package org.lockss.util.urlconn;

import java.io.File;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.util.Properties;
import org.lockss.daemon.LockssKeyStoreManager;
import org.lockss.daemon.RandomManager;
import org.lockss.plugin.simulated.SimulatedContentGenerator;
import org.lockss.test.ConfigurationUtil;
import org.lockss.test.LockssTestCase;
import org.lockss.test.MockLockssDaemon;
import org.lockss.util.KeyStoreUtil;
import org.lockss.util.lang.LockssRandom;

/* loaded from: input_file:org/lockss/util/urlconn/TestAuthSSLProtocolSocketFactory.class */
public class TestAuthSSLProtocolSocketFactory extends LockssTestCase {
    static final String PASSWD = "teapot";
    static final String PASSWD1 = "Fezzik";
    static final String PASSWD2 = "Vizzini";
    static final String KEY_PASSWD1 = "Vroomfondel";
    static final String KEY_PASSWD2 = "Slartibartfast";
    MockLockssDaemon daemon;
    LockssKeyStoreManager keystoreMgr;
    RandomManager rmgr;
    File keyStoreDir;
    String keyStoreFileName;
    boolean didMakeStandaloneSecureRandom = false;

    /* loaded from: input_file:org/lockss/util/urlconn/TestAuthSSLProtocolSocketFactory$MyAuthSSLProtocolSocketFactory.class */
    class MyAuthSSLProtocolSocketFactory extends AuthSSLProtocolSocketFactory {
        public MyAuthSSLProtocolSocketFactory(String str, String str2) {
            super(str, str2);
        }

        SecureRandom getSecureRandom() throws NoSuchAlgorithmException, NoSuchProviderException {
            SecureRandom secureRandom = super.getSecureRandom();
            byte[] bArr = new byte[4];
            new LockssRandom().nextBytes(bArr);
            secureRandom.setSeed(bArr);
            TestAuthSSLProtocolSocketFactory.this.didMakeStandaloneSecureRandom = true;
            return secureRandom;
        }
    }

    /* loaded from: input_file:org/lockss/util/urlconn/TestAuthSSLProtocolSocketFactory$MyLockssSecureSocketFactory.class */
    class MyLockssSecureSocketFactory extends LockssSecureSocketFactory {
        public MyLockssSecureSocketFactory(String str, String str2) {
            super(str, str2);
        }

        protected AuthSSLProtocolSocketFactory newAuthSSLProtocolSocketFactory(String str, String str2) {
            return new MyAuthSSLProtocolSocketFactory(str, str2);
        }
    }

    @Override // org.lockss.test.LockssTestCase
    public void setUp() throws Exception {
        super.setUp();
        ConfigurationUtil.addFromArgs("org.lockss.keyMgr.exitIfMissingKeystore", "false");
        this.keyStoreDir = getTempDir("TestBlockingSslStreamComm1");
        this.keyStoreFileName = new File(this.keyStoreDir, "test.keystore").toString();
        this.daemon = getMockLockssDaemon();
        this.rmgr = new LockssTestCase.TestingRandomManager();
        this.rmgr.initService(this.daemon);
        this.daemon.setRandomManager(this.rmgr);
    }

    void startKeyManager() {
        this.keystoreMgr = this.daemon.getKeystoreManager();
        this.keystoreMgr.startService();
        this.daemon.setDaemonRunning(true);
    }

    KeyStore createKeyStore(File file, String str, String str2) throws Exception {
        Properties properties = new Properties();
        properties.put("File", file.toString());
        properties.put("Password", str);
        properties.put("KeyPassword", str2);
        return KeyStoreUtil.createKeyStore(properties);
    }

    void addKsProp(Properties properties, String str, String str2, String str3, String str4) {
        String str5 = "org.lockss.keyMgr.keystore." + str + ".";
        properties.put(str5 + "name", str);
        properties.put(str5 + "type", "JCEKS");
        properties.put(str5 + SimulatedContentGenerator.FILE_PREFIX, str2);
        if (str3 != null) {
            properties.put(str5 + "password", str3);
        }
        properties.put(str5 + "keyPassword", str4);
    }

