package org.wildfly.security.ssl;

import java.io.IOException;
import java.security.AlgorithmConstraints;
import java.security.AlgorithmParameters;
import java.security.CryptoPrimitive;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/wildfly/security/ssl/SSLConfiguratorImplTest.class */
public class SSLConfiguratorImplTest {
    @Test
    public void testRejectNonExistentCipherSuite() throws GeneralSecurityException, IOException {
        SSLSocket sSLSocket = (SSLSocket) ((SSLContext) new SSLContextBuilder().build().create()).getSocketFactory().createSocket();
        SSLParameters sSLParameters = sSLSocket.getSSLParameters();
        sSLParameters.setCipherSuites(new String[]{"invalidCipherSuite", "TLS_RSA_WITH_AES_128_CBC_SHA"});
        sSLSocket.setSSLParameters(sSLParameters);
        Assert.assertTrue(sSLSocket.getSSLParameters().getCipherSuites().length == 1 && sSLSocket.getSSLParameters().getCipherSuites()[0].equals("TLS_RSA_WITH_AES_128_CBC_SHA"));
    }

    @Test
    public void testRejectNonExistentProtocol() throws GeneralSecurityException, IOException {
        SSLSocket sSLSocket = (SSLSocket) ((SSLContext) new SSLContextBuilder().build().create()).getSocketFactory().createSocket();
        SSLParameters sSLParameters = sSLSocket.getSSLParameters();
        List asList = Arrays.asList(sSLParameters.getProtocols());
        Assert.assertTrue(asList.contains("TLSv1.2") && asList.contains("TLSv1.1"));
        sSLParameters.setProtocols(new String[]{"invalidProtocol", "TLSv1.1"});
        sSLSocket.setSSLParameters(sSLParameters);
        Assert.assertTrue(sSLSocket.getSSLParameters().getProtocols().length == 1 && sSLSocket.getSSLParameters().getProtocols()[0].equals("TLSv1.1"));
    }

    @Test
    public void testSetSSLParameters() {
        SSLParameters sSLParameters = new SSLParameters();
        String[] strArr = {"TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"};
        String[] strArr2 = {"TLSv1.2"};
        String[] strArr3 = (String[]) strArr.clone();
        String[] strArr4 = (String[]) strArr2.clone();
        List<SNIServerName> unmodifiableList = Collections.unmodifiableList(Arrays.asList(new SNIHostName("localhost")));
        List unmodifiableList2 = Collections.unmodifiableList(Arrays.asList(SNIHostName.createSNIMatcher("www\\.example\\.com")));
        AlgorithmConstraints algorithmConstraints = new AlgorithmConstraints() { // from class: org.wildfly.security.ssl.SSLConfiguratorImplTest.1
            @Override // java.security.AlgorithmConstraints
            public boolean permits(Set<CryptoPrimitive> set, String str, AlgorithmParameters algorithmParameters) {
                return false;
            }

            @Override // java.security.AlgorithmConstraints
            public boolean permits(Set<CryptoPrimitive> set, Key key) {
                return false;
            }

            @Override // java.security.AlgorithmConstraints
            public boolean permits(Set<CryptoPrimitive> set, String str, Key key, AlgorithmParameters algorithmParameters) {
                return false;
            }
        };
        sSLParameters.setServerNames(unmodifiableList);
        sSLParameters.setCipherSuites(strArr3);
        sSLParameters.setProtocols(strArr4);
        sSLParameters.setSNIMatchers(unmodifiableList2);
        sSLParameters.setAlgorithmConstraints(algorithmConstraints);
        sSLParameters.setWantClientAuth(false);
        sSLParameters.setNeedClientAuth(true);
        sSLParameters.setUseCipherSuitesOrder(true);
        sSLParameters.setEndpointIdentificationAlgorithm("HTTPS");
        SSLParameters sSLParameters2 = JDKSpecific.setSSLParameters(sSLParameters);
        Assert.assertNotSame(sSLParameters2, sSLParameters);
        Assert.assertTrue(sSLParameters2.getServerNames() != unmodifiableList && sSLParameters2.getServerNames().equals(unmodifiableList));
        Assert.assertTrue(sSLParameters2.getCipherSuites() != strArr3 && Arrays.equals(sSLParameters2.getCipherSuites(), strArr));
        Assert.assertTrue(sSLParameters2.getProtocols() != strArr4 && Arrays.equals(sSLParameters2.getProtocols(), strArr2));
        Assert.assertTrue(sSLParameters2.getSNIMatchers() != unmodifiableList2 && sSLParameters2.getSNIMatchers().equals(unmodifiableList2));
        Assert.assertSame(sSLParameters2.getAlgorithmConstraints(), algorithmConstraints);
        Assert.assertFalse(sSLParameters2.getWantClientAuth());
        Assert.assertTrue(sSLParameters2.getNeedClientAuth());
        Assert.assertTrue(sSLParameters2.getUseCipherSuitesOrder());
        Assert.assertEquals("HTTPS", sSLParameters2.getEndpointIdentificationAlgorithm());
    }
}
