package org.apache.hadoop.security.ssl;

import java.io.File;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.httpclient.cookie.Cookie2;
import org.apache.commons.lang.time.DateUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.ssl.SSLFactory;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateIssuerName;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateSubjectName;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* JADX WARN: Classes with same name are omitted:
  input_file:hadoop-common-2.1.0-beta/share/hadoop/common/hadoop-common-2.1.0-beta-tests.jar:org/apache/hadoop/security/ssl/KeyStoreTestUtil.class
  input_file:test-classes/org/apache/hadoop/security/ssl/KeyStoreTestUtil.class
 */
/* loaded from: input_file:hadoop-common-2.1.0-beta-tests.jar:org/apache/hadoop/security/ssl/KeyStoreTestUtil.class */
public class KeyStoreTestUtil {
    public static String getClasspathDir(Class cls) throws Exception {
        String str = cls.getName().replace('.', '/') + ".class";
        String path = Thread.currentThread().getContextClassLoader().getResource(str).toURI().getPath();
        return path.substring(0, (path.length() - str.length()) - 1);
    }

    public static X509Certificate generateCertificate(String str, KeyPair keyPair, int i, String str2) throws GeneralSecurityException, IOException {
        PrivateKey privateKey = keyPair.getPrivate();
        X509CertInfo x509CertInfo = new X509CertInfo();
        Date date = new Date();
        CertificateValidity certificateValidity = new CertificateValidity(date, new Date(date.getTime() + (i * DateUtils.MILLIS_PER_DAY)));
        BigInteger bigInteger = new BigInteger(64, new SecureRandom());
        X500Name x500Name = new X500Name(str);
        x509CertInfo.set("validity", certificateValidity);
        x509CertInfo.set("serialNumber", new CertificateSerialNumber(bigInteger));
        x509CertInfo.set("subject", new CertificateSubjectName(x500Name));
        x509CertInfo.set("issuer", new CertificateIssuerName(x500Name));
        x509CertInfo.set("key", new CertificateX509Key(keyPair.getPublic()));
        x509CertInfo.set(Cookie2.VERSION, new CertificateVersion(2));
        x509CertInfo.set("algorithmID", new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid)));
        X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
        x509CertImpl.sign(privateKey, str2);
        x509CertInfo.set("algorithmID.algorithm", (AlgorithmId) x509CertImpl.get("x509.algorithm"));
        X509CertImpl x509CertImpl2 = new X509CertImpl(x509CertInfo);
        x509CertImpl2.sign(privateKey, str2);
        return x509CertImpl2;
    }

    public static KeyPair generateKeyPair(String str) throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
        keyPairGenerator.initialize(1024);
        return keyPairGenerator.genKeyPair();
    }

    private static KeyStore createEmptyKeyStore() throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        return keyStore;
    }

    private static void saveKeyStore(KeyStore keyStore, String str, String str2) throws GeneralSecurityException, IOException {
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        try {
            keyStore.store(fileOutputStream, str2.toCharArray());
            fileOutputStream.close();
        } catch (Throwable th) {
            fileOutputStream.close();
            throw th;
        }
    }

    public static void createKeyStore(String str, String str2, String str3, Key key, Certificate certificate) throws GeneralSecurityException, IOException {
        KeyStore createEmptyKeyStore = createEmptyKeyStore();
        createEmptyKeyStore.setKeyEntry(str3, key, str2.toCharArray(), new Certificate[]{certificate});
        saveKeyStore(createEmptyKeyStore, str, str2);
    }

    public static void createTrustStore(String str, String str2, String str3, Certificate certificate) throws GeneralSecurityException, IOException {
        KeyStore createEmptyKeyStore = createEmptyKeyStore();
        createEmptyKeyStore.setCertificateEntry(str3, certificate);
        saveKeyStore(createEmptyKeyStore, str, str2);
    }

