package org.apache.ignite.util;

import java.util.ArrayList;
import java.util.Arrays;
import org.apache.ignite.configuration.ConnectorConfiguration;
import org.apache.ignite.configuration.DataStorageConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.internal.IgniteEx;
import org.apache.ignite.internal.commandline.CommandHandler;
import org.apache.ignite.internal.util.typedef.F;
import org.apache.ignite.ssl.SslContextFactory;
import org.apache.ignite.testframework.GridTestUtils;
import org.jetbrains.annotations.NotNull;
import org.junit.Test;

/* loaded from: input_file:org/apache/ignite/util/GridCommandHandlerSslTest.class */
public class GridCommandHandlerSslTest extends GridCommandHandlerClusterPerMethodAbstractTest {
    private volatile String[] cipherSuites;

    @NotNull
    private SslContextFactory createSslFactory() {
        SslContextFactory sslFactory = GridTestUtils.sslFactory();
        sslFactory.setCipherSuites(this.cipherSuites);
        return sslFactory;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.util.GridCommandHandlerAbstractTest, org.apache.ignite.testframework.junits.GridAbstractTest
    public IgniteConfiguration getConfiguration(String str) throws Exception {
        IgniteConfiguration configuration = super.getConfiguration(str);
        configuration.setDataStorageConfiguration(new DataStorageConfiguration());
        configuration.getDataStorageConfiguration().getDefaultDataRegionConfiguration().setMaxSize(104857600L);
        configuration.getDataStorageConfiguration().getDefaultDataRegionConfiguration().setPersistenceEnabled(true);
        configuration.setConnectorConfiguration(new ConnectorConfiguration());
        configuration.getConnectorConfiguration().setSslEnabled(true);
        configuration.setSslContextFactory(createSslFactory());
        return configuration;
    }

    private void activate(String str, String str2, int i) throws Exception {
        this.cipherSuites = F.isEmpty(str) ? null : str.split(",");
        IgniteEx startGrids = startGrids(1);
        assertFalse(startGrids.cluster().active());
        CommandHandler commandHandler = new CommandHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add("--activate");
        arrayList.add("--keystore");
        arrayList.add(GridTestUtils.keyStorePath("node01"));
        arrayList.add("--keystore-password");
        arrayList.add(GridTestUtils.keyStorePassword());
        if (!F.isEmpty(str2)) {
            arrayList.add("--ssl-cipher-suites");
            arrayList.add(str2);
        }
        assertEquals(i, execute(arrayList));
        if (i == 0) {
            assertTrue(startGrids.cluster().active());
        } else {
            assertFalse(startGrids.cluster().active());
        }
        assertEquals(2, commandHandler.execute(Arrays.asList("--deactivate", "--yes")));
    }

    @Test
    public void testClientWithoutSslConnectsToSslEnabledCluster() throws Exception {
        startGrid(0);
        ArrayList arrayList = new ArrayList();
        arrayList.add("--activate");
        injectTestSystemOut();
        assertEquals(2, execute(arrayList));
        String byteArrayOutputStream = testOut.toString();
        GridTestUtils.assertContains(log, byteArrayOutputStream, "firewall settings");
        GridTestUtils.assertContains(log, byteArrayOutputStream, "SSL configuration");
    }

    @Test
    public void testDefaultCipherSuite() throws Exception {
        this.cipherSuites = null;
        activate(null, null, 0);
    }

    @Test
    public void testSameCipherSuite() throws Exception {
        activate("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", 0);
    }

    @Test
    public void testOneCommonCipherSuite() throws Exception {
        activate("TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", 0);
    }

    @Test
    public void testNoCommonCipherSuite() throws Exception {
        injectTestSystemOut();
        activate("TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", 2);
        GridTestUtils.assertContains(log, testOut.toString(), "SSL handshake failed (connection closed).");
    }
}
