package org.apache.hadoop.hdds.security.x509.certificate.utils;

import java.io.File;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.time.LocalDate;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.hdds.security.exception.SCMSecurityException;
import org.apache.hadoop.hdds.security.x509.SecurityConfig;
import org.apache.hadoop.hdds.security.x509.certificates.utils.SelfSignedCertificate;
import org.apache.hadoop.hdds.security.x509.keys.HDDSKeyGenerator;
import org.bouncycastle.cert.X509CertificateHolder;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;

/* loaded from: input_file:org/apache/hadoop/hdds/security/x509/certificate/utils/TestCertificateCodec.class */
public class TestCertificateCodec {
    private static OzoneConfiguration conf = new OzoneConfiguration();
    private static final String COMPONENT = "test";
    private SecurityConfig securityConfig;

    @Rule
    public TemporaryFolder temporaryFolder = new TemporaryFolder();

    @Before
    public void init() throws IOException {
        conf.set("ozone.metadata.dirs", this.temporaryFolder.newFolder().toString());
        this.securityConfig = new SecurityConfig(conf);
    }

    @Test
    public void testGetPEMEncodedString() throws NoSuchProviderException, NoSuchAlgorithmException, IOException, SCMSecurityException, CertificateException {
        HDDSKeyGenerator hDDSKeyGenerator = new HDDSKeyGenerator(conf);
        X509CertificateHolder build = SelfSignedCertificate.newBuilder().setSubject(RandomStringUtils.randomAlphabetic(4)).setClusterID(RandomStringUtils.randomAlphabetic(4)).setScmID(RandomStringUtils.randomAlphabetic(4)).setBeginDate(LocalDate.now()).setEndDate(LocalDate.now().plus(1L, (TemporalUnit) ChronoUnit.DAYS)).setConfiguration(hDDSKeyGenerator.getSecurityConfig().getConfiguration()).setKey(hDDSKeyGenerator.generateKey()).makeCA().build();
        CertificateCodec certificateCodec = new CertificateCodec(this.securityConfig, COMPONENT);
        String pEMEncodedString = CertificateCodec.getPEMEncodedString(build);
        Assert.assertTrue(pEMEncodedString.startsWith("-----BEGIN CERTIFICATE-----"));
        Assert.assertTrue(pEMEncodedString.endsWith("-----END CERTIFICATE-----\n"));
        X509CertificateHolder certificateHolder = certificateCodec.getCertificateHolder(CertificateCodec.getX509Certificate(pEMEncodedString));
        Assert.assertEquals(build, certificateHolder);
        Assert.assertEquals(CertificateCodec.getX509Certificate(build), CertificateCodec.getX509Certificate(certificateHolder));
    }

    @Test
    public void testwriteCertificate() throws NoSuchProviderException, NoSuchAlgorithmException, IOException, SCMSecurityException, CertificateException {
        HDDSKeyGenerator hDDSKeyGenerator = new HDDSKeyGenerator(conf);
        X509CertificateHolder build = SelfSignedCertificate.newBuilder().setSubject(RandomStringUtils.randomAlphabetic(4)).setClusterID(RandomStringUtils.randomAlphabetic(4)).setScmID(RandomStringUtils.randomAlphabetic(4)).setBeginDate(LocalDate.now()).setEndDate(LocalDate.now().plus(1L, (TemporalUnit) ChronoUnit.DAYS)).setConfiguration(hDDSKeyGenerator.getSecurityConfig().getConfiguration()).setKey(hDDSKeyGenerator.generateKey()).makeCA().build();
        CertificateCodec certificateCodec = new CertificateCodec(this.securityConfig, COMPONENT);
        String pEMEncodedString = CertificateCodec.getPEMEncodedString(build);
        File newFolder = this.temporaryFolder.newFolder();
        if (!newFolder.exists()) {
            Assert.assertTrue(newFolder.mkdirs());
        }
        certificateCodec.writeCertificate(newFolder.toPath(), "pemcertificate.crt", pEMEncodedString, false);
        X509CertificateHolder readCertificate = certificateCodec.readCertificate(newFolder.toPath(), "pemcertificate.crt");
        Assert.assertNotNull(readCertificate);
        Assert.assertEquals(build.getSerialNumber(), readCertificate.getSerialNumber());
    }

    @Test
    public void testwriteCertificateDefault() throws IOException, SCMSecurityException, CertificateException, NoSuchProviderException, NoSuchAlgorithmException {
        HDDSKeyGenerator hDDSKeyGenerator = new HDDSKeyGenerator(conf);
        X509CertificateHolder build = SelfSignedCertificate.newBuilder().setSubject(RandomStringUtils.randomAlphabetic(4)).setClusterID(RandomStringUtils.randomAlphabetic(4)).setScmID(RandomStringUtils.randomAlphabetic(4)).setBeginDate(LocalDate.now()).setEndDate(LocalDate.now().plus(1L, (TemporalUnit) ChronoUnit.DAYS)).setConfiguration(hDDSKeyGenerator.getSecurityConfig().getConfiguration()).setKey(hDDSKeyGenerator.generateKey()).makeCA().build();
        CertificateCodec certificateCodec = new CertificateCodec(this.securityConfig, COMPONENT);
        certificateCodec.writeCertificate(build);
        X509CertificateHolder readCertificate = certificateCodec.readCertificate();
        Assert.assertNotNull(readCertificate);
        Assert.assertEquals(build.getSerialNumber(), readCertificate.getSerialNumber());
    }

    @Test
    public void writeCertificate2() throws IOException, SCMSecurityException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException {
        HDDSKeyGenerator hDDSKeyGenerator = new HDDSKeyGenerator(conf);
        X509CertificateHolder build = SelfSignedCertificate.newBuilder().setSubject(RandomStringUtils.randomAlphabetic(4)).setClusterID(RandomStringUtils.randomAlphabetic(4)).setScmID(RandomStringUtils.randomAlphabetic(4)).setBeginDate(LocalDate.now()).setEndDate(LocalDate.now().plus(1L, (TemporalUnit) ChronoUnit.DAYS)).setConfiguration(hDDSKeyGenerator.getSecurityConfig().getConfiguration()).setKey(hDDSKeyGenerator.generateKey()).makeCA().build();
        CertificateCodec certificateCodec = new CertificateCodec(hDDSKeyGenerator.getSecurityConfig(), "ca");
        certificateCodec.writeCertificate(build, "newcert.crt", false);
        certificateCodec.writeCertificate(build, "newcert.crt", true);
        Assert.assertNotNull(certificateCodec.readCertificate(certificateCodec.getLocation(), "newcert.crt"));
    }
}
