package org.apache.slider.server.services.security;

import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.apache.slider.core.conf.MapOperations;
import org.apache.slider.providers.agent.TestAgentAMManagementWS;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;

/* loaded from: input_file:org/apache/slider/server/services/security/TestCertificateManager.class */
public class TestCertificateManager {

    @Rule
    public TemporaryFolder workDir = new TemporaryFolder();
    private File secDir;
    private CertificateManager certMan;

    @Before
    public void setup() throws Exception {
        this.certMan = new CertificateManager();
        MapOperations mapOperations = new MapOperations();
        this.secDir = new File(this.workDir.getRoot(), "security");
        mapOperations.put(TestAgentAMManagementWS.SSL_SERVER_KEYSTORE_LOCATION, new File(this.secDir, "keystore.p12").getAbsolutePath());
        this.certMan.initialize(mapOperations);
    }

    @Test
    public void testServerCertificateGenerated() throws Exception {
        File file = new File(this.secDir, "ca.crt");
        Assert.assertTrue("Server CRD does not exist:" + file, file.exists());
    }

    @Test
    public void testAMKeystoreGenerated() throws Exception {
        File file = new File(this.secDir, "keystore.p12");
        Assert.assertTrue("Keystore does not exist: " + file, file.exists());
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(file);
            KeyStore keyStore = KeyStore.getInstance("pkcs12");
            keyStore.load(fileInputStream, SecurityUtils.getKeystorePass().toCharArray());
            Certificate certificate = keyStore.getCertificate(keyStore.aliases().nextElement());
            Assert.assertNotNull(certificate);
            if (certificate instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) certificate;
                Assert.assertEquals("wrong DN", "O=Default Company Ltd, L=Default City, ST=Default Province, C=XX", x509Certificate.getSubjectDN().getName());
                Assert.assertEquals("wrong Issuer DN", "O=Default Company Ltd, L=Default City, ST=Default Province, C=XX", x509Certificate.getIssuerDN().getName());
            }
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    @Test
    public void testContainerCertificateGeneration() throws Exception {
        this.certMan.generateContainerCertificate("localhost", "container1");
        Assert.assertTrue("container certificate not generated", new File(this.secDir, "container1.crt").exists());
    }

    @Test
    public void testContainerKeystoreGeneration() throws Exception {
        this.certMan.generateContainerKeystore("localhost", "container1", "password");
        File file = new File(this.secDir, "localhost-container1.p12");
        Assert.assertTrue("container keystore not generated", file.exists());
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(file);
            KeyStore keyStore = KeyStore.getInstance("pkcs12");
            keyStore.load(fileInputStream, "password".toCharArray());
            Certificate certificate = keyStore.getCertificate(keyStore.aliases().nextElement());
            Assert.assertNotNull(certificate);
            if (certificate instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) certificate;
                Assert.assertEquals("wrong DN", "CN=container1, OU=localhost", x509Certificate.getSubjectDN().getName());
                Assert.assertEquals("wrong Issuer DN", "O=Default Company Ltd, L=Default City, ST=Default Province, C=XX", x509Certificate.getIssuerDN().getName());
            }
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }
}
