package cn.com.bouncycastle.jsse.provider.test;

import cn.com.bouncycastle.jsse.provider.BouncyCastleJsseProvider;
import cn.com.bouncycastle.jsse.provider.test.TestProtocolUtil;
import h.a.a.b.j.c;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.concurrent.CountDownLatch;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;
import junit.framework.Assert;
import junit.framework.TestCase;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class BasicClientAuthTlsTest extends TestCase {
    private static final String HOST = "localhost";
    private static final int PORT_NO = 9020;

    /* loaded from: classes.dex */
    public static class ClientAuthClient implements TestProtocolUtil.BlockingCallable {
        private final char[] clientKeyPass;
        private final KeyStore clientStore;
        private final CountDownLatch latch;
        private final KeyStore trustStore;

        public ClientAuthClient(KeyStore keyStore, char[] cArr, X509Certificate x509Certificate) throws GeneralSecurityException, IOException {
            KeyStore keyStore2 = KeyStore.getInstance("JKS");
            this.trustStore = keyStore2;
            keyStore2.load(null, null);
            keyStore2.setCertificateEntry("server", x509Certificate);
            this.clientStore = keyStore;
            this.clientKeyPass = cArr;
            this.latch = new CountDownLatch(1);
        }

        @Override // cn.com.bouncycastle.jsse.provider.test.TestProtocolUtil.BlockingCallable
        public void await() throws InterruptedException {
            this.latch.await();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public Exception call() throws Exception {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
                trustManagerFactory.init(this.trustStore);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
                keyManagerFactory.init(this.clientStore, this.clientKeyPass);
                SSLContext sSLContext = SSLContext.getInstance(c.f12184i, BouncyCastleJsseProvider.PROVIDER_NAME);
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
                SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(BasicClientAuthTlsTest.HOST, BasicClientAuthTlsTest.PORT_NO);
                SSLSession session = sSLSocket.getSession();
                Assert.assertNotNull(session.getCipherSuite());
                Assert.assertEquals("CN=Test CA Certificate", session.getLocalPrincipal().getName());
                Assert.assertEquals("CN=Test CA Certificate", session.getPeerPrincipal().getName());
                TestProtocolUtil.doClientProtocol(sSLSocket, "Hello");
                this.latch.countDown();
                return null;
            } catch (Throwable th) {
                this.latch.countDown();
                throw th;
            }
        }
    }

    /* loaded from: classes.dex */
    public static class ClientAuthServer implements TestProtocolUtil.BlockingCallable {
        private final char[] keyPass;
        private final CountDownLatch latch;
        private final KeyStore serverStore;
        private final KeyStore trustStore;

        public ClientAuthServer(KeyStore keyStore, char[] cArr, X509Certificate x509Certificate) throws GeneralSecurityException, IOException {
            this.serverStore = keyStore;
            this.keyPass = cArr;
            KeyStore keyStore2 = KeyStore.getInstance("JKS");
            this.trustStore = keyStore2;
            keyStore2.load(null, null);
            keyStore2.setCertificateEntry("client", x509Certificate);
            this.latch = new CountDownLatch(1);
        }

        @Override // cn.com.bouncycastle.jsse.provider.test.TestProtocolUtil.BlockingCallable
        public void await() throws InterruptedException {
            this.latch.await();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public Exception call() throws Exception {
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
                keyManagerFactory.init(this.serverStore, this.keyPass);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
                trustManagerFactory.init(this.trustStore);
                SSLContext sSLContext = SSLContext.getInstance(c.f12184i, BouncyCastleJsseProvider.PROVIDER_NAME);
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
                SSLServerSocket sSLServerSocket = (SSLServerSocket) sSLContext.getServerSocketFactory().createServerSocket(BasicClientAuthTlsTest.PORT_NO);
                SSLUtils.enableAll(sSLServerSocket);
                sSLServerSocket.setNeedClientAuth(true);
                this.latch.countDown();
                SSLSocket sSLSocket = (SSLSocket) sSLServerSocket.accept();
                SSLSession session = sSLSocket.getSession();
                Assert.assertNotNull(session.getCipherSuite());
                Assert.assertEquals("CN=Test CA Certificate", session.getLocalPrincipal().getName());
                Assert.assertEquals("CN=Test CA Certificate", session.getPeerPrincipal().getName());
                TestProtocolUtil.doServerProtocol(sSLSocket, "World");
                sSLSocket.close();
                sSLServerSocket.close();
                this.latch.countDown();
                return null;
            } catch (Throwable th) {
                this.latch.countDown();
                throw th;
            }
        }
    }

    public void setUp() {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        if (Security.getProvider(BouncyCastleJsseProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleJsseProvider());
        }
    }

    public void testClientAuthTlsConnection() throws Exception {
        char[] charArray = "keyPassword".toCharArray();
        KeyPair generateECKeyPair = TestUtils.generateECKeyPair();
        X509Certificate generateRootCert = TestUtils.generateRootCert(generateECKeyPair);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        keyStore.setKeyEntry("server", generateECKeyPair.getPrivate(), charArray, new X509Certificate[]{generateRootCert});
        KeyStore keyStore2 = KeyStore.getInstance("JKS");
        keyStore2.load(null, null);
        keyStore2.setKeyEntry("client", generateECKeyPair.getPrivate(), charArray, new X509Certificate[]{generateRootCert});
        TestProtocolUtil.runClientAndServer(new ClientAuthServer(keyStore, charArray, generateRootCert), new ClientAuthClient(keyStore, charArray, generateRootCert));
    }
}
