package org.mule.api;

import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.hamcrest.CoreMatchers;
import org.hamcrest.Matchers;
import org.hamcrest.core.IsInstanceOf;
import org.junit.Assert;
import org.junit.Test;
import org.mule.api.lifecycle.CreateException;
import org.mule.api.security.tls.TlsConfiguration;
import org.mule.tck.junit4.AbstractMuleTestCase;
import org.mule.util.ClassUtils;
import org.mule.util.FileUtils;
import org.mule.util.SecurityUtils;

/* loaded from: input_file:org/mule/api/TlsConfigurationTestCase.class */
public class TlsConfigurationTestCase extends AbstractMuleTestCase {
    private static final String SUPPORTED_CIPHER_SUITE = "TLS_DHE_DSS_WITH_AES_128_CBC_SHA";
    private static final String SUPPORTED_PROTOCOL = "TLSv1.1";
    private static final String TEST_SECURITY_MODEL = "test";

    @Test
    public void emptyConfiguration() throws Exception {
        TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
        try {
            tlsConfiguration.initialise(false, "javax.net");
            Assert.fail("no key password");
        } catch (IllegalArgumentException e) {
            Assert.assertThat(e, Matchers.is(CoreMatchers.notNullValue()));
        }
        tlsConfiguration.setKeyPassword("mulepassword");
        try {
            tlsConfiguration.initialise(false, "javax.net");
            Assert.fail("no store password");
        } catch (IllegalArgumentException e2) {
            Assert.assertThat(e2, Matchers.is(CoreMatchers.notNullValue()));
        }
        tlsConfiguration.setKeyStorePassword("mulepassword");
        tlsConfiguration.setKeyStore("");
        try {
            tlsConfiguration.initialise(false, "javax.net");
            Assert.fail("no keystore");
        } catch (Exception e3) {
            Assert.assertThat(e3, Matchers.is(CoreMatchers.notNullValue()));
        }
    }

    @Test
    public void simpleSocket() throws Exception {
        TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
        tlsConfiguration.setKeyPassword("mulepassword");
        tlsConfiguration.setKeyStorePassword("mulepassword");
        tlsConfiguration.setKeyStore("clientKeystore");
        tlsConfiguration.initialise(false, "javax.net");
        Assert.assertThat(tlsConfiguration.getSocketFactory().getSupportedCipherSuites(), Matchers.not(Matchers.arrayWithSize(0)));
    }

    @Test
    public void exceptionOnInvalidKeyAlias() throws Exception {
        TlsConfiguration tlsConfiguration = new TlsConfiguration(new File(getClass().getClassLoader().getResource("serverKeystore").toURI()).getAbsolutePath());
        tlsConfiguration.setKeyStorePassword("mulepassword");
        tlsConfiguration.setKeyPassword("mulepassword");
        tlsConfiguration.setKeyAlias("this_key_does_not_exist_in_the_keystore");
        try {
            tlsConfiguration.initialise(false, "javax.net");
        } catch (CreateException e) {
            Assert.assertThat(e.getCause(), IsInstanceOf.instanceOf(IllegalStateException.class));
        }
    }

    @Test
    public void cipherSuitesFromEnabledProtocols() throws Exception {
        TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
        tlsConfiguration.initialise(true, "javax.net");
        testPropertiesFrom(createDefaultConfigFile(true), tlsConfiguration.getSslContext().getSupportedSSLParameters().getCipherSuites());
    }

    @Test
    public void cipherSuitesFromConfigFile() throws Exception {
        testPropertiesFrom(createDefaultConfigFile(false), new String[]{SUPPORTED_CIPHER_SUITE});
    }

    public void testPropertiesFrom(File file, String[] strArr) throws Exception {
        try {
            TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
            tlsConfiguration.initialise(true, "javax.net");
            SSLSocket sSLSocket = (SSLSocket) tlsConfiguration.getSocketFactory().createSocket();
            SSLServerSocket sSLServerSocket = (SSLServerSocket) tlsConfiguration.getServerSocketFactory().createServerSocket();
            Assert.assertThat(sSLSocket.getEnabledCipherSuites(), Matchers.arrayContainingInAnyOrder(strArr));
            Assert.assertThat(sSLServerSocket.getEnabledCipherSuites(), Matchers.arrayContainingInAnyOrder(strArr));
            FileUtils.deleteFile(file);
        } catch (Throwable th) {
            FileUtils.deleteFile(file);
            throw th;
        }
    }

    @Test
    public void protocolsFromConfigFile() throws Exception {
        File createDefaultConfigFile = createDefaultConfigFile(false);
        try {
            TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
            tlsConfiguration.initialise(true, "javax.net");
            SSLSocket sSLSocket = (SSLSocket) tlsConfiguration.getSocketFactory().createSocket();
            SSLServerSocket sSLServerSocket = (SSLServerSocket) tlsConfiguration.getServerSocketFactory().createServerSocket();
            Assert.assertThat(sSLSocket.getEnabledProtocols(), Matchers.arrayContainingInAnyOrder(new String[]{SUPPORTED_PROTOCOL}));
            Assert.assertThat(sSLServerSocket.getEnabledProtocols(), Matchers.arrayContainingInAnyOrder(new String[]{SUPPORTED_PROTOCOL}));
            FileUtils.deleteFile(createDefaultConfigFile);
        } catch (Throwable th) {
            FileUtils.deleteFile(createDefaultConfigFile);
            throw th;
        }
    }