    void setKeyStoreProps(Properties properties, String str, String str2, String str3, String str4, String str5, String str6) {
        String str7 = "org.lockss.keyMgr.keystore." + str + ".";
        properties.put(str7 + "name", str2);
        properties.put(str7 + SimulatedContentGenerator.FILE_PREFIX, str3);
        properties.put(str7 + "type", "JCEKS");
        properties.put(str7 + "password", str4);
        if (str5 != null) {
            properties.put(str7 + "keyPassword", str5);
        }
        if (str6 != null) {
            properties.put(str7 + "keyPasswordFile", str6);
        }
    }

    public void testMissingServerKeystore() throws Exception {
        startKeyManager();
        try {
            new MyLockssSecureSocketFactory("nsks", null).getHttpClientSecureProtocolSocketFactory().getSSLContext();
            fail("Missing server keystore should throw");
        } catch (IllegalArgumentException e) {
        }
    }

    public void testMissingClientKeystore() throws Exception {
        startKeyManager();
        try {
            new MyLockssSecureSocketFactory(null, "nsks").getHttpClientSecureProtocolSocketFactory().getSSLContext();
            fail("Missing client keystore should throw");
        } catch (IllegalArgumentException e) {
        }
    }

    public void testServerAuth() throws Exception {
        startKeyManager();
        File file = new File(getTempDir("fnord"), "k1");
        createKeyStore(file, PASSWD1, KEY_PASSWD1);
        Properties properties = new Properties();
        addKsProp(properties, "ks1", file.toString(), null, KEY_PASSWD1);
        ConfigurationUtil.addFromProps(properties);
        AuthSSLProtocolSocketFactory httpClientSecureProtocolSocketFactory = new MyLockssSecureSocketFactory("ks1", null).getHttpClientSecureProtocolSocketFactory();
        assertFalse(httpClientSecureProtocolSocketFactory.hasKeyManagers());
        assertFalse(httpClientSecureProtocolSocketFactory.hasTrustManagers());
        httpClientSecureProtocolSocketFactory.getSSLContext();
        assertFalse(httpClientSecureProtocolSocketFactory.hasKeyManagers());
        assertTrue(httpClientSecureProtocolSocketFactory.hasTrustManagers());
        assertFalse(this.didMakeStandaloneSecureRandom);
    }

    public void testClientAuth() throws Exception {
        startKeyManager();
        File file = new File(getTempDir("fnord"), "k1");
        createKeyStore(file, PASSWD1, KEY_PASSWD1);
        Properties properties = new Properties();
        addKsProp(properties, "ks1", file.toString(), null, KEY_PASSWD1);
        ConfigurationUtil.addFromProps(properties);
        AuthSSLProtocolSocketFactory httpClientSecureProtocolSocketFactory = new MyLockssSecureSocketFactory(null, "ks1").getHttpClientSecureProtocolSocketFactory();
        assertFalse(httpClientSecureProtocolSocketFactory.hasKeyManagers());
        assertFalse(httpClientSecureProtocolSocketFactory.hasTrustManagers());
        httpClientSecureProtocolSocketFactory.getSSLContext();
        assertTrue(httpClientSecureProtocolSocketFactory.hasKeyManagers());
        assertFalse(httpClientSecureProtocolSocketFactory.hasTrustManagers());
        assertFalse(this.didMakeStandaloneSecureRandom);
    }

    public void testServerAuthDaemonNotRunning() throws Exception {
        File file = new File(getTempDir("fnord"), "k1");
        createKeyStore(file, PASSWD1, KEY_PASSWD1);
        Properties properties = new Properties();
        addKsProp(properties, "ks1", file.toString(), null, KEY_PASSWD1);
        ConfigurationUtil.addFromProps(properties);
        AuthSSLProtocolSocketFactory httpClientSecureProtocolSocketFactory = new MyLockssSecureSocketFactory("ks1", null).getHttpClientSecureProtocolSocketFactory();
        assertFalse(httpClientSecureProtocolSocketFactory.hasKeyManagers());
        assertFalse(httpClientSecureProtocolSocketFactory.hasTrustManagers());
        httpClientSecureProtocolSocketFactory.getSSLContext();
        assertFalse(httpClientSecureProtocolSocketFactory.hasKeyManagers());
        assertTrue(httpClientSecureProtocolSocketFactory.hasTrustManagers());
        assertTrue(this.didMakeStandaloneSecureRandom);
    }
}
