package org.bouncycastle.jce.provider.test;

import com.unboundid.ldap.listener.InMemoryDirectoryServer;
import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
import com.unboundid.ldap.listener.InMemoryListenerConfig;
import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSearchResult;
import com.unboundid.ldap.listener.interceptor.InMemoryOperationInterceptor;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPResult;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldif.LDIFException;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.InetAddress;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertStore;
import java.security.cert.CertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ServerSocketFactory;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocketFactory;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.jce.X509LDAPCertStoreParameters;
import org.bouncycastle.jce.exception.ExtCertPathBuilderException;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.test.TestResourceFinder;
import org.bouncycastle.util.test.SimpleTest;

/* loaded from: input_file:org/bouncycastle/jce/provider/test/X509LDAPCertStoreTest.class */
public class X509LDAPCertStoreTest extends SimpleTest {

    /* loaded from: input_file:org/bouncycastle/jce/provider/test/X509LDAPCertStoreTest$BcFilterCheck.class */
    class BcFilterCheck extends InMemoryOperationInterceptor {
        private volatile boolean used = false;

        BcFilterCheck() {
        }

        public void processSearchResult(InMemoryInterceptedSearchResult inMemoryInterceptedSearchResult) {
            X509LDAPCertStoreTest.this.isEquals("(&(cn=*chars[\\2a\\28\\29\\00]*)(userCertificate=*))", inMemoryInterceptedSearchResult.getRequest().getFilter().toString());
            this.used = true;
            inMemoryInterceptedSearchResult.setResult(new LDAPResult(0, ResultCode.SUCCESS));
        }

        boolean isUsed() {
            return this.used;
        }
    }

    @Override // org.bouncycastle.util.test.SimpleTest
    public void performTest() throws Exception {
        BcFilterCheck bcFilterCheck = new BcFilterCheck();
        InMemoryDirectoryServer mockLdapServer = mockLdapServer(bcFilterCheck);
        mockLdapServer.startListening();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "BC");
        keyPairGenerator.initialize(256);
        X509Certificate createSelfSignedCert = TestUtils.createSelfSignedCert(new X500Name("CN=chars[*()\\��]"), "SHA256withECDSA", keyPairGenerator.generateKeyPair());
        readEntriesFromFile(mockLdapServer);
        verifyCert(createSelfSignedCert);
        mockLdapServer.shutDown(true);
        isTrue(bcFilterCheck.isUsed());
    }

    private static InMemoryDirectoryServer mockLdapServer(BcFilterCheck bcFilterCheck) throws Exception {
        InMemoryDirectoryServerConfig inMemoryDirectoryServerConfig = new InMemoryDirectoryServerConfig(new String[]{"dc=test"});
        inMemoryDirectoryServerConfig.setListenerConfigs(new InMemoryListenerConfig[]{new InMemoryListenerConfig("listen", InetAddress.getByName("0.0.0.0"), 1389, ServerSocketFactory.getDefault(), SocketFactory.getDefault(), (SSLSocketFactory) SSLSocketFactory.getDefault())});
        inMemoryDirectoryServerConfig.addInMemoryOperationInterceptor(bcFilterCheck);
        return new InMemoryDirectoryServer(inMemoryDirectoryServerConfig);
    }

    private void readEntriesFromFile(InMemoryDirectoryServer inMemoryDirectoryServer) throws IOException, LDAPException, LDIFException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(TestResourceFinder.findTestResource("ldap/", "X509LDAPCertTest.ldif")));
        ArrayList arrayList = new ArrayList();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            }
            if (!readLine.isEmpty()) {
                arrayList.add(readLine.replaceAll("\\\\0", "��"));
            } else if (arrayList.size() > 0) {
                addEntry(inMemoryDirectoryServer, (String[]) arrayList.toArray(new String[0]));
                arrayList.clear();
            }
        }
        bufferedReader.close();
        if (arrayList.size() > 0) {
            addEntry(inMemoryDirectoryServer, (String[]) arrayList.toArray(new String[0]));
            arrayList.clear();
        }
    }

    private void addEntry(InMemoryDirectoryServer inMemoryDirectoryServer, String... strArr) throws LDIFException, LDAPException {
        isEquals(0, inMemoryDirectoryServer.add(strArr).getResultCode().intValue());
    }

    static void verifyCert(X509Certificate x509Certificate) throws Exception {
        X509CertSelector x509CertSelector = new X509CertSelector();
        x509CertSelector.setCertificate(x509Certificate);
        String str = System.getProperty("java.home") + "/lib/security/cacerts".replace('/', File.separatorChar);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(new FileInputStream(str), "changeit".toCharArray());
        PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore, x509CertSelector);
        pKIXBuilderParameters.addCertStore(CertStore.getInstance("LDAP", (CertStoreParameters) new X509LDAPCertStoreParameters.Builder("ldap://127.0.0.1:1389", "CN=certificates").build(), "BC"));
        try {
        } catch (ExtCertPathBuilderException e) {
        }
    }

    @Override // org.bouncycastle.util.test.SimpleTest, org.bouncycastle.util.test.Test
    public String getName() {
        return "X509LDAPCertStore";
    }

    public static void main(String[] strArr) {
        Security.addProvider(new BouncyCastleProvider());
        runTest(new X509LDAPCertStoreTest());
    }
}
