package org.bouncycastle.jsse.provider.test;

import java.security.KeyPair;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.concurrent.CountDownLatch;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import junit.framework.TestCase;
import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider;
import org.bouncycastle.jsse.provider.test.TestProtocolUtil;

/* loaded from: input_file:org/bouncycastle/jsse/provider/test/BasicTlsTest.class */
public class BasicTlsTest extends TestCase {
    private static final String HOST = "localhost";
    private static final int PORT_NO = 9021;

    /* loaded from: input_file:org/bouncycastle/jsse/provider/test/BasicTlsTest$SimpleClient.class */
    public static class SimpleClient implements TestProtocolUtil.BlockingCallable {
        private final boolean layered;
        private final KeyStore trustStore;
        private final CountDownLatch latch = new CountDownLatch(1);

        public SimpleClient(boolean z, KeyStore keyStore) {
            this.layered = z;
            this.trustStore = keyStore;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public Exception call() throws Exception {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
                trustManagerFactory.init(this.trustStore);
                SSLContext sSLContext = SSLContext.getInstance("TLS", BouncyCastleJsseProvider.PROVIDER_NAME);
                sSLContext.init(null, trustManagerFactory.getTrustManagers(), SecureRandom.getInstance("DEFAULT", "BC"));
                SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
                TestProtocolUtil.doClientProtocol(this.layered ? (SSLSocket) socketFactory.createSocket(SocketFactory.getDefault().createSocket(BasicTlsTest.HOST, BasicTlsTest.PORT_NO), BasicTlsTest.HOST, BasicTlsTest.PORT_NO, true) : (SSLSocket) socketFactory.createSocket(BasicTlsTest.HOST, BasicTlsTest.PORT_NO), "Hello");
                this.latch.countDown();
                return null;
            } catch (Throwable th) {
                this.latch.countDown();
                throw th;
            }
        }

        @Override // org.bouncycastle.jsse.provider.test.TestProtocolUtil.BlockingCallable
        public void await() throws InterruptedException {
            this.latch.await();
        }
    }

    /* loaded from: input_file:org/bouncycastle/jsse/provider/test/BasicTlsTest$SimpleServer.class */
    public static class SimpleServer implements TestProtocolUtil.BlockingCallable {
        private final KeyStore serverStore;
        private final char[] keyPass;
        private final CountDownLatch latch = new CountDownLatch(1);

        SimpleServer(KeyStore keyStore, char[] cArr) {
            this.serverStore = keyStore;
            this.keyPass = cArr;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public Exception call() throws Exception {
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
                keyManagerFactory.init(this.serverStore, this.keyPass);
                SSLContext sSLContext = SSLContext.getInstance("TLS", BouncyCastleJsseProvider.PROVIDER_NAME);
                sSLContext.init(keyManagerFactory.getKeyManagers(), null, SecureRandom.getInstance("DEFAULT", "BC"));
                SSLServerSocket sSLServerSocket = (SSLServerSocket) sSLContext.getServerSocketFactory().createServerSocket(BasicTlsTest.PORT_NO);
                SSLUtils.enableAll(sSLServerSocket);
                this.latch.countDown();
                SSLSocket sSLSocket = (SSLSocket) sSLServerSocket.accept();
                sSLSocket.setUseClientMode(false);
                TestProtocolUtil.doServerProtocol(sSLSocket, "World");
                sSLSocket.close();
                sSLServerSocket.close();
                this.latch.countDown();
                return null;
            } catch (Throwable th) {
                this.latch.countDown();
                throw th;
            }
        }

        @Override // org.bouncycastle.jsse.provider.test.TestProtocolUtil.BlockingCallable
        public void await() throws InterruptedException {
            this.latch.await();
        }
    }

    protected void setUp() {
        ProviderUtils.setupLowPriority(false);
    }

    public void testBasicTlsConnection() throws Exception {
        runTestBasicTlsConnection(false);
    }

    public void testBasicTlsConnectionLayered() throws Exception {
        runTestBasicTlsConnection(true);
    }

    public void testNullRandomJsseInit() throws Exception {
        char[] charArray = "keyPassword".toCharArray();
        KeyPair generateECKeyPair = TestUtils.generateECKeyPair();
        X509Certificate generateRootCert = TestUtils.generateRootCert(generateECKeyPair);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        keyStore.setKeyEntry("server", generateECKeyPair.getPrivate(), charArray, new X509Certificate[]{generateRootCert});
        KeyStore keyStore2 = KeyStore.getInstance("JKS");
        keyStore2.load(null, null);
        keyStore2.setCertificateEntry("ca", generateRootCert);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore2);
        SSLContext.getInstance("TLS", BouncyCastleJsseProvider.PROVIDER_NAME).init(null, trustManagerFactory.getTrustManagers(), null);
    }

    protected void runTestBasicTlsConnection(boolean z) throws Exception {
        char[] charArray = "keyPassword".toCharArray();
        KeyPair generateDSAKeyPair = TestUtils.generateDSAKeyPair();
        KeyPair generateECKeyPair = TestUtils.generateECKeyPair();
        KeyPair generateRSAKeyPair = TestUtils.generateRSAKeyPair();
        X509Certificate generateRootCert = TestUtils.generateRootCert(generateDSAKeyPair);
        X509Certificate generateRootCert2 = TestUtils.generateRootCert(generateECKeyPair);
        X509Certificate generateRootCert3 = TestUtils.generateRootCert(generateRSAKeyPair);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        keyStore.setKeyEntry("serverDSA", generateDSAKeyPair.getPrivate(), charArray, new X509Certificate[]{generateRootCert});
        keyStore.setKeyEntry("serverEC", generateECKeyPair.getPrivate(), charArray, new X509Certificate[]{generateRootCert2});
        keyStore.setKeyEntry("serverRSA", generateRSAKeyPair.getPrivate(), charArray, new X509Certificate[]{generateRootCert3});
        KeyStore keyStore2 = KeyStore.getInstance("JKS");
        keyStore2.load(null, null);
        keyStore2.setCertificateEntry("caDSA", generateRootCert);
        keyStore2.setCertificateEntry("caEC", generateRootCert2);
        keyStore2.setCertificateEntry("caRSA", generateRootCert3);
        TestProtocolUtil.runClientAndServer(new SimpleServer(keyStore, charArray), new SimpleClient(z, keyStore2));
    }
}
