package org.apache.zookeeper.common;

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.nio.file.Path;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.util.concurrent.Callable;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.function.Supplier;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import org.apache.zookeeper.PortAssignment;
import org.apache.zookeeper.common.X509Exception;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Timeout;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;

/* loaded from: input_file:org/apache/zookeeper/common/X509UtilTest.class */
public class X509UtilTest extends BaseX509ParameterizedTestCase {
    private X509Util x509Util;
    private static final String[] customCipherSuites = {"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"};

    /* loaded from: input_file:org/apache/zookeeper/common/X509UtilTest$SslContextSupplier.class */
    public static class SslContextSupplier implements Supplier<SSLContext> {
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.function.Supplier
        public SSLContext get() {
            try {
                return SSLContext.getDefault();
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException(e);
            }
        }
    }

    @Override // org.apache.zookeeper.common.BaseX509ParameterizedTestCase
    public void init(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        super.init(x509KeyType, x509KeyType2, str, num);
        X509Util clientX509Util = new ClientX509Util();
        Throwable th = null;
        try {
            try {
                this.x509TestContext.setSystemProperties(clientX509Util, KeyStoreFileType.JKS, KeyStoreFileType.JKS);
                if (clientX509Util != null) {
                    if (0 != 0) {
                        try {
                            clientX509Util.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        clientX509Util.close();
                    }
                }
                System.setProperty("zookeeper.serverCnxnFactory", "org.apache.zookeeper.server.NettyServerCnxnFactory");
                System.setProperty("zookeeper.clientCnxnSocket", "org.apache.zookeeper.ClientCnxnSocketNetty");
                this.x509Util = new ClientX509Util();
            } finally {
            }
        } catch (Throwable th3) {
            if (clientX509Util != null) {
                if (th != null) {
                    try {
                        clientX509Util.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    clientX509Util.close();
                }
            }
            throw th3;
        }
    }

