package org.apache.wss4j.common.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.util.Iterator;
import javax.security.auth.x500.X500Principal;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:org/apache/wss4j/common/util/CommaDelimiterRfc2253NameTest.class */
class CommaDelimiterRfc2253NameTest {
    private static final String TYPICAL_CA = "CN=Entrust Certification Authority - L1K,OU=(c) 2012 Entrust\\, Inc. - for authorized use only,OU=See www.entrust.net/legal-terms,O=Entrust\\, Inc.,C=US";
    private static final String QUOTES_TYPICAL_CA = "CN=Entrust Certification Authority - L1K, OU=\"(c) 2012 Entrust, Inc. - for authorized use only\", OU=See www.entrust.net/legal-terms, O=\"Entrust, Inc.\", C=US";
    private CommaDelimiterRfc2253Name subject = new CommaDelimiterRfc2253Name();

    CommaDelimiterRfc2253NameTest() {
    }

    @Test
    void whenMultipleAttributesArePresentThenSpaceIsPlacedAfterComma() {
        Assertions.assertEquals("CN=EOIR, OU=Some Unit, DC=Another place", new CommaDelimiterRfc2253Name().execute("CN=EOIR,OU=Some Unit,DC=Another place"));
    }

    @Test
    void whenRdnContainsACommaThenTheRdnIsSurroundedByDoubleQuotes() {
        Assertions.assertEquals(QUOTES_TYPICAL_CA, new CommaDelimiterRfc2253Name().execute(TYPICAL_CA));
    }

    @Test
    void whenRdnIsInvalidThenExpectException() {
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            this.subject.execute("invalid");
        });
    }

    @Test
    void whenCallingUnescapeWithStringNoEscapesThenNoChangesAreMade() throws Exception {
        Assertions.assertEquals("This is a string with (c) no escaped! sStrings $", this.subject.unEscapeRfc2253RdnSubPart("This is a string with (c) no escaped! sStrings $"), "Expect that string is unchanged");
    }

    @Test
    void whenCallingUnescapeWithStringThenItUnescapesAppropiateCharacters() throws Exception {
        Assertions.assertEquals("This is a string with escapes ,; \\ and < then > \"Copyright Apache\" ", this.subject.unEscapeRfc2253RdnSubPart("This is a string with escapes \\,\\; \\\\ and \\< then \\> \\\"Copyright Apache\\\" "), "Expect that string is unescaped");
    }

    @Test
    void whenCallingUnescapeWithStringWithMultiValueRdnThenItUnescapesAppropriateCharacters() throws Exception {
        Assertions.assertEquals("OU=Sales+CN=J. Smith,O=Widget Inc.,C=US", this.subject.unEscapeRfc2253RdnSubPart("OU=Sales\\+CN=J. Smith\\,O=Widget Inc.\\,C=US"), "Expect that string is unescaped");
    }

    @Test
    public void testThatACommaDelimitedDnStringAndABackSlashEscapedDnProducesTheSameX509PrincipalUsingDefaultTruststore() throws KeyStoreException, InvalidAlgorithmParameterException, CertificateException, NoSuchAlgorithmException, IOException {
        Iterator<TrustAnchor> it = new PKIXParameters(loadDefaultKeyStore()).getTrustAnchors().iterator();
        while (it.hasNext()) {
            assertThatTransformIsEquivalent(it.next().getTrustedCert().getSubjectX500Principal().getName());
        }
    }

    private void assertThatTransformIsEquivalent(String str) {
        Assertions.assertEquals(new X500Principal(str), new X500Principal(this.subject.execute(str)));
    }

    private KeyStore loadDefaultKeyStore() throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        FileInputStream fileInputStream = new FileInputStream(System.getProperty("java.home") + "/lib/security/cacerts".replace('/', File.separatorChar));
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(fileInputStream, "changeit".toCharArray());
        return keyStore;
    }
}
