package org.apache.sshd.common.signature;

import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import org.apache.sshd.client.SshClient;
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.client.session.ClientSession;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.SshException;
import org.apache.sshd.common.keyprovider.FileHostKeyCertificateProvider;
import org.apache.sshd.common.keyprovider.FileKeyPairProvider;
import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.core.CoreModuleProperties;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.util.test.BaseTestSupport;
import org.apache.sshd.util.test.CoreTestSupportUtils;
import org.apache.sshd.util.test.JUnit4ClassRunnerWithParametersFactory;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.MethodSorters;
import org.junit.runners.Parameterized;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
@Parameterized.UseParametersRunnerFactory(JUnit4ClassRunnerWithParametersFactory.class)
@RunWith(Parameterized.class)
/* loaded from: input_file:org/apache/sshd/common/signature/OpenSSHCertificateTest.class */
public class OpenSSHCertificateTest extends BaseTestSupport {
    private static SshServer sshd;
    private static SshClient client;
    private static int port;
    private final FileHostKeyCertificateProvider certificateProvider;
    private final FileKeyPairProvider keyPairProvider;
    private final List<NamedFactory<Signature>> signatureFactory;

    public OpenSSHCertificateTest(String str, String str2, List<NamedFactory<Signature>> list) {
        Path testResourcesFolder = getTestResourcesFolder();
        this.keyPairProvider = new FileKeyPairProvider(testResourcesFolder.resolve(str));
        this.certificateProvider = new FileHostKeyCertificateProvider(testResourcesFolder.resolve(str2));
        this.signatureFactory = list;
    }

    @BeforeClass
    public static void setupClientAndServer() throws Exception {
        sshd = CoreTestSupportUtils.setupTestFullSupportServer(OpenSSHCertificateTest.class);
        sshd.start();
        port = sshd.getPort();
        client = CoreTestSupportUtils.setupTestFullSupportClient(OpenSSHCertificateTest.class);
        client.start();
    }

    @AfterClass
    public static void tearDownClientAndServer() throws Exception {
        if (sshd != null) {
            try {
                sshd.stop(true);
                sshd = null;
            } catch (Throwable th) {
                sshd = null;
                throw th;
            }
        }
        if (client != null) {
            try {
                client.stop();
                client = null;
            } catch (Throwable th2) {
                client = null;
                throw th2;
            }
        }
    }

    @Parameterized.Parameters(name = "type={2}")
    public static List<Object[]> parameters() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Object[]{"ssh_host_rsa_key", "ssh_host_rsa_key_sha1-cert.pub", Arrays.asList(BuiltinSignatures.rsaSHA512, BuiltinSignatures.rsaSHA256, BuiltinSignatures.rsa)});
        arrayList.add(new Object[]{"ssh_host_rsa_key", "ssh_host_rsa_key_sha1-cert.pub", Arrays.asList(BuiltinSignatures.rsa_cert, BuiltinSignatures.rsa)});
        arrayList.add(new Object[]{"ssh_host_rsa_key", "ssh_host_rsa_key_sha1-cert.pub", Collections.singletonList(BuiltinSignatures.rsa)});
        arrayList.add(new Object[]{"ssh_host_rsa_key", "ssh_host_rsa_key-cert.pub", Arrays.asList(BuiltinSignatures.rsaSHA512_cert, BuiltinSignatures.rsaSHA512)});
        arrayList.add(new Object[]{"ssh_host_rsa_key", "ssh_host_rsa_key-cert.pub", Arrays.asList(BuiltinSignatures.rsa_cert, BuiltinSignatures.rsaSHA512)});
        return Collections.unmodifiableList(arrayList);
    }

    @Before
    public void setUp() {
        sshd.setKeyPairProvider(this.keyPairProvider);
        sshd.setHostKeyCertificateProvider(this.certificateProvider);
        CoreModuleProperties.ABORT_ON_INVALID_CERTIFICATE.remove(client);
        client.setSignatureFactories(this.signatureFactory);
    }

    @Test
    public void testOpenSshCertificates() throws Exception {
        ClientSession session = ((ConnectFuture) client.connect(getCurrentTestName(), TEST_LOCALHOST, port).verify(CONNECT_TIMEOUT)).getSession();
        Throwable th = null;
        try {
            session.addPasswordIdentity(getCurrentTestName());
            session.auth().verify(AUTH_TIMEOUT);
            if (session != null) {
                if (0 == 0) {
                    session.close();
                    return;
                }
                try {
                    session.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (session != null) {
                if (0 != 0) {
                    try {
                        session.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    session.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testContinueOnInvalidPrincipal() throws Exception {
        CoreModuleProperties.ABORT_ON_INVALID_CERTIFICATE.set(client, false);
        ClientSession session = ((ConnectFuture) client.connect(getCurrentTestName(), "localhost", port).verify(CONNECT_TIMEOUT)).getSession();
        Throwable th = null;
        try {
            session.addPasswordIdentity(getCurrentTestName());
            session.auth().verify(AUTH_TIMEOUT);
            if (session != null) {
                if (0 == 0) {
                    session.close();
                    return;
                }
                try {
                    session.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (session != null) {
                if (0 != 0) {
                    try {
                        session.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    session.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testAbortOnInvalidPrincipal() throws Exception {
        ClientSession session;
        Throwable th;
        CoreModuleProperties.ABORT_ON_INVALID_CERTIFICATE.set(client, true);
        boolean z = false;
        try {
            session = ((ConnectFuture) client.connect(getCurrentTestName(), "localhost", port).verify(CONNECT_TIMEOUT)).getSession();
            th = null;
        } catch (SshException e) {
            assertEquals(3L, e.getDisconnectCode());
            assertTrue("Expected error about invalid principal, got: " + e.getMessage(), e.getMessage().contains("principal"));
            z = true;
        }
        try {
            try {
                session.addPasswordIdentity(getCurrentTestName());
                session.auth().verify(AUTH_TIMEOUT);
                assertFalse(client.getSignatureFactories().contains(BuiltinSignatures.rsa_cert));
                if (session != null) {
                    if (0 != 0) {
                        try {
                            session.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        session.close();
                    }
                }
                assertEquals(Boolean.valueOf(GenericUtils.containsAny(client.getSignatureFactories(), Arrays.asList(BuiltinSignatures.rsaSHA512_cert, BuiltinSignatures.rsaSHA256_cert, BuiltinSignatures.rsa_cert))), Boolean.valueOf(z));
            } finally {
            }
        } finally {
        }
    }
}