    @AfterEach
    public void cleanUp() {
        this.x509TestContext.clearSystemProperties(this.x509Util);
        System.clearProperty(this.x509Util.getSslOcspEnabledProperty());
        System.clearProperty(this.x509Util.getSslCrlEnabledProperty());
        System.clearProperty(this.x509Util.getCipherSuitesProperty());
        System.clearProperty(this.x509Util.getSslProtocolProperty());
        System.clearProperty(this.x509Util.getSslHandshakeDetectionTimeoutMillisProperty());
        System.clearProperty("com.sun.net.ssl.checkRevocation");
        System.clearProperty("com.sun.security.enableCRLDP");
        Security.setProperty("ocsp.enable", Boolean.FALSE.toString());
        Security.setProperty("com.sun.security.enableCRLDP", Boolean.FALSE.toString());
        System.clearProperty("zookeeper.serverCnxnFactory");
        System.clearProperty("zookeeper.clientCnxnSocket");
        this.x509Util.close();
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContextWithoutCustomProtocol(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertEquals("TLSv1.2", this.x509Util.getDefaultSSLContext().getProtocol());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContextWithCustomProtocol(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        System.setProperty(this.x509Util.getSslProtocolProperty(), "TLSv1.1");
        Assertions.assertEquals("TLSv1.1", this.x509Util.getDefaultSSLContext().getProtocol());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContextWithoutKeyStoreLocation(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        System.clearProperty(this.x509Util.getSslKeystoreLocationProperty());
        this.x509Util.getDefaultSSLContext();
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContextWithoutKeyStorePassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(X509Exception.SSLContextException.class, () -> {
            if (!this.x509TestContext.isKeyStoreEncrypted()) {
                throw new X509Exception.SSLContextException("");
            }
            System.clearProperty(this.x509Util.getSslKeystorePasswdProperty());
            this.x509Util.getDefaultSSLContext();
        });
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContext_withKeyStorePasswordFromFile(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        testCreateSSLContext_withPasswordFromFile(str, this.x509Util.getSslKeystorePasswdProperty(), this.x509Util.getSslKeystorePasswdPathProperty());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContext_withTrustStorePasswordFromFile(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        testCreateSSLContext_withPasswordFromFile(str, this.x509Util.getSslTruststorePasswdProperty(), this.x509Util.getSslTruststorePasswdPathProperty());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContext_withWrongKeyStorePasswordFromFile(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        testCreateSSLContext_withWrongPasswordFromFile(str, this.x509Util.getSslKeystorePasswdPathProperty());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContext_withWrongTrustStorePasswordFromFile(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        testCreateSSLContext_withWrongPasswordFromFile(str, this.x509Util.getSslTruststorePasswdPathProperty());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLContextWithCustomCipherSuites(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        setCustomCipherSuites();
        Assertions.assertArrayEquals(customCipherSuites, this.x509Util.createSSLSocket().getEnabledCipherSuites());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCRLEnabled(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        System.setProperty(this.x509Util.getSslCrlEnabledProperty(), "true");
        this.x509Util.getDefaultSSLContext();
        Assertions.assertTrue(Boolean.valueOf(System.getProperty("com.sun.net.ssl.checkRevocation")).booleanValue());
        Assertions.assertTrue(Boolean.valueOf(System.getProperty("com.sun.security.enableCRLDP")).booleanValue());
        Assertions.assertFalse(Boolean.valueOf(Security.getProperty("ocsp.enable")).booleanValue());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCRLDisabled(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        this.x509Util.getDefaultSSLContext();
        Assertions.assertFalse(Boolean.valueOf(System.getProperty("com.sun.net.ssl.checkRevocation")).booleanValue());
        Assertions.assertFalse(Boolean.valueOf(System.getProperty("com.sun.security.enableCRLDP")).booleanValue());
        Assertions.assertFalse(Boolean.valueOf(Security.getProperty("ocsp.enable")).booleanValue());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testOCSPEnabled(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        System.setProperty(this.x509Util.getSslOcspEnabledProperty(), "true");
        this.x509Util.getDefaultSSLContext();
        Assertions.assertTrue(Boolean.valueOf(System.getProperty("com.sun.net.ssl.checkRevocation")).booleanValue());
        Assertions.assertTrue(Boolean.valueOf(System.getProperty("com.sun.security.enableCRLDP")).booleanValue());
        Assertions.assertTrue(Boolean.valueOf(Security.getProperty("ocsp.enable")).booleanValue());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLSocket(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        setCustomCipherSuites();
        Assertions.assertArrayEquals(customCipherSuites, this.x509Util.createSSLSocket().getEnabledCipherSuites());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLServerSocketWithoutPort(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        setCustomCipherSuites();
        SSLServerSocket createSSLServerSocket = this.x509Util.createSSLServerSocket();
        Assertions.assertArrayEquals(customCipherSuites, createSSLServerSocket.getEnabledCipherSuites());
        Assertions.assertTrue(createSSLServerSocket.getNeedClientAuth());
    }

