package org.jsslutils.sslcontext.test;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.SSLSocket;
import org.junit.Assert;

/* loaded from: input_file:org/jsslutils/sslcontext/test/MiniSslClientServer.class */
public abstract class MiniSslClientServer {
    public static final String CERTIFICATES_DIRECTORY = "org/jsslutils/certificates/";
    public static final char[] KEYSTORE_PASSWORD = "testtest".toCharArray();
    protected Exception requestException;
    protected boolean verboseExceptions = false;
    protected int serverTimeout = 4000;
    protected int testPort = 31050;
    private int serverRequestNumber = 1;

    /* loaded from: input_file:org/jsslutils/sslcontext/test/MiniSslClientServer$RequestHandler.class */
    protected class RequestHandler implements Runnable {
        private final Socket clientSocket;

        public RequestHandler(Socket socket) {
            this.clientSocket = socket;
        }

        @Override // java.lang.Runnable
        public void run() {
            String readLine;
            SSLSession session;
            System.out.println("Accepted connection.");
            try {
                try {
                    PrintWriter printWriter = new PrintWriter(this.clientSocket.getOutputStream(), true);
                    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(this.clientSocket.getInputStream()));
                    do {
                        readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        } else {
                            System.out.println("Client says: " + readLine);
                        }
                    } while (readLine.length() != 0);
                    String str = (("HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n") + "\r\n") + "Hello World\r\n";
                    if ((this.clientSocket instanceof SSLSocket) && (session = ((SSLSocket) this.clientSocket).getSession()) != null) {
                        System.out.println("Cipher suite: " + session.getCipherSuite());
                        str = (str + "Cipher suite: " + session.getCipherSuite() + "\r\n") + "Client certificates: \r\n";
                        for (X509Certificate x509Certificate : (X509Certificate[]) session.getPeerCertificates()) {
                            str = str + " - " + x509Certificate.getSubjectX500Principal().getName() + "\r\n";
                        }
                    }
                    printWriter.print(str);
                    printWriter.close();
                    bufferedReader.close();
                    try {
                        this.clientSocket.close();
                    } catch (IOException e) {
                        if (MiniSslClientServer.this.verboseExceptions) {
                            e.printStackTrace();
                        }
                        throw new RuntimeException(e);
                    }
                } catch (Exception e2) {
                    if (MiniSslClientServer.this.verboseExceptions) {
                        e2.printStackTrace();
                    }
                    MiniSslClientServer.this.requestException = e2;
                    try {
                        this.clientSocket.close();
                    } catch (IOException e3) {
                        if (MiniSslClientServer.this.verboseExceptions) {
                            e3.printStackTrace();
                        }
                        throw new RuntimeException(e3);
                    }
                }
            } catch (Throwable th) {
                try {
                    this.clientSocket.close();
                    throw th;
                } catch (IOException e4) {
                    if (MiniSslClientServer.this.verboseExceptions) {
                        e4.printStackTrace();
                    }
                    throw new RuntimeException(e4);
                }
            }
        }
    }

    public KeyStore getCaKeyStore() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        InputStream systemResourceAsStream = ClassLoader.getSystemResourceAsStream("org/jsslutils/certificates/jks/dummy.jks");
        keyStore.load(systemResourceAsStream, KEYSTORE_PASSWORD);
        systemResourceAsStream.close();
        return keyStore;
    }

    public KeyStore getServerCertKeyStore() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        InputStream systemResourceAsStream = ClassLoader.getSystemResourceAsStream("org/jsslutils/certificates/localhost.p12");
        keyStore.load(systemResourceAsStream, KEYSTORE_PASSWORD);
        systemResourceAsStream.close();
        return keyStore;
    }

    public KeyStore getGoodClientCertKeyStore() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        InputStream systemResourceAsStream = ClassLoader.getSystemResourceAsStream("org/jsslutils/certificates/testclient.p12");
        keyStore.load(systemResourceAsStream, KEYSTORE_PASSWORD);
        systemResourceAsStream.close();
        return keyStore;
    }

    public KeyStore getBadClientCertKeyStore() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        InputStream systemResourceAsStream = ClassLoader.getSystemResourceAsStream("org/jsslutils/certificates/testclient-r.p12");
        keyStore.load(systemResourceAsStream, KEYSTORE_PASSWORD);
        systemResourceAsStream.close();
        return keyStore;
    }

    public Collection<X509CRL> getLocalCRLs() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException, CRLException {
        InputStream systemResourceAsStream = ClassLoader.getSystemResourceAsStream("org/jsslutils/certificates/newca.crl");
        X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(systemResourceAsStream);
        systemResourceAsStream.close();
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509crl);
        return arrayList;
    }

    public boolean runTest(SSLContext sSLContext, SSLContext sSLContext2) throws IOException {
        this.requestException = null;
        SSLServerSocket prepareServerSocket = prepareServerSocket(sSLContext2);
        Assert.assertNotNull("Server socket not null", prepareServerSocket);
        Assert.assertTrue("Server socket is bound", prepareServerSocket.isBound());
        if (prepareServerSocket != null) {
            runServer(prepareServerSocket);
            try {
                doClientRequest(sSLContext);
                synchronized (prepareServerSocket) {
                    if (!prepareServerSocket.isClosed()) {
                        prepareServerSocket.close();
                    }
                }
                synchronized (prepareServerSocket) {
                    Assert.assertTrue(prepareServerSocket.isClosed());
                }
            } catch (Throwable th) {
                synchronized (prepareServerSocket) {
                    if (!prepareServerSocket.isClosed()) {
                        prepareServerSocket.close();
                    }
                    throw th;
                }
            }
        }
        boolean z = true;
        if (this.requestException != null) {
            Assert.assertTrue(this.requestException instanceof SSLException);
            SSLException sSLException = (SSLException) this.requestException;
            Throwable printSslException = printSslException("! Server: ", sSLException, null);
            z = printSslException == null || !(printSslException instanceof CertPathValidatorException);
            Assert.assertNotNull(printSslException);
            if (z) {
                throw new RuntimeException(sSLException);
            }
        }
        System.out.println();
        return z;
    }

