package org.apache.nifi.minifi.c2.integration.test;

import com.palantir.docker.compose.DockerComposeRule;
import com.palantir.docker.compose.connection.Container;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import org.apache.nifi.minifi.c2.integration.test.health.HttpsStatusCodeHealthCheck;
import org.apache.nifi.security.util.KeystoreType;
import org.apache.nifi.security.util.SslContextFactory;
import org.apache.nifi.security.util.StandardTlsConfiguration;
import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator;
import org.bouncycastle.util.io.pem.PemWriter;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;

/* loaded from: input_file:org/apache/nifi/minifi/c2/integration/test/NiFiRestConfigurationProviderSecureTest.class */
public class NiFiRestConfigurationProviderSecureTest extends AbstractTestSecure {
    private static SSLSocketFactory healthCheckSocketFactory;
    private static Path certificatesDirectory;
    private static SSLContext trustSslContext;
    public static DockerComposeRule docker = DockerComposeRule.builder().file("target/test-classes/docker-compose-NiFiRestConfigurationProviderSecureTest.yml").waitingForServices(Arrays.asList("squid", "mocknifi"), new HttpsStatusCodeHealthCheck(container -> {
        return "https://mocknifi:8443/";
    }, list -> {
        return (Container) list.get(0);
    }, list2 -> {
        return (Container) list2.get(1);
    }, () -> {
        Path resolve = certificatesDirectory.resolve("c2");
        try {
            return SslContextFactory.createSslContext(new StandardTlsConfiguration(resolve.resolve("keystore.jks").toFile().getAbsolutePath(), "badKeystorePass", "badKeyPass", KeystoreType.JKS, resolve.resolve("truststore.jks").toFile().getAbsolutePath(), "badTrustPass", KeystoreType.JKS)).getSocketFactory();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }, 200)).waitingForServices(Arrays.asList("squid", "c2"), new HttpsStatusCodeHealthCheck(container2 -> {
        return "https://c2:10443/c2/config";
    }, list3 -> {
        return (Container) list3.get(0);
    }, list4 -> {
        return (Container) list4.get(1);
    }, () -> {
        return healthCheckSocketFactory;
    }, 403)).build();

    public NiFiRestConfigurationProviderSecureTest() {
        super(docker, certificatesDirectory, trustSslContext);
    }

    @BeforeClass
    public static void initCertificates() throws Exception {
        PemWriter pemWriter;
        Throwable th;
        certificatesDirectory = Paths.get(NiFiRestConfigurationProviderSecureTest.class.getClassLoader().getResource("docker-compose-NiFiRestConfigurationProviderSecureTest.yml").getFile(), new String[0]).getParent().toAbsolutePath().resolve("certificates-NiFiRestConfigurationProviderSecureTest");
        trustSslContext = initCertificates(certificatesDirectory, Arrays.asList("c2", "mocknifi"));
        healthCheckSocketFactory = trustSslContext.getSocketFactory();
        KeyStore keyStore = KeyStore.getInstance("JKS");
        InputStream newInputStream = Files.newInputStream(certificatesDirectory.resolve("mocknifi").resolve("keystore.jks"), new OpenOption[0]);
        Throwable th2 = null;
        try {
            keyStore.load(newInputStream, "badKeystorePass".toCharArray());
            if (newInputStream != null) {
                if (0 != 0) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th3) {
                        th2.addSuppressed(th3);
                    }
                } else {
                    newInputStream.close();
                }
            }
            PemWriter pemWriter2 = new PemWriter(new OutputStreamWriter(Files.newOutputStream(certificatesDirectory.resolve("mocknifi").resolve("cert.pem"), new OpenOption[0])));
            Throwable th4 = null;
            try {
                pemWriter2.writeObject(new JcaMiscPEMGenerator(keyStore.getKey("nifi-key", "badKeyPass".toCharArray())));
                for (Certificate certificate : keyStore.getCertificateChain("nifi-key")) {
                    pemWriter2.writeObject(new JcaMiscPEMGenerator(certificate));
                }
                KeyStore keyStore2 = KeyStore.getInstance("JKS");
                InputStream newInputStream2 = Files.newInputStream(certificatesDirectory.resolve("mocknifi").resolve("truststore.jks"), new OpenOption[0]);
                Throwable th5 = null;
                try {
                    try {
                        keyStore2.load(newInputStream2, "badTrustPass".toCharArray());
                        if (newInputStream2 != null) {
                            if (0 != 0) {
                                try {
                                    newInputStream2.close();
                                } catch (Throwable th6) {
                                    th5.addSuppressed(th6);
                                }
                            } else {
                                newInputStream2.close();
                            }
                        }
                        pemWriter = new PemWriter(new OutputStreamWriter(Files.newOutputStream(certificatesDirectory.resolve("mocknifi").resolve("ca.pem"), new OpenOption[0])));
                        th = null;
                    } finally {
                    }
                    try {
                        try {
                            pemWriter.writeObject(new JcaMiscPEMGenerator(keyStore2.getCertificate("nifi-cert")));
                            if (pemWriter != null) {
                                if (0 != 0) {
                                    try {
                                        pemWriter.close();
                                    } catch (Throwable th7) {
                                        th.addSuppressed(th7);
                                    }
                                } else {
                                    pemWriter.close();
                                }
                            }
                            docker.before();
                        } finally {
                        }
                    } catch (Throwable th8) {
                        if (pemWriter != null) {
                            if (th != null) {
                                try {
                                    pemWriter.close();
                                } catch (Throwable th9) {
                                    th.addSuppressed(th9);
                                }
                            } else {
                                pemWriter.close();
                            }
                        }
                        throw th8;
                    }
                } catch (Throwable th10) {
                    if (newInputStream2 != null) {
                        if (th5 != null) {
                            try {
                                newInputStream2.close();
                            } catch (Throwable th11) {
                                th5.addSuppressed(th11);
                            }
                        } else {
                            newInputStream2.close();
                        }
                    }
                    throw th10;
                }
            } finally {
                if (pemWriter2 != null) {
                    if (0 != 0) {
                        try {
                            pemWriter2.close();
                        } catch (Throwable th12) {
                            th4.addSuppressed(th12);
                        }
                    } else {
                        pemWriter2.close();
                    }
                }
            }
        } catch (Throwable th13) {
            if (newInputStream != null) {
                if (0 != 0) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th14) {
                        th2.addSuppressed(th14);
                    }
                } else {
                    newInputStream.close();
                }
            }
            throw th13;
        }
    }

    @AfterClass
    public static void cleanup() {
        docker.after();
    }

    @Before
    public void setup() {
        super.setup(docker);
    }
}
