package org.lockss.util;

import java.io.File;
import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import org.apache.commons.collections.ListUtils;
import org.lockss.crawler.TestBaseCrawler;
import org.lockss.test.LockssTestCase;
import org.lockss.test.MiscTestUtil;

/* loaded from: input_file:org/lockss/util/TestKeyStoreUtil.class */
public class TestKeyStoreUtil extends LockssTestCase {
    static String PASSWD = "a-passwd";
    static String KEY_PASSWD = "a-nother-passwd";

    @Override // org.lockss.test.LockssTestCase
    public void setUp() throws Exception {
        super.setUp();
    }

    Properties initProps() {
        Properties properties = new Properties();
        properties.put("Password", PASSWD);
        properties.put("KeyPassword", KEY_PASSWD);
        return properties;
    }

    void assertCharsBetween(int i, int i2, String str) {
        char[] charArray = str.toCharArray();
        int length = charArray.length;
        for (int i3 = 0; i3 < length; i3++) {
            char c = charArray[i3];
            assertTrue(c >= i && c <= i2);
        }
    }

    public void testRandomString() throws Exception {
        SecureRandom secureRandom = MiscTestUtil.getSecureRandom();
        String randomString = KeyStoreUtil.randomString(10, secureRandom);
        String randomString2 = KeyStoreUtil.randomString(1024, secureRandom);
        assertEquals(10, randomString.length());
        assertEquals(1024, randomString2.length());
        assertCharsBetween(32, 126, randomString);
        assertCharsBetween(32, 126, randomString2);
        assertNotEquals(randomString2, KeyStoreUtil.randomString(1024, secureRandom));
    }

    public void testDefaults() throws Exception {
        KeyStore createKeyStore = KeyStoreUtil.createKeyStore(initProps());
        assertIsomorphic(SetUtil.set(new String[]{"mykey", "mycert"}), SetUtil.theSet(ListUtil.fromIterator(new EnumerationIterator(createKeyStore.aliases()))));
        assertNotNull(createKeyStore.getCertificate("mycert"));
        assertNull(createKeyStore.getCertificate("foocert"));
        assertEquals("JCEKS", createKeyStore.getType());
    }

    public void testStoreJks() throws Exception {
        File file = new File(getTempDir(), "test.ks");
        Properties initProps = initProps();
        initProps.put("File", file.toString());
        initProps.put("Type", "JKS");
        initProps.put("Provider", TestBaseCrawler.EMPTY_PAGE);
        assertFalse(file.exists());
        KeyStore createKeyStore = KeyStoreUtil.createKeyStore(initProps);
        assertTrue(file.exists());
        KeyStore loadKeyStore = loadKeyStore(createKeyStore.getType(), file, PASSWD);
        assertIsomorphic(SetUtil.set(new String[]{"mykey", "mycert"}), SetUtil.theSet(ListUtil.fromIterator(new EnumerationIterator(loadKeyStore.aliases()))));
        assertNotNull(loadKeyStore.getCertificate("mycert"));
        assertNull(loadKeyStore.getCertificate("foocert"));
        assertEquals("JKS", loadKeyStore.getType());
    }

    public void testStore() throws Exception {
        File file = new File(getTempDir(), "test.ks");
        Properties initProps = initProps();
        initProps.put("File", file.toString());
        assertFalse(file.exists());
        KeyStore createKeyStore = KeyStoreUtil.createKeyStore(initProps);
        assertTrue(file.exists());
        KeyStore loadKeyStore = loadKeyStore(createKeyStore.getType(), file, PASSWD);
        assertIsomorphic(SetUtil.set(new String[]{"mykey", "mycert"}), SetUtil.theSet(ListUtil.fromIterator(new EnumerationIterator(loadKeyStore.aliases()))));
        assertNotNull(loadKeyStore.getCertificate("mycert"));
        assertNull(loadKeyStore.getCertificate("foocert"));
        assertEquals("JCEKS", loadKeyStore.getType());
    }

    public void testCreateIllType() throws Exception {
        File file = new File(getTempDir(), "test.ks");
        Properties initProps = initProps();
        initProps.put("File", file.toString());
        initProps.put("Type", "foobar");
        initProps.put("Provider", TestBaseCrawler.EMPTY_PAGE);
        assertFalse(file.exists());
        try {
            KeyStoreUtil.createKeyStore(initProps);
            fail("Illegal keystore type should throw");
        } catch (KeyStoreException e) {
        }
        assertFalse(file.exists());
    }

