package org.drools.core.util;

import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:org/drools/core/util/KeyStoreHelperTest.class */
public class KeyStoreHelperTest {
    private static final String KEYSTORE_SERVER_RESOURCE_NAME = "droolsServer.keystore";
    private static final String KEYSTORE_CLIENT_RESOURCE_NAME = "droolsClient.keystore";
    private static final String KEYSTORE_JCEKS_RESOURCE_NAME = "droolsServer.jceks";
    private static final String KEYSTORE_JCEKS_FILENAME = "target/test-classes/org/drools/core/util/droolsServer.jceks";
    private static final String KEYSTORE_SERVER_PASSWORD = "serverpwd";
    private static final String KEYSTORE_CLIENT_PASSWORD = "clientpwd";
    private static final String KEY_ALIAS = "droolsKey";
    private static final String KEY_PASSWORD = "keypwd";
    private static final String KEY_PHRASE = "secretkey";

    @Test
    public void testSignDataWithPrivateKey() throws UnsupportedEncodingException, UnrecoverableKeyException, InvalidKeyException, KeyStoreException, NoSuchAlgorithmException, SignatureException {
        URL resource = getClass().getResource(KEYSTORE_SERVER_RESOURCE_NAME);
        System.setProperty("drools.serialization.sign", Boolean.TRUE.toString());
        System.setProperty("drools.serialization.private.keyStoreURL", resource.toExternalForm());
        System.setProperty("drools.serialization.private.keyStorePwd", KEYSTORE_SERVER_PASSWORD);
        System.setProperty("drools.serialization.private.keyAlias", KEY_ALIAS);
        System.setProperty("drools.serialization.private.keyPwd", KEY_PASSWORD);
        KeyStoreHelper keyStoreHelper = new KeyStoreHelper();
        byte[] bytes = "Hello World".getBytes("UTF8");
        byte[] signDataWithPrivateKey = keyStoreHelper.signDataWithPrivateKey(bytes);
        URL resource2 = getClass().getResource(KEYSTORE_CLIENT_RESOURCE_NAME);
        System.setProperty("drools.serialization.sign", Boolean.TRUE.toString());
        System.setProperty("drools.serialization.public.keyStoreURL", resource2.toExternalForm());
        System.setProperty("drools.serialization.public.keyStorePwd", KEYSTORE_CLIENT_PASSWORD);
        KeyStoreHelper keyStoreHelper2 = new KeyStoreHelper();
        Assertions.assertTrue(keyStoreHelper2.checkDataWithPublicKey(KEY_ALIAS, bytes, signDataWithPrivateKey));
        Assertions.assertFalse(keyStoreHelper2.checkDataWithPublicKey(KEY_ALIAS, "fake".getBytes("UTF8"), signDataWithPrivateKey));
    }

    @Test
    public void testLoadPasswordNoKeystore() {
        try {
            new KeyStoreHelper().getPasswordKey((String) null, (char[]) null);
            Assertions.fail();
        } catch (RuntimeException e) {
            Assertions.assertTrue(true);
        }
    }

    @Test
    public void testLoadPassword() throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, InvalidKeyException, InvalidKeySpecException {
        SecretKey storeKeyIntoKeyStoreFile = storeKeyIntoKeyStoreFile(KEY_PHRASE);
        System.setProperty("kie.keystore.keyStoreURL", getClass().getResource(KEYSTORE_JCEKS_RESOURCE_NAME).toExternalForm());
        System.setProperty("kie.keystore.keyStorePwd", KEYSTORE_SERVER_PASSWORD);
        try {
            Assertions.assertEquals(new String(storeKeyIntoKeyStoreFile.getEncoded()), new KeyStoreHelper().getPasswordKey(KEY_ALIAS, KEY_PASSWORD.toCharArray()));
        } catch (RuntimeException e) {
            e.printStackTrace();
            Assertions.fail(e.getMessage());
        }
    }

    private SecretKey storeKeyIntoKeyStoreFile(String str) throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, InvalidKeyException, InvalidKeySpecException {
        KeyStore keyStore = KeyStore.getInstance("JCEKS");
        keyStore.load(null, KEYSTORE_SERVER_PASSWORD.toCharArray());
        SecretKey generateSecret = SecretKeyFactory.getInstance("DES").generateSecret(new DESKeySpec(str.getBytes()));
        keyStore.setEntry(KEY_ALIAS, new KeyStore.SecretKeyEntry(generateSecret), new KeyStore.PasswordProtection(KEY_PASSWORD.toCharArray()));
        FileOutputStream fileOutputStream = new FileOutputStream(KEYSTORE_JCEKS_FILENAME, false);
        try {
            keyStore.store(fileOutputStream, KEYSTORE_SERVER_PASSWORD.toCharArray());
            fileOutputStream.close();
            return generateSecret;
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