    @MethodSource({"data"})
    @Timeout(5)
    @ParameterizedTest
    public void testCreateSSLServerSocketWithPort(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        setCustomCipherSuites();
        int unique = PortAssignment.unique();
        SSLServerSocket createSSLServerSocket = this.x509Util.createSSLServerSocket(unique);
        Assertions.assertEquals(createSSLServerSocket.getLocalPort(), unique);
        Assertions.assertArrayEquals(customCipherSuites, createSSLServerSocket.getEnabledCipherSuites());
        Assertions.assertTrue(createSSLServerSocket.getNeedClientAuth());
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPEMKeyStore(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath(), this.x509TestContext.getKeyStorePassword(), KeyStoreFileType.PEM.getPropertyValue());
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPEMKeyStoreNullPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        if (this.x509TestContext.getKeyStorePassword().isEmpty()) {
            X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath(), (String) null, KeyStoreFileType.PEM.getPropertyValue());
        }
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPEMKeyStoreAutodetectStoreFileType(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath(), this.x509TestContext.getKeyStorePassword(), (String) null);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPEMKeyStoreWithWrongPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(X509Exception.KeyManagerException.class, () -> {
            X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath(), "wrong password", KeyStoreFileType.PEM.getPropertyValue());
        });
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPEMTrustStore(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.PEM).getAbsolutePath(), this.x509TestContext.getTrustStorePassword(), KeyStoreFileType.PEM.getPropertyValue(), false, false, true, true);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPEMTrustStoreNullPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        if (this.x509TestContext.getTrustStorePassword().isEmpty()) {
            X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.PEM).getAbsolutePath(), (String) null, KeyStoreFileType.PEM.getPropertyValue(), false, false, true, true);
        }
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPEMTrustStoreAutodetectStoreFileType(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.PEM).getAbsolutePath(), this.x509TestContext.getTrustStorePassword(), (String) null, false, false, true, true);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadJKSKeyStore(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), this.x509TestContext.getKeyStorePassword(), KeyStoreFileType.JKS.getPropertyValue());
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadJKSKeyStoreNullPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        if (this.x509TestContext.getKeyStorePassword().isEmpty()) {
            X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), (String) null, KeyStoreFileType.JKS.getPropertyValue());
        }
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadJKSKeyStoreAutodetectStoreFileType(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), this.x509TestContext.getKeyStorePassword(), (String) null);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadJKSKeyStoreWithWrongPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(X509Exception.KeyManagerException.class, () -> {
            X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), "wrong password", KeyStoreFileType.JKS.getPropertyValue());
        });
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadJKSTrustStore(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), this.x509TestContext.getTrustStorePassword(), KeyStoreFileType.JKS.getPropertyValue(), true, true, true, true);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadJKSTrustStoreNullPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        if (this.x509TestContext.getTrustStorePassword().isEmpty()) {
            X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), (String) null, KeyStoreFileType.JKS.getPropertyValue(), false, false, true, true);
        }
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadJKSTrustStoreAutodetectStoreFileType(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), this.x509TestContext.getTrustStorePassword(), (String) null, true, true, true, true);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadJKSTrustStoreWithWrongPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(X509Exception.TrustManagerException.class, () -> {
            X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), "wrong password", KeyStoreFileType.JKS.getPropertyValue(), true, true, true, true);
        });
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPKCS12KeyStore(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.PKCS12).getAbsolutePath(), this.x509TestContext.getKeyStorePassword(), KeyStoreFileType.PKCS12.getPropertyValue());
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPKCS12KeyStoreNullPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        if (this.x509TestContext.getKeyStorePassword().isEmpty()) {
            X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.PKCS12).getAbsolutePath(), (String) null, KeyStoreFileType.PKCS12.getPropertyValue());
        }
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPKCS12KeyStoreAutodetectStoreFileType(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.PKCS12).getAbsolutePath(), this.x509TestContext.getKeyStorePassword(), (String) null);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPKCS12KeyStoreWithWrongPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(X509Exception.KeyManagerException.class, () -> {
            X509Util.createKeyManager(this.x509TestContext.getKeyStoreFile(KeyStoreFileType.PKCS12).getAbsolutePath(), "wrong password", KeyStoreFileType.PKCS12.getPropertyValue());
        });
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPKCS12TrustStore(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.PKCS12).getAbsolutePath(), this.x509TestContext.getTrustStorePassword(), KeyStoreFileType.PKCS12.getPropertyValue(), true, true, true, true);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPKCS12TrustStoreNullPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        if (this.x509TestContext.getTrustStorePassword().isEmpty()) {
            X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.PKCS12).getAbsolutePath(), (String) null, KeyStoreFileType.PKCS12.getPropertyValue(), false, false, true, true);
        }
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPKCS12TrustStoreAutodetectStoreFileType(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.PKCS12).getAbsolutePath(), this.x509TestContext.getTrustStorePassword(), (String) null, true, true, true, true);
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testLoadPKCS12TrustStoreWithWrongPassword(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(X509Exception.TrustManagerException.class, () -> {
            X509Util.createTrustManager(this.x509TestContext.getTrustStoreFile(KeyStoreFileType.PKCS12).getAbsolutePath(), "wrong password", KeyStoreFileType.PKCS12.getPropertyValue(), true, true, true, true);
        });
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testGetSslHandshakeDetectionTimeoutMillisProperty(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertEquals(5000, this.x509Util.getSslHandshakeTimeoutMillis());
        System.setProperty(this.x509Util.getSslHandshakeDetectionTimeoutMillisProperty(), Integer.toString(5001));
        ClientX509Util clientX509Util = new ClientX509Util();
        Throwable th = null;
        try {
            Assertions.assertEquals(5001, clientX509Util.getSslHandshakeTimeoutMillis());
            if (clientX509Util != null) {
                if (0 != 0) {
                    try {
                        clientX509Util.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    clientX509Util.close();
                }
            }
            System.setProperty(this.x509Util.getSslHandshakeDetectionTimeoutMillisProperty(), "0");
            ClientX509Util clientX509Util2 = new ClientX509Util();
            Throwable th3 = null;
            try {
                try {
                    Assertions.assertEquals(5000, clientX509Util2.getSslHandshakeTimeoutMillis());
                    if (clientX509Util2 != null) {
                        if (0 != 0) {
                            try {
                                clientX509Util2.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        } else {
                            clientX509Util2.close();
                        }
                    }
                    System.setProperty(this.x509Util.getSslHandshakeDetectionTimeoutMillisProperty(), "-1");
                    clientX509Util2 = new ClientX509Util();
                    Throwable th5 = null;
                    try {
                        try {
                            Assertions.assertEquals(5000, clientX509Util2.getSslHandshakeTimeoutMillis());
                            if (clientX509Util2 != null) {
                                if (0 == 0) {
                                    clientX509Util2.close();
                                    return;
                                }
                                try {
                                    clientX509Util2.close();
                                } catch (Throwable th6) {
                                    th5.addSuppressed(th6);
                                }
                            }
                        } catch (Throwable th7) {
                            th5 = th7;
                            throw th7;
                        }
                    } finally {
                    }
                } catch (Throwable th8) {
                    th3 = th8;
                    throw th8;
                }
            } finally {
            }
        } catch (Throwable th9) {
            if (clientX509Util != null) {
                if (0 != 0) {
                    try {
                        clientX509Util.close();
                    } catch (Throwable th10) {
                        th.addSuppressed(th10);
                    }
                } else {
                    clientX509Util.close();
                }
            }
            throw th9;
        }
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testCreateSSLContext_invalidCustomSSLContextClass(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(X509Exception.SSLContextException.class, () -> {
            ZKConfig zKConfig = new ZKConfig();
            ClientX509Util clientX509Util = new ClientX509Util();
            zKConfig.setProperty(clientX509Util.getSslContextSupplierClassProperty(), String.class.getCanonicalName());
            clientX509Util.createSSLContext(zKConfig);
        });
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testCreateSSLContext_validCustomSSLContextClass(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        ZKConfig zKConfig = new ZKConfig();
        ClientX509Util clientX509Util = new ClientX509Util();
        zKConfig.setProperty(clientX509Util.getSslContextSupplierClassProperty(), SslContextSupplier.class.getName());
        Assertions.assertEquals(SSLContext.getDefault(), clientX509Util.createSSLContext(zKConfig));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void forceClose(Socket socket) {
        if (socket == null || socket.isClosed()) {
            return;
        }
        try {
            socket.close();
        } catch (IOException e) {
        }
    }

