package org.apache.drill.exec;

import java.text.MessageFormat;
import junit.framework.TestCase;
import org.apache.drill.categories.SecurityTest;
import org.apache.drill.common.exceptions.DrillException;
import org.apache.drill.exec.ssl.SSLConfig;
import org.apache.drill.exec.ssl.SSLConfigBuilder;
import org.apache.drill.test.BaseTest;
import org.apache.drill.test.ConfigBuilder;
import org.apache.hadoop.conf.Configuration;
import org.junit.Assert;
import org.junit.Test;
import org.junit.experimental.categories.Category;

@Category({SecurityTest.class})
/* loaded from: input_file:org/apache/drill/exec/TestSSLConfig.class */
public class TestSSLConfig extends BaseTest {
    @Test
    public void testMissingKeystorePath() throws Exception {
        ConfigBuilder configBuilder = new ConfigBuilder();
        configBuilder.put("drill.exec.ssl.keyStorePath", "");
        configBuilder.put("drill.exec.ssl.keyStorePassword", "root");
        configBuilder.put("drill.exec.ssl.useHadoopConfig", false);
        configBuilder.put("drill.exec.security.user.encryption.ssl.enabled", true);
        try {
            new SSLConfigBuilder().config(configBuilder.build()).mode(SSLConfig.Mode.SERVER).initializeSSLContext(false).validateKeyStore(true).build();
            TestCase.fail();
        } catch (Exception e) {
            Assert.assertTrue(e instanceof DrillException);
        }
    }

    @Test
    public void testMissingKeystorePassword() throws Exception {
        ConfigBuilder configBuilder = new ConfigBuilder();
        configBuilder.put("drill.exec.ssl.keyStorePath", "/root");
        configBuilder.put("drill.exec.ssl.keyStorePassword", "");
        configBuilder.put("drill.exec.ssl.useHadoopConfig", false);
        configBuilder.put("drill.exec.security.user.encryption.ssl.enabled", true);
        try {
            new SSLConfigBuilder().config(configBuilder.build()).mode(SSLConfig.Mode.SERVER).initializeSSLContext(false).validateKeyStore(true).build();
            TestCase.fail();
        } catch (Exception e) {
            Assert.assertTrue(e instanceof DrillException);
        }
    }

    @Test
    public void testForKeystoreConfig() throws Exception {
        ConfigBuilder configBuilder = new ConfigBuilder();
        configBuilder.put("drill.exec.ssl.keyStorePath", "/root");
        configBuilder.put("drill.exec.ssl.keyStorePassword", "root");
        try {
            SSLConfig build = new SSLConfigBuilder().config(configBuilder.build()).mode(SSLConfig.Mode.SERVER).initializeSSLContext(false).validateKeyStore(true).build();
            Assert.assertEquals("/root", build.getKeyStorePath());
            Assert.assertEquals("root", build.getKeyStorePassword());
        } catch (Exception e) {
            TestCase.fail();
        }
    }

    @Test
    public void testForBackwardCompatability() throws Exception {
        ConfigBuilder configBuilder = new ConfigBuilder();
        configBuilder.put("javax.net.ssl.keyStore", "/root");
        configBuilder.put("javax.net.ssl.keyStorePassword", "root");
        SSLConfig build = new SSLConfigBuilder().config(configBuilder.build()).mode(SSLConfig.Mode.SERVER).initializeSSLContext(false).validateKeyStore(true).build();
        Assert.assertEquals("/root", build.getKeyStorePath());
        Assert.assertEquals("root", build.getKeyStorePassword());
    }

    @Test
    public void testForTrustStore() throws Exception {
        ConfigBuilder configBuilder = new ConfigBuilder();
        configBuilder.put("drill.exec.ssl.trustStorePath", "/root");
        configBuilder.put("drill.exec.ssl.trustStorePassword", "root");
        configBuilder.put("drill.exec.ssl.useHadoopConfig", false);
        SSLConfig build = new SSLConfigBuilder().config(configBuilder.build()).mode(SSLConfig.Mode.SERVER).initializeSSLContext(false).validateKeyStore(true).build();
        Assert.assertEquals(true, Boolean.valueOf(build.hasTrustStorePath()));
        Assert.assertEquals(true, Boolean.valueOf(build.hasTrustStorePassword()));
        Assert.assertEquals("/root", build.getTrustStorePath());
        Assert.assertEquals("root", build.getTrustStorePassword());
    }

    @Test
    public void testInvalidHadoopKeystore() throws Exception {
        Configuration configuration = new Configuration();
        configuration.set(MessageFormat.format("hadoop.ssl.{0}.conf", SSLConfig.Mode.SERVER.toString().toLowerCase()), "ssl-server-invalid.xml");
        ConfigBuilder configBuilder = new ConfigBuilder();
        configBuilder.put("drill.exec.security.user.encryption.ssl.enabled", true);
        configBuilder.put("drill.exec.ssl.useHadoopConfig", true);
        try {
            new SSLConfigBuilder().config(configBuilder.build()).mode(SSLConfig.Mode.SERVER).initializeSSLContext(false).validateKeyStore(true).hadoopConfig(configuration).build();
            TestCase.fail();
        } catch (Exception e) {
            Assert.assertTrue(e instanceof DrillException);
        }
    }
}
