package tigase.io;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.TrustManager;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import tigase.cert.CertificateEntry;
import tigase.cert.CertificateGeneratorFactory;
import tigase.cert.CertificateUtil;
import tigase.eventbus.EventBusFactory;
import tigase.io.CertificateContainerIfc;
import tigase.io.SSLContextContainerAbstract;
import tigase.io.repo.CertificateItem;
import tigase.io.repo.CertificateRepository;
import tigase.kernel.AbstractKernelWithUserRepositoryTestCase;
import tigase.kernel.core.Kernel;

/* loaded from: input_file:tigase/io/CertificateContainerTest.class */
public class CertificateContainerTest extends AbstractKernelWithUserRepositoryTestCase {
    private static final Logger LOGGER = Logger.getLogger(CertificateContainerTest.class.getName());
    private final String domain = "example.com";
    private final String mucDomain = "muc.example.com";
    private final String wildcardDomain = "*.example.com";
    private CertificateContainer certificateContainer;
    private SSLContextContainer sslContextContainer;

    /* loaded from: input_file:tigase/io/CertificateContainerTest$TestCertificateContainerWithoutStore.class */
    public static class TestCertificateContainerWithoutStore extends CertificateContainer {
        void storeCertificateToFile(CertificateEntry certificateEntry, String str) throws CertificateEncodingException, IOException {
            throw new RuntimeException(new IOException("We tried storing certificate to file, even though we shouldn't"));
        }
    }

    /* loaded from: input_file:tigase/io/CertificateContainerTest$TestCertificateRepositoryWithoutStore.class */
    public static class TestCertificateRepositoryWithoutStore extends CertificateRepository {
        protected void storeSingleItem(CertificateItem certificateItem) {
            CertificateContainerTest.LOGGER.log(Level.SEVERE, "Storing certificate to repository (we shouldn't?");
            super.storeSingleItem(certificateItem);
        }
    }

    @Test
    public void testRegularDomainForExistingCertificate() throws Exception {
        testDomain("example.com", "example.com", true);
    }

    @Test
    public void testSubdomainAgainstWildcardCertificate() throws Exception {
        testDomain("push.example.com", "*.example.com", true);
    }

    @Test
    public void testUpperCaseDomain() throws Exception {
        testDomain("example.com".toUpperCase(), "example.com", true);
    }

    @Test
    public void testDomainForNonexistentCertificate() throws Exception {
        testDomain("xmpp.org", "xmpp.org", false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // tigase.kernel.AbstractKernelWithUserRepositoryTestCase, tigase.kernel.AbstractKernelTestCase
    public void registerBeans(Kernel kernel) {
        super.registerBeans(kernel);
        kernel.registerBean("eventBus").asInstance(EventBusFactory.getInstance()).exportable().exec();
        kernel.registerBean(TestCertificateRepositoryWithoutStore.class).setActive(true).exportable().exec();
        kernel.registerBean(TestCertificateContainerWithoutStore.class).exec();
        kernel.registerBean(SSLContextContainer.class).exec();
    }

    @Before
    public void setup() throws GeneralSecurityException, IOException {
        this.certificateContainer = (CertificateContainer) getKernel().getInstance(CertificateContainer.class);
        this.sslContextContainer = (SSLContextContainer) getKernel().getInstance(SSLContextContainer.class);
        addCertificateForDomain("example.com", true);
        addCertificateForDomain("*.example.com", true);
    }

    @Test
    public void testAddingCertificate() throws GeneralSecurityException, IOException {
        addCertificateForDomain("muc.example.com", false);
        addCertificateForDomain("*.example.com", true);
        CertificateEntry certificateEntry = this.certificateContainer.getCertificateEntry("example.com");
        Assert.assertNotNull(certificateEntry);
        Assert.assertEquals(CertificateUtil.getCertCName((X509Certificate) certificateEntry.getCertificate().get()), "example.com");
        CertificateEntry certificateEntry2 = this.certificateContainer.getCertificateEntry("*.example.com");
        Assert.assertNotNull(certificateEntry2);
        Assert.assertEquals(CertificateUtil.getCertCName((X509Certificate) certificateEntry2.getCertificate().get()), "*.example.com");
        CertificateEntry certificateEntry3 = this.certificateContainer.getCertificateEntry("muc.example.com");
        Assert.assertNotNull(certificateEntry3);
        Assert.assertEquals(CertificateUtil.getCertCName((X509Certificate) certificateEntry3.getCertificate().get()), "*.example.com");
    }

    private void testDomain(String str, String str2, boolean z) throws Exception {
        CertificateEntry certificateEntry = this.certificateContainer.getCertificateEntry(str);
        LOGGER.log(Level.INFO, "Certificate for hostname " + str + ": " + (certificateEntry != null ? certificateEntry.toString(true) : "n/a"));
        if (z) {
            Assert.assertNotNull(certificateEntry);
        } else {
            Assert.assertNull(certificateEntry);
        }
        SSLContextContainerAbstract.SSLHolder createContextHolder = this.sslContextContainer.createContextHolder("SSL", str, str, false, new TrustManager[0]);
        Assert.assertNotNull(createContextHolder);
        Assert.assertNotNull(createContextHolder.domainCertificate);
        String certCName = CertificateUtil.getCertCName(createContextHolder.domainCertificate);
        if (z) {
            Assert.assertEquals(certificateEntry.getCertChain()[0], createContextHolder.domainCertificate);
        } else {
            Assert.assertNotNull(this.certificateContainer.getCertificateEntry(str));
        }
        Assert.assertEquals(str2, certCName);
    }

    private void addCertificateForDomain(String str, boolean z) throws GeneralSecurityException, IOException {
        this.certificateContainer.addCertificates(new CertificateContainerIfc.CertificateEntity(CertificateUtil.exportToPemFormat(CertificateGeneratorFactory.getGenerator().generateSelfSignedCertificateEntry("test@mail.com", str, "OU", "O", "City", "State", "Country", CertificateUtil.createKeyPair(1024, "secret"), z)), str, false, false));
    }
}