    public static <T extends Certificate> void createTrustStore(String str, String str2, Map<String, T> map) throws GeneralSecurityException, IOException {
        KeyStore createEmptyKeyStore = createEmptyKeyStore();
        for (Map.Entry<String, T> entry : map.entrySet()) {
            createEmptyKeyStore.setCertificateEntry(entry.getKey(), entry.getValue());
        }
        saveKeyStore(createEmptyKeyStore, str, str2);
    }

    public static void cleanupSSLConfig(String str, String str2) throws Exception {
        new File(str + "/clientKS.jks").delete();
        new File(str + "/serverKS.jks").delete();
        new File(str + "/trustKS.jks").delete();
        new File(str2 + "/ssl-client.xml").delete();
        new File(str2 + "/ssl-server.xml").delete();
    }

    public static void setupSSLConfig(String str, String str2, Configuration configuration, boolean z) throws Exception {
        String str3 = str + "/clientKS.jks";
        String str4 = str + "/serverKS.jks";
        String str5 = str + "/trustKS.jks";
        File file = new File(str2 + "/ssl-client.xml");
        File file2 = new File(str2 + "/ssl-server.xml");
        HashMap hashMap = new HashMap();
        if (z) {
            KeyPair generateKeyPair = generateKeyPair("RSA");
            X509Certificate generateCertificate = generateCertificate("CN=localhost, O=client", generateKeyPair, 30, "SHA1withRSA");
            createKeyStore(str3, "clientP", "client", generateKeyPair.getPrivate(), generateCertificate);
            hashMap.put("client", generateCertificate);
        }
        KeyPair generateKeyPair2 = generateKeyPair("RSA");
        X509Certificate generateCertificate2 = generateCertificate("CN=localhost, O=server", generateKeyPair2, 30, "SHA1withRSA");
        createKeyStore(str4, "serverP", "server", generateKeyPair2.getPrivate(), generateCertificate2);
        hashMap.put("server", generateCertificate2);
        createTrustStore(str5, "trustP", hashMap);
        Configuration configuration2 = new Configuration(false);
        configuration2.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.CLIENT, FileBasedKeyStoresFactory.SSL_KEYSTORE_LOCATION_TPL_KEY), str3);
        configuration2.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.CLIENT, FileBasedKeyStoresFactory.SSL_KEYSTORE_PASSWORD_TPL_KEY), "clientP");
        configuration2.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.CLIENT, FileBasedKeyStoresFactory.SSL_TRUSTSTORE_LOCATION_TPL_KEY), str5);
        configuration2.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.CLIENT, FileBasedKeyStoresFactory.SSL_TRUSTSTORE_PASSWORD_TPL_KEY), "trustP");
        configuration2.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.CLIENT, FileBasedKeyStoresFactory.SSL_TRUSTSTORE_RELOAD_INTERVAL_TPL_KEY), "1000");
        Configuration configuration3 = new Configuration(false);
        configuration3.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_KEYSTORE_LOCATION_TPL_KEY), str4);
        configuration3.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_KEYSTORE_PASSWORD_TPL_KEY), "serverP");
        configuration3.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_TRUSTSTORE_LOCATION_TPL_KEY), str5);
        configuration3.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_TRUSTSTORE_PASSWORD_TPL_KEY), "trustP");
        configuration3.set(FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_TRUSTSTORE_RELOAD_INTERVAL_TPL_KEY), "1000");
        FileWriter fileWriter = new FileWriter(file);
        try {
            configuration2.writeXml(fileWriter);
            fileWriter.close();
            fileWriter = new FileWriter(file2);
            try {
                configuration3.writeXml(fileWriter);
                fileWriter.close();
                configuration.set(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, "ALLOW_ALL");
                configuration.set(SSLFactory.SSL_CLIENT_CONF_KEY, file.getName());
                configuration.set(SSLFactory.SSL_SERVER_CONF_KEY, file2.getName());
                configuration.setBoolean(SSLFactory.SSL_REQUIRE_CLIENT_CERT_KEY, z);
            } finally {
            }
        } finally {
        }
    }
}
