package org.infinispan.client.hotrod;

import java.io.IOException;
import org.infinispan.client.hotrod.configuration.ConfigurationBuilder;
import org.infinispan.client.hotrod.exceptions.TransportException;
import org.infinispan.client.hotrod.test.HotRodClientTestingUtil;
import org.infinispan.commons.test.Exceptions;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.server.core.configuration.SslConfigurationBuilder;
import org.infinispan.server.hotrod.HotRodServer;
import org.infinispan.server.hotrod.configuration.HotRodServerConfigurationBuilder;
import org.infinispan.server.hotrod.test.HotRodTestingUtil;
import org.infinispan.test.SingleCacheManagerTest;
import org.infinispan.test.fwk.CleanupAfterMethod;
import org.infinispan.test.fwk.TestCacheManagerFactory;
import org.infinispan.util.logging.Log;
import org.infinispan.util.logging.LogFactory;
import org.testng.AssertJUnit;
import org.testng.annotations.Test;

@CleanupAfterMethod
@Test(testName = "client.hotrod.SslTest", groups = {"functional"})
/* loaded from: input_file:org/infinispan/client/hotrod/SslTest.class */
public class SslTest extends SingleCacheManagerTest {
    private static final Log log = LogFactory.getLog(SslTest.class);
    public static final char[] STORE_PASSWORD = "secret".toCharArray();
    public static final char[] ALT_CERTIFICATE_PASSWORD = "changeme".toCharArray();
    RemoteCache<String, String> defaultRemote;
    protected RemoteCacheManager remoteCacheManager;
    protected HotRodServer hotrodServer;

    protected EmbeddedCacheManager createCacheManager() throws Exception {
        this.cacheManager = TestCacheManagerFactory.createCacheManager(HotRodTestingUtil.hotRodCacheConfiguration());
        this.cacheManager.getCache();
        return this.cacheManager;
    }

    protected void initServerAndClient(boolean z, boolean z2, boolean z3, boolean z4, boolean z5) {
        HotRodServerConfigurationBuilder defaultHotRodConfiguration = HotRodTestingUtil.getDefaultHotRodConfiguration();
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        String path = contextClassLoader.getResource(z5 ? "keystore_server.jks" : "keystore_server.p12").getPath();
        String path2 = contextClassLoader.getResource("ca.p12").getPath();
        SslConfigurationBuilder keyStoreType = defaultHotRodConfiguration.ssl().enabled(z).keyStoreFileName(path).keyStorePassword(STORE_PASSWORD).keyStoreType(z5 ? "JCEKS" : "PKCS12");
        if (z5) {
            keyStoreType.keyStoreCertificatePassword(ALT_CERTIFICATE_PASSWORD);
        }
        if (z3) {
            keyStoreType.requireClientAuth(true).trustStoreFileName(path2).trustStoreType("PKCS12").trustStorePassword(STORE_PASSWORD);
        }
        this.hotrodServer = HotRodTestingUtil.startHotRodServer(this.cacheManager, defaultHotRodConfiguration);
        log.info("Started server on port: " + this.hotrodServer.getPort());
        String path3 = contextClassLoader.getResource(z5 ? "keystore_client.jks" : "keystore_client.p12").getPath();
        String path4 = contextClassLoader.getResource("ca.p12").getPath();
        ConfigurationBuilder newRemoteConfigurationBuilder = HotRodClientTestingUtil.newRemoteConfigurationBuilder();
        org.infinispan.client.hotrod.configuration.SslConfigurationBuilder ssl = newRemoteConfigurationBuilder.addServer().host("127.0.0.1").port(this.hotrodServer.getPort().intValue()).socketTimeout(3000).connectionPool().maxActive(1).security().authentication().disable().ssl();
        if (z2) {
            ssl.trustStoreFileName(path4).trustStorePassword(STORE_PASSWORD).trustStoreType("PKCS12");
            if (z4) {
                ssl.keyStoreFileName(path3).keyStorePassword(STORE_PASSWORD).keyStoreType(z5 ? "JCEKS" : "PKCS12");
                if (z5) {
                    ssl.keyStoreCertificatePassword(ALT_CERTIFICATE_PASSWORD);
                }
            }
        }
        this.remoteCacheManager = new RemoteCacheManager(newRemoteConfigurationBuilder.build());
        this.defaultRemote = this.remoteCacheManager.getCache();
    }

    protected void teardown() {
        HotRodClientTestingUtil.killRemoteCacheManager(this.remoteCacheManager);
        this.remoteCacheManager = null;
        HotRodClientTestingUtil.killServers(this.hotrodServer);
        this.hotrodServer = null;
        super.teardown();
    }

    public void testSSLServerSSLClient() throws Exception {
        initServerAndClient(true, true, false, false, false);
        this.defaultRemote.put("k", "v");
        AssertJUnit.assertEquals("v", (String) this.defaultRemote.get("k"));
    }

    @Test(expectedExceptions = {TransportException.class})
    public void testSSLServerPlainClient() throws Exception {
        initServerAndClient(true, false, false, false, false);
    }

    @Test(expectedExceptions = {TransportException.class})
    public void testPlainServerSSLClient() throws Exception {
        initServerAndClient(false, true, false, false, false);
    }

    public void testClientAuth() throws Exception {
        initServerAndClient(true, true, true, true, false);
        this.defaultRemote.put("k", "v");
        AssertJUnit.assertEquals("v", (String) this.defaultRemote.get("k"));
    }

    public void testClientAuthWithAnonClient() throws Exception {
        Exceptions.expectExceptionNonStrict(TransportException.class, IOException.class, () -> {
            initServerAndClient(true, true, true, false, false);
        });
    }

    public void testClientAuthAltCertPassword() throws Exception {
        initServerAndClient(true, true, true, true, true);
        this.defaultRemote.put("k", "v");
        AssertJUnit.assertEquals("v", (String) this.defaultRemote.get("k"));
    }
}
