package org.apache.cxf.systest.https.ciphersuites;

import java.io.Closeable;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.xml.ws.BindingProvider;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.hello_world.services.SOAPService;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.class */
public class CipherSuitesTest extends AbstractBusClientServerTestBase {
    static final boolean UNRESTRICTED_POLICIES_INSTALLED;
    static final String PORT;
    static final String PORT2;
    static final String PORT3;
    static final String PORT4;
    static final String PORT5;

    /* loaded from: input_file:org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest$NoOpX509TrustManager.class */
    private static class NoOpX509TrustManager implements X509TrustManager {
        NoOpX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    @BeforeClass
    public static void startServers() throws Exception {
        assertTrue("Server failed to launch", launchServer(CipherSuitesServer.class, true));
    }

    @AfterClass
    public static void cleanup() throws Exception {
        stopAllServers();
    }

    @Test
    public void testAESIncluded() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testAESIncludedAsync() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        ((BindingProvider) httpsPort).getRequestContext().put("use.async.http.conduit", true);
        updateAddressPort(httpsPort, PORT);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testAESIncludedExplicitly() throws Exception {
        if (!"IBM Corporation".equals(System.getProperty("java.vendor")) && UNRESTRICTED_POLICIES_INSTALLED) {
            Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-explicit-client.xml").toString());
            BusFactory.setDefaultBus(createBus);
            BusFactory.setThreadDefaultBus(createBus);
            SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
            assertNotNull("Service is null", sOAPService);
            Closeable httpsPort = sOAPService.getHttpsPort();
            assertNotNull("Port is null", httpsPort);
            updateAddressPort(httpsPort, PORT4);
            assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
            httpsPort.close();
            createBus.shutdown(true);
        }
    }

    @Test
    public void testClientDHEServerExcludesIncluded() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT);
        try {
            httpsPort.greetMe("Kitty");
            fail("Failure expected on not being able to negotiate a cipher suite");
        } catch (Exception e) {
        }
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testClientDHEServerExcludesIncludedAsync() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        ((BindingProvider) httpsPort).getRequestContext().put("use.async.http.conduit", true);
        updateAddressPort(httpsPort, PORT);
        try {
            httpsPort.greetMe("Kitty");
            fail("Failure expected on not being able to negotiate a cipher suite");
        } catch (Exception e) {
        }
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testDHEIncluded() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT2);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testDHEIncludedAsync() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        ((BindingProvider) httpsPort).getRequestContext().put("use.async.http.conduit", true);
        updateAddressPort(httpsPort, PORT2);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testClientECDHEServerDHEIncluded() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT2);
        try {
            httpsPort.greetMe("Kitty");
            fail("Failure expected on not being able to negotiate a cipher suite");
        } catch (Exception e) {
        }
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testClientECDHEServerDHEIncludedAsync() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        ((BindingProvider) httpsPort).getRequestContext().put("use.async.http.conduit", true);
        updateAddressPort(httpsPort, PORT2);
        try {
            httpsPort.greetMe("Kitty");
            fail("Failure expected on not being able to negotiate a cipher suite");
        } catch (Exception e) {
        }
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testAESIncludedTLSv12() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client-tlsv12.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testAESIncludedTLSv12ViaCode() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client-noconfig.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT);
        HTTPConduit conduit = ClientProxy.getClient(httpsPort).getConduit();
        TLSClientParameters tLSClientParameters = new TLSClientParameters();
        tLSClientParameters.setTrustManagers(new TrustManager[]{new NoOpX509TrustManager()});
        tLSClientParameters.setDisableCNCheck(true);
        tLSClientParameters.setSecureSocketProtocol("TLSv1.2");
        tLSClientParameters.setCipherSuites(Collections.singletonList("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"));
        conduit.setTlsClientParameters(tLSClientParameters);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testAESIncludedTLSv11() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client-noconfig.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT);
        HTTPConduit conduit = ClientProxy.getClient(httpsPort).getConduit();
        TLSClientParameters tLSClientParameters = new TLSClientParameters();
        tLSClientParameters.setTrustManagers(new TrustManager[]{new NoOpX509TrustManager()});
        tLSClientParameters.setDisableCNCheck(true);
        tLSClientParameters.setSecureSocketProtocol("TLSv1.1");
        conduit.setTlsClientParameters(tLSClientParameters);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testAESIncludedTLSv10() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client-noconfig.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT);
        HTTPConduit conduit = ClientProxy.getClient(httpsPort).getConduit();
        TLSClientParameters tLSClientParameters = new TLSClientParameters();
        tLSClientParameters.setTrustManagers(new TrustManager[]{new NoOpX509TrustManager()});
        tLSClientParameters.setDisableCNCheck(true);
        tLSClientParameters.setSecureSocketProtocol("TLSv1");
        conduit.setTlsClientParameters(tLSClientParameters);
        assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        httpsPort.close();
        createBus.shutdown(true);
    }

    @Test
    public void testExpiredCert() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(CipherSuitesTest.class.getResource("ciphersuites-client-expired-cert.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        assertNotNull("Service is null", sOAPService);
        Closeable httpsPort = sOAPService.getHttpsPort();
        assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT5);
        try {
            httpsPort.greetMe("Kitty");
            fail("Failure expected on not being able to negotiate a cipher suite");
        } catch (Exception e) {
        }
        httpsPort.close();
        createBus.shutdown(true);
    }

    static {
        boolean z = false;
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(new byte[]{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23}, "AES");
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(1, secretKeySpec);
            cipher.doFinal(new byte[]{0, 1, 2, 3, 4, 5, 6, 7});
            z = true;
        } catch (Exception e) {
        }
        UNRESTRICTED_POLICIES_INSTALLED = z;
        PORT = allocatePort(CipherSuitesServer.class);
        PORT2 = allocatePort(CipherSuitesServer.class, 2);
        PORT3 = allocatePort(CipherSuitesServer.class, 3);
        PORT4 = allocatePort(CipherSuitesServer.class, 4);
        PORT5 = allocatePort(CipherSuitesServer.class, 5);
    }
}
