package org.apache.cxf.https.ssl3;

import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.ws.BindingProvider;
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.hello_world.services.SOAPService;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/cxf/https/ssl3/SSLv3Test.class */
public class SSLv3Test extends AbstractBusClientServerTestBase {
    static final String PORT = allocatePort(SSLv3Server.class);
    static final String PORT2 = allocatePort(SSLv3Server.class, 2);
    static final String PORT3 = allocatePort(SSLv3Server.class, 3);
    static final String PORT4 = allocatePort(SSLv3Server.class, 4);

    /* loaded from: input_file:org/apache/cxf/https/ssl3/SSLv3Test$DisableCNCheckVerifier.class */
    private static final class DisableCNCheckVerifier implements HostnameVerifier {
        private DisableCNCheckVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    }

    @BeforeClass
    public static void startServers() throws Exception {
        assertTrue("Server failed to launch", launchServer(SSLv3Server.class, true));
    }

    @AfterClass
    public static void cleanup() throws Exception {
        stopAllServers();
    }

    @Test
    public void testSSLv3ServerNotAllowedByDefault() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(SSLv3Test.class.getResource("sslv3-client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        System.setProperty("https.protocols", "SSLv3");
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL("https://localhost:" + PORT).openConnection();
        httpsURLConnection.setHostnameVerifier(new DisableCNCheckVerifier());
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        KeyStore keyStore = KeyStore.getInstance("jks");
        InputStream resourceAsStream = ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", SSLv3Test.class);
        Throwable th = null;
        try {
            try {
                keyStore.load(resourceAsStream, null);
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
                trustManagerFactory.init(keyStore);
                sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
                httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
                try {
                    httpsURLConnection.connect();
                    fail("Failure expected on an SSLv3 connection attempt");
                } catch (IOException e) {
                }
                System.clearProperty("https.protocols");
                createBus.shutdown(true);
            } finally {
            }
        } catch (Throwable th3) {
            if (resourceAsStream != null) {
                if (th != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    resourceAsStream.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testSSLv3ServerAllowed() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        Bus createBus = new SpringBusFactory().createBus(SSLv3Test.class.getResource("sslv3-client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        System.setProperty("https.protocols", "SSLv3");
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL("https://localhost:" + PORT2).openConnection();
        httpsURLConnection.setHostnameVerifier(new DisableCNCheckVerifier());
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        KeyStore keyStore = KeyStore.getInstance("jks");
        InputStream resourceAsStream = ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", SSLv3Test.class);
        Throwable th = null;
        try {
            try {
                keyStore.load(resourceAsStream, null);
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
                trustManagerFactory.init(keyStore);
                sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
                httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
                httpsURLConnection.connect();
                httpsURLConnection.disconnect();
                System.clearProperty("https.protocols");
                createBus.shutdown(true);
            } finally {
            }
        } catch (Throwable th3) {
            if (resourceAsStream != null) {
                if (th != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    resourceAsStream.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testClientSSL3NotAllowed() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(SSLv3Test.class.getResource("sslv3-client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT3);
        try {
            httpsPort.greetMe("Kitty");
            fail("Failure expected on the client not supporting SSLv3 by default");
        } catch (Exception e) {
        }
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testAsyncClientSSL3NotAllowed() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(SSLv3Test.class.getResource("sslv3-client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        ((BindingProvider) httpsPort).getRequestContext().put("use.async.http.conduit", true);
        updateAddressPort(httpsPort, PORT3);
        try {
            httpsPort.greetMe("Kitty");
            fail("Failure expected on the client not supporting SSLv3 by default");
        } catch (Exception e) {
        }
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testClientSSL3Allowed() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        Bus createBus = new SpringBusFactory().createBus(SSLv3Test.class.getResource("sslv3-client-allow.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT3);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testAsyncClientSSL3Allowed() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        Bus createBus = new SpringBusFactory().createBus(SSLv3Test.class.getResource("sslv3-client-allow.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        ((BindingProvider) httpsPort).getRequestContext().put("use.async.http.conduit", true);
        updateAddressPort(httpsPort, PORT3);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testTLSClientToEndpointWithSSL3Allowed() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        Bus createBus = new SpringBusFactory().createBus(SSLv3Test.class.getResource("sslv3-client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT4);
        httpsPort.greetMe("Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testSSL3ClientToEndpointWithSSL3Allowed() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        Bus createBus = new SpringBusFactory().createBus(SSLv3Test.class.getResource("sslv3-client-allow.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT4);
        httpsPort.greetMe("Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }
}
