package tigase.io;

import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import tigase.cert.CertificateEntry;
import tigase.cert.CertificateUtil;
import tigase.io.SSLContextContainerAbstract;

/* loaded from: input_file:tigase/io/CertificateContainerTest.class */
public class CertificateContainerTest {
    private static final Logger LOGGER = Logger.getLogger(CertificateContainerTest.class.getName());
    private final String domain = "example.com";
    private CertificateContainer certificateContainer;

    @Test
    public void testRegularDomain() throws Exception {
        testDomain("example.com", true);
    }

    @Test
    public void testWildcardDomain() throws Exception {
        testDomain("push.example.com", true);
    }

    @Test
    public void testUpperCaseDomain() throws Exception {
        testDomain("example.com".toUpperCase(), true);
    }

    @Test
    public void testNonexistentDomain() throws Exception {
        testDomain("xmpp.org", false);
    }

    @Before
    public void setup() throws CertificateException, NoSuchAlgorithmException, IOException, SignatureException, NoSuchProviderException, InvalidKeyException {
        this.certificateContainer = new CertificateContainer() { // from class: tigase.io.CertificateContainerTest.1
            KeyManagerFactory addCertificateEntry(CertificateEntry certificateEntry, String str, boolean z) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
                return super.addCertificateEntry(certificateEntry, str, false);
            }
        };
        HashMap hashMap = new HashMap();
        hashMap.put("cert-alias", "example.com");
        hashMap.put("pem-certificate", CertificateUtil.exportToPemFormat(CertificateUtil.createSelfSignedCertificate("test@mail.com", "*.example.com", "OU", "O", "City", "State", "Country", () -> {
            return CertificateUtil.createKeyPair(1024, "secret");
        })));
        hashMap.put("cert-save-to-disk", "false");
        this.certificateContainer.addCertificates(hashMap);
    }

    private void testDomain(String str, boolean z) throws Exception {
        CertificateEntry certificateEntry = this.certificateContainer.getCertificateEntry(str);
        LOGGER.log(Level.INFO, "Certificate for hostname " + str + ": " + (certificateEntry != null ? certificateEntry.toString(true) : "n/a"));
        if (z) {
            Assert.assertNotNull(certificateEntry);
        } else {
            Assert.assertNull(certificateEntry);
        }
        SSLContextContainerAbstract.SSLHolder createContextHolder = new SSLContextContainer(this.certificateContainer).createContextHolder("SSL", str, str, false, new TrustManager[0]);
        Assert.assertNotNull(createContextHolder);
        Assert.assertNotNull(createContextHolder.domainCertificate);
        String certCName = CertificateUtil.getCertCName(createContextHolder.domainCertificate);
        if (!z) {
            Assert.assertFalse(certCName.contains("example.com"));
        } else {
            Assert.assertEquals(certificateEntry.getCertChain()[0], createContextHolder.domainCertificate);
            Assert.assertTrue(certCName.contains("example.com"));
        }
    }
}