    public void testCreateIllProv() throws Exception {
        File file = new File(getTempDir(), "test.ks");
        Properties initProps = initProps();
        initProps.put("File", file.toString());
        initProps.put("Type", "JKS");
        initProps.put("Provider", "not_a_provider");
        assertFalse(file.exists());
        try {
            KeyStoreUtil.createKeyStore(initProps);
            fail("Illegal keystore type should throw");
        } catch (NoSuchProviderException e) {
        }
        assertFalse(file.exists());
    }

    public void testCreateIllAlg() throws Exception {
        File file = new File(getTempDir(), "test.ks");
        Properties initProps = initProps();
        initProps.put("File", file.toString());
        initProps.put("Type", "JKS");
        initProps.put("Provider", TestBaseCrawler.EMPTY_PAGE);
        initProps.put("SigAlgorithm", "sdflkjsdf");
        assertFalse(file.exists());
        try {
            KeyStoreUtil.createKeyStore(initProps);
            fail("Illegal keystore type should throw");
        } catch (NoSuchAlgorithmException e) {
        }
        assertFalse(file.exists());
    }

    KeyStore loadKeyStore(String str, String str2, String str3) throws Exception {
        return loadKeyStore(str, new File(str2), str3);
    }

    KeyStore loadKeyStore(String str, File file, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(new FileInputStream(file), str2.toCharArray());
        return keyStore;
    }

    public void testCreateSharedPLNKeyStores() throws Exception {
        List<String> list = ListUtil.list(new String[]{"host1", "host2.foo.bar", "host3"});
        List list2 = ListUtil.list(new String[]{"host3", "host4"});
        File tempDir = getTempDir();
        File file = new File(tempDir, "pub.ks");
        KeyStoreUtil.createSharedPLNKeyStores(tempDir, list, file, "pubpass", MiscTestUtil.getSecureRandom());
        assertPubKs(file, "pubpass", list);
        for (String str : list) {
            assertPrivateKs(new File(tempDir, str + ".jceks"), StringUtil.fromFile(new File(tempDir, str + ".pass")), str);
        }
        KeyStore loadKeyStore = loadKeyStore("jceks", new File(tempDir, "pub.ks"), "pubpass");
        Certificate certificate = loadKeyStore.getCertificate("host1.crt");
        Certificate certificate2 = loadKeyStore.getCertificate("host3.crt");
        String fromFile = StringUtil.fromFile(new File(tempDir, "host1.jceks"));
        String fromFile2 = StringUtil.fromFile(new File(tempDir, "host3.jceks"));
        KeyStoreUtil.createSharedPLNKeyStores(tempDir, list2, file, "pubpass", MiscTestUtil.getSecureRandom());
        List<String> sum = ListUtils.sum(list, list2);
        assertPubKs(file, "pubpass", sum);
        for (String str2 : sum) {
            assertPrivateKs(new File(tempDir, str2 + ".jceks"), StringUtil.fromFile(new File(tempDir, str2 + ".pass")), str2);
        }
        KeyStore loadKeyStore2 = loadKeyStore("jceks", new File(tempDir, "pub.ks"), "pubpass");
        Certificate certificate3 = loadKeyStore2.getCertificate("host1.crt");
        Certificate certificate4 = loadKeyStore2.getCertificate("host3.crt");
        assertEquals(certificate, certificate3);
        assertNotEquals(certificate2, certificate4);
        String fromFile3 = StringUtil.fromFile(new File(tempDir, "host1.jceks"));
        String fromFile4 = StringUtil.fromFile(new File(tempDir, "host3.jceks"));
        assertEquals(fromFile, fromFile3);
        assertNotEquals(fromFile2, fromFile4);
    }

    void assertPubKs(File file, String str, List<String> list) throws Exception {
        KeyStore loadKeyStore = loadKeyStore("jceks", file, str);
        assertEquals(list.size(), ListUtil.fromIterator(new EnumerationIterator(loadKeyStore.aliases())).size());
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            Certificate certificate = loadKeyStore.getCertificate(it.next() + ".crt");
            assertNotNull(certificate);
            assertEquals("X.509", certificate.getType());
        }
    }

    void assertPrivateKs(File file, String str, String str2) throws Exception {
        KeyStore loadKeyStore = loadKeyStore("jceks", file, str2);
        assertEquals(2, ListUtil.fromIterator(new EnumerationIterator(loadKeyStore.aliases())).size());
        Certificate certificate = loadKeyStore.getCertificate(str2 + ".crt");
        assertNotNull(certificate);
        assertEquals("X.509", certificate.getType());
        assertTrue(loadKeyStore.isKeyEntry(str2 + ".key"));
        assertTrue(loadKeyStore.isCertificateEntry(str2 + ".crt"));
        Key key = loadKeyStore.getKey(str2 + ".key", str.toCharArray());
        assertNotNull(key);
        assertEquals("RSA", key.getAlgorithm());
    }
}