    protected void doClientRequest(SSLContext sSLContext) throws IOException {
        PrintWriter printWriter = null;
        BufferedReader bufferedReader = null;
        SSLSocket sSLSocket = null;
        try {
            try {
                try {
                    sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket("localhost", this.testPort);
                    Assert.assertTrue("Client socket connected", sSLSocket.isConnected());
                    sSLSocket.setSoTimeout(500);
                    bufferedReader = new BufferedReader(new InputStreamReader(sSLSocket.getInputStream()));
                    printWriter = new PrintWriter(sSLSocket.getOutputStream(), true);
                    printWriter.println("GET / HTTP/1.1");
                    printWriter.println("Host: localhost");
                    printWriter.println();
                    while (true) {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        } else {
                            System.out.println("Server says: " + readLine);
                        }
                    }
                    if (bufferedReader != null) {
                        bufferedReader.close();
                    }
                    if (printWriter != null) {
                        printWriter.close();
                    }
                } catch (IOException e) {
                    e.printStackTrace();
                    Assert.fail();
                    if (bufferedReader != null) {
                        bufferedReader.close();
                    }
                    if (printWriter != null) {
                        printWriter.close();
                    }
                }
            } catch (SSLException e2) {
                printSslException("! Client: ", e2, sSLSocket);
                if (bufferedReader != null) {
                    bufferedReader.close();
                }
                if (printWriter != null) {
                    printWriter.close();
                }
            }
        } catch (Throwable th) {
            if (bufferedReader != null) {
                bufferedReader.close();
            }
            if (printWriter != null) {
                printWriter.close();
            }
            throw th;
        }
    }

    protected void setServerRequestNumber(int i) {
        this.serverRequestNumber = i;
    }

    protected void runServer(final SSLServerSocket sSLServerSocket) {
        final ThreadPoolExecutor threadPoolExecutor = new ThreadPoolExecutor(2, 10, 60L, TimeUnit.SECONDS, new LinkedBlockingQueue());
        new Thread(new Runnable() { // from class: org.jsslutils.sslcontext.test.MiniSslClientServer.1
            @Override // java.lang.Runnable
            public void run() {
                int i = MiniSslClientServer.this.serverRequestNumber;
                int i2 = i;
                while (true) {
                    if (i2 <= 0 && i != 0) {
                        try {
                            break;
                        } catch (IOException e) {
                            MiniSslClientServer.this.requestException = e;
                            return;
                        }
                    } else {
                        try {
                            sSLServerSocket.setSoTimeout(MiniSslClientServer.this.serverTimeout);
                            threadPoolExecutor.execute(new RequestHandler(sSLServerSocket.accept()));
                        } catch (IOException e2) {
                            MiniSslClientServer.this.requestException = e2;
                        }
                        i2--;
                    }
                }
                synchronized (sSLServerSocket) {
                    if (!sSLServerSocket.isClosed()) {
                        sSLServerSocket.close();
                    }
                }
            }
        }).start();
    }

    protected SSLServerSocket prepareServerSocket(SSLContext sSLContext) {
        SSLServerSocketFactory serverSocketFactory = sSLContext.getServerSocketFactory();
        SSLServerSocket sSLServerSocket = null;
        for (int i = 10; i > 0; i--) {
            try {
                int i2 = this.testPort + 1;
                this.testPort = i2;
                sSLServerSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(i2);
                sSLServerSocket.setWantClientAuth(true);
                System.out.println("Server listening at: https://localhost:" + this.testPort + "/");
                break;
            } catch (IOException e) {
                System.err.println("Could not listen on port: " + this.testPort);
                sSLServerSocket = null;
            }
        }
        return sSLServerSocket;
    }

    private Throwable printSslException(String str, SSLException sSLException, SSLSocket sSLSocket) {
        Throwable th = sSLException;
        while (true) {
            Throwable cause = th.getCause();
            th = cause;
            if (cause == null) {
                break;
            }
            if (th instanceof CertPathValidatorException) {
                CertPathValidatorException certPathValidatorException = (CertPathValidatorException) th;
                List<? extends Certificate> certificates = certPathValidatorException.getCertPath().getCertificates();
                int index = certPathValidatorException.getIndex();
                if (index >= 0) {
                    Certificate certificate = certificates.get(index);
                    if (certificate instanceof X509Certificate) {
                        System.out.println(str + "Problem caused by cert: " + ((X509Certificate) certificate).getSubjectX500Principal().getName());
                    } else {
                        System.out.println(str + "Problem caused by cert: " + certificate);
                    }
                } else {
                    System.out.println(str + "Unknown index: " + th);
                }
            } else {
                System.out.println(str + th);
                if (sSLSocket != null) {
                    printSslSocketInfo(sSLSocket);
                }
            }
        }
        return th;
    }

    private void printSslSocketInfo(SSLSocket sSLSocket) {
        System.out.println("Socket: " + sSLSocket);
        SSLSession session = sSLSocket.getSession();
        if (session != null) {
            System.out.println("Session: " + session);
            System.out.println("  Local certificates: " + session.getLocalCertificates());
            System.out.println("  Local principal: " + session.getLocalPrincipal());
            SSLSessionContext sessionContext = session.getSessionContext();
            if (sessionContext != null) {
                System.out.println("Session context: " + sessionContext);
            }
        }
    }
}