    private static void forceClose(ServerSocket serverSocket) {
        if (serverSocket == null || serverSocket.isClosed()) {
            return;
        }
        try {
            serverSocket.close();
        } catch (IOException e) {
        }
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testClientRenegotiationFails(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Throwable {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(SSLHandshakeException.class, () -> {
            int unique = PortAssignment.unique();
            ExecutorService newCachedThreadPool = Executors.newCachedThreadPool();
            final SSLServerSocket createSSLServerSocket = this.x509Util.createSSLServerSocket();
            SSLSocket sSLSocket = null;
            SSLSocket sSLSocket2 = null;
            final AtomicInteger atomicInteger = new AtomicInteger(0);
            final CountDownLatch countDownLatch = new CountDownLatch(1);
            try {
                InetSocketAddress inetSocketAddress = new InetSocketAddress(InetAddress.getLoopbackAddress(), unique);
                createSSLServerSocket.bind(inetSocketAddress);
                Future submit = newCachedThreadPool.submit(new Callable<SSLSocket>() { // from class: org.apache.zookeeper.common.X509UtilTest.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.util.concurrent.Callable
                    public SSLSocket call() throws Exception {
                        SSLSocket sSLSocket3 = (SSLSocket) createSSLServerSocket.accept();
                        sSLSocket3.addHandshakeCompletedListener(new HandshakeCompletedListener() { // from class: org.apache.zookeeper.common.X509UtilTest.1.1
                            @Override // javax.net.ssl.HandshakeCompletedListener
                            public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                                atomicInteger.getAndIncrement();
                                countDownLatch.countDown();
                            }
                        });
                        Assertions.assertEquals(1, sSLSocket3.getInputStream().read());
                        try {
                            sSLSocket3.getInputStream().read();
                            return sSLSocket3;
                        } catch (Exception e) {
                            X509UtilTest.forceClose(sSLSocket3);
                            throw e;
                        }
                    }
                });
                sSLSocket = this.x509Util.createSSLSocket();
                sSLSocket.connect(inetSocketAddress);
                sSLSocket.getOutputStream().write(1);
                sSLSocket.startHandshake();
                sSLSocket.getOutputStream().write(1);
                try {
                    sSLSocket2 = (SSLSocket) submit.get();
                    forceClose(sSLSocket2);
                    forceClose(sSLSocket);
                    forceClose(createSSLServerSocket);
                    newCachedThreadPool.shutdown();
                    countDownLatch.await(5L, TimeUnit.SECONDS);
                    Assertions.assertEquals(1, atomicInteger.get());
                } catch (ExecutionException e) {
                    throw e.getCause();
                }
            } catch (Throwable th) {
                forceClose(sSLSocket2);
                forceClose(sSLSocket);
                forceClose(createSSLServerSocket);
                newCachedThreadPool.shutdown();
                countDownLatch.await(5L, TimeUnit.SECONDS);
                Assertions.assertEquals(1, atomicInteger.get());
                throw th;
            }
        });
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testGetDefaultCipherSuitesJava8(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertTrue(X509Util.getDefaultCipherSuitesForJavaVersion("1.8")[0].contains("CBC"));
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testGetDefaultCipherSuitesJava9(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertTrue(X509Util.getDefaultCipherSuitesForJavaVersion("9")[0].contains("GCM"));
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testGetDefaultCipherSuitesJava10(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertTrue(X509Util.getDefaultCipherSuitesForJavaVersion("10")[0].contains("GCM"));
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testGetDefaultCipherSuitesJava11(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertTrue(X509Util.getDefaultCipherSuitesForJavaVersion("11")[0].contains("GCM"));
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testGetDefaultCipherSuitesUnknownVersion(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertTrue(X509Util.getDefaultCipherSuitesForJavaVersion("notaversion")[0].contains("CBC"));
    }