    @Test
    public void defaultProtocol() throws Exception {
        TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
        tlsConfiguration.initialise(true, "javax.net");
        SSLSocketFactory socketFactory = tlsConfiguration.getSocketFactory();
        tlsConfiguration.getServerSocketFactory();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, null, null);
        Assert.assertThat(socketFactory.getDefaultCipherSuites(), Matchers.arrayContainingInAnyOrder(sSLContext.getSocketFactory().getDefaultCipherSuites()));
    }

    @Test
    public void defaultProtocolFromConfigFile() throws Exception {
        File defaultProtocolConfigFile = getDefaultProtocolConfigFile();
        try {
            TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
            tlsConfiguration.initialise(true, "javax.net");
            SSLSocketFactory socketFactory = tlsConfiguration.getSocketFactory();
            SSLServerSocketFactory serverSocketFactory = tlsConfiguration.getServerSocketFactory();
            SSLContext sSLContext = SSLContext.getInstance(SUPPORTED_PROTOCOL);
            sSLContext.init(null, null, null);
            SSLSocketFactory socketFactory2 = sSLContext.getSocketFactory();
            SSLServerSocketFactory serverSocketFactory2 = sSLContext.getServerSocketFactory();
            Assert.assertThat(socketFactory.getDefaultCipherSuites(), Matchers.arrayWithSize(socketFactory2.getDefaultCipherSuites().length));
            Assert.assertThat(socketFactory.getDefaultCipherSuites(), Matchers.is(Matchers.arrayContainingInAnyOrder(socketFactory2.getDefaultCipherSuites())));
            Assert.assertThat(serverSocketFactory.getDefaultCipherSuites(), Matchers.arrayWithSize(serverSocketFactory2.getDefaultCipherSuites().length));
            Assert.assertThat(serverSocketFactory.getDefaultCipherSuites(), Matchers.is(Matchers.arrayContainingInAnyOrder(serverSocketFactory2.getDefaultCipherSuites())));
            FileUtils.deleteFile(defaultProtocolConfigFile);
        } catch (Throwable th) {
            FileUtils.deleteFile(defaultProtocolConfigFile);
            throw th;
        }
    }

    @Test
    public void overrideDefaultProtocolFromConfigFile() throws Exception {
        File defaultProtocolConfigFile = getDefaultProtocolConfigFile();
        try {
            TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
            tlsConfiguration.setSslType("TLSv1.2");
            tlsConfiguration.initialise(true, "javax.net");
            SSLSocketFactory socketFactory = tlsConfiguration.getSocketFactory();
            SSLContext sSLContext = SSLContext.getInstance(SUPPORTED_PROTOCOL);
            sSLContext.init(null, null, null);
            Assert.assertThat(socketFactory.getDefaultCipherSuites(), Matchers.not(Matchers.arrayWithSize(sSLContext.getSocketFactory().getDefaultCipherSuites().length)));
            FileUtils.deleteFile(defaultProtocolConfigFile);
        } catch (Throwable th) {
            FileUtils.deleteFile(defaultProtocolConfigFile);
            throw th;
        }
    }

    @Test
    public void securityModelProperty() throws Exception {
        String securityModel = SecurityUtils.getSecurityModel();
        System.setProperty("mule.security.model", "test");
        File createConfigFile = createConfigFile("test", "enabledCipherSuites=TEST");
        try {
            TlsConfiguration tlsConfiguration = new TlsConfiguration(".keystore");
            tlsConfiguration.initialise(true, "javax.net");
            Assert.assertThat(tlsConfiguration.getEnabledCipherSuites(), Matchers.arrayContainingInAnyOrder(new String[]{"TEST"}));
            System.setProperty("mule.security.model", securityModel);
            FileUtils.deleteFile(createConfigFile);
        } catch (Throwable th) {
            System.setProperty("mule.security.model", securityModel);
            FileUtils.deleteFile(createConfigFile);
            throw th;
        }
    }

    private File getDefaultProtocolConfigFile() throws IOException {
        return createConfigFile("default", String.format("defaultProtocol=%s", SUPPORTED_PROTOCOL));
    }

    private File createDefaultConfigFile(boolean z) throws IOException {
        return createConfigFile("default", z ? String.format("enabledProtocols=%s", SUPPORTED_PROTOCOL) : String.format("enabledCipherSuites=UNSUPPORTED,%s\nenabledProtocols=UNSUPPORTED,%s", SUPPORTED_CIPHER_SUITE, SUPPORTED_PROTOCOL));
    }

    private File createConfigFile(String str, String str2) throws IOException {
        File file = new File(ClassUtils.getClassPathRoot(getClass()).getPath(), String.format("tls-%s.conf", str));
        PrintWriter printWriter = new PrintWriter(file, "UTF-8");
        printWriter.println(str2);
        printWriter.close();
        return file;
    }
}
