        Mockito.when(this.topOfChain.getSubjectX500Principal()).thenReturn(new X500Principal("CN=example.org, OU=Smarthome, O=Eclipse, C=DE"));
        this.subject.checkServerTrusted(this.chain, "just");
        ((X509ExtendedTrustManager) Mockito.verify(this.trustmanager)).checkServerTrusted(this.chain, "just", (Socket) null);
        Mockito.verifyNoMoreInteractions(new Object[]{this.trustmanager});
    }

    @Test
    public void shouldForwardCallsToMockForMatchingAlternativeNames() throws CertificateException {
        Mockito.when(this.topOfChain.getSubjectX500Principal()).thenReturn(new X500Principal("CN=example.com, OU=Smarthome, O=Eclipse, C=DE"));
        Mockito.when(this.topOfChain.getSubjectAlternativeNames()).thenReturn(constructAlternativeNames("example1.com", "example.org"));
        this.subject.checkClientTrusted(this.chain, "just");
        ((X509ExtendedTrustManager) Mockito.verify(this.trustmanager)).checkClientTrusted(this.chain, "just", (Socket) null);
        Mockito.verifyNoMoreInteractions(new Object[]{this.trustmanager});
    }

    @Test(expected = CertificateException.class)
    public void shouldNotForwardCallsToMockForDifferentCN() throws CertificateException {
        mockSubjectForCertificate(this.topOfChain, "CN=example.com, OU=Smarthome, O=Eclipse, C=DE");
        mockIssuerForCertificate(this.topOfChain, "CN=Eclipse, OU=Smarthome, O=Eclipse, C=DE");
        mockSubjectForCertificate(this.bottomOfChain, "CN=Eclipse, OU=Smarthome, O=Eclipse, C=DE");
        mockIssuerForCertificate(this.bottomOfChain, "");
        Mockito.when(this.topOfChain.getEncoded()).thenReturn(new byte[0]);
        try {
            this.subject.checkServerTrusted(this.chain, "just");
            Mockito.verifyZeroInteractions(new Object[]{this.trustmanager});
        } catch (Throwable th) {
            Mockito.verifyZeroInteractions(new Object[]{this.trustmanager});
            throw th;
        }
    }

    private Collection<List<?>> constructAlternativeNames(String... strArr) {
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            arrayList.add((List) Stream.of((Object[]) new Serializable[]{0, str}).collect(Collectors.toList()));
        }
        return arrayList;
    }

    private void mockSubjectForCertificate(X509Certificate x509Certificate, String str) {
        Mockito.when(x509Certificate.getSubjectX500Principal()).thenReturn(new X500Principal(str));
    }

    private void mockIssuerForCertificate(X509Certificate x509Certificate, String str) {
        Mockito.when(x509Certificate.getIssuerX500Principal()).thenReturn(new X500Principal(str));
    }
}