    @MethodSource({"data"})
    @ParameterizedTest
    public void testGetDefaultCipherSuitesNullVersion(X509KeyType x509KeyType, X509KeyType x509KeyType2, String str, Integer num) throws Exception {
        init(x509KeyType, x509KeyType2, str, num);
        Assertions.assertThrows(NullPointerException.class, () -> {
            X509Util.getDefaultCipherSuitesForJavaVersion((String) null);
        });
    }

    private void setCustomCipherSuites() {
        System.setProperty(this.x509Util.getCipherSuitesProperty(), customCipherSuites[0] + "," + customCipherSuites[1]);
        this.x509Util.close();
        this.x509Util = new ClientX509Util();
    }

    private void testCreateSSLContext_withPasswordFromFile(String str, String str2, String str3) throws Exception {
        Path createSecretFile = SecretUtilsTest.createSecretFile(str);
        System.clearProperty(str2);
        System.setProperty(str3, createSecretFile.toString());
        this.x509Util.getDefaultSSLContext();
    }

    private void testCreateSSLContext_withWrongPasswordFromFile(String str, String str2) throws Exception {
        Path createSecretFile = SecretUtilsTest.createSecretFile(str + "_wrong");
        Assertions.assertThrows(X509Exception.SSLContextException.class, () -> {
            System.setProperty(str2, createSecretFile.toString());
            this.x509Util.getDefaultSSLContext();
        });
    }
}
