package org.infinispan.commons.util;

import java.io.IOException;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.security.KeyStore;
import java.time.Instant;
import javax.security.auth.x500.X500Principal;
import org.infinispan.commons.io.FileWatcher;
import org.infinispan.commons.test.CommonsTestingUtil;
import org.infinispan.commons.test.Eventually;
import org.infinispan.commons.util.SslContextFactory;
import org.junit.Test;
import org.wildfly.security.x500.cert.SelfSignedX509CertificateAndSigningKey;

/* loaded from: input_file:org/infinispan/commons/util/SslContextFactoryTest.class */
public class SslContextFactoryTest {
    public static final String KEY_ALGORITHM = "RSA";
    public static final String KEY_SIGNATURE_ALGORITHM = "SHA256withRSA";
    public static final String SECRET = "secret";

    @Test
    public void testSslContextFactoryWatch() throws IOException {
        FileWatcher fileWatcher = new FileWatcher();
        try {
            Path path = Paths.get(CommonsTestingUtil.tmpDirectory(SslContextFactoryTest.class), new String[0]);
            Files.createDirectories(path, new FileAttribute[0]);
            SslContextFactory.Context build = new SslContextFactory().keyStoreFileName(createCertificateKeyStore("keystore", SECRET, path).toString()).keyStorePassword(SECRET.toCharArray()).trustStoreFileName(createCertificateKeyStore("truststore", SECRET, path).toString()).trustStorePassword(SECRET.toCharArray()).watcher(fileWatcher).build();
            build.sslContext().createSSLEngine();
            Instant lastLoaded = build.keyManager().lastLoaded();
            createCertificateKeyStore("keystore", SECRET, path);
            Eventually.eventually(() -> {
                return build.keyManager().lastLoaded().isAfter(lastLoaded);
            });
            Instant lastLoaded2 = build.trustManager().lastLoaded();
            createCertificateKeyStore("truststore", SECRET, path);
            Eventually.eventually(() -> {
                return build.trustManager().lastLoaded().isAfter(lastLoaded2);
            });
            build.sslContext().createSSLEngine();
            fileWatcher.close();
        } catch (Throwable th) {
            try {
                fileWatcher.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private Path createCertificateKeyStore(String str, String str2, Path path) {
        SelfSignedX509CertificateAndSigningKey build = SelfSignedX509CertificateAndSigningKey.builder().setDn(new X500Principal("CN=" + str)).setSignatureAlgorithmName(KEY_SIGNATURE_ALGORITHM).setKeyAlgorithmName(KEY_ALGORITHM).build();
        Path resolve = path.resolve(str + ".pfx");
        try {
            OutputStream newOutputStream = Files.newOutputStream(resolve, new OpenOption[0]);
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
                keyStore.setCertificateEntry(str, build.getSelfSignedCertificate());
                keyStore.store(newOutputStream, str2.toCharArray());
                if (newOutputStream != null) {
                    newOutputStream.close();
                }
                return resolve;
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
