package org.apache.kafka.connect.runtime.rest.util;

import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import org.apache.kafka.common.config.SslConfigs;
import org.apache.kafka.common.config.types.Password;
import org.apache.kafka.common.network.CertStores;
import org.apache.kafka.connect.runtime.rest.RestServerConfig;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:org/apache/kafka/connect/runtime/rest/util/SSLUtilsTest.class */
public class SSLUtilsTest {
    private Map<String, Object> sslConfig;
    private String keystorePath;
    private String truststorePath;
    private Password keystorePassword;
    private Password truststorePassword;

    @BeforeEach
    public void before() throws Exception {
        this.sslConfig = new CertStores(true, "localhost").getUntrustingConfig();
        this.keystorePath = this.sslConfig.get("ssl.keystore.location").toString();
        this.truststorePath = this.sslConfig.get("ssl.truststore.location").toString();
        this.keystorePassword = (Password) this.sslConfig.get("ssl.keystore.password");
        this.truststorePassword = (Password) this.sslConfig.get("ssl.keystore.password");
    }

    @Test
    public void testGetOrDefault() {
        HashMap hashMap = new HashMap();
        hashMap.put("exists", "value");
        Assertions.assertEquals(SSLUtils.getOrDefault(hashMap, "exists", "default"), "value");
        Assertions.assertEquals(SSLUtils.getOrDefault(hashMap, "missing", "default"), "default");
    }

    @Test
    public void testCreateServerSideSslContextFactory() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("ssl.keystore.location", this.keystorePath);
        hashMap.put("ssl.keystore.password", this.keystorePassword.value());
        hashMap.put("ssl.key.password", this.keystorePassword.value());
        hashMap.put("ssl.truststore.location", this.truststorePath);
        hashMap.put("ssl.truststore.password", this.truststorePassword.value());
        hashMap.put("ssl.provider", "SunJSSE");
        hashMap.put("ssl.cipher.suites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5");
        hashMap.put("ssl.secure.random.implementation", "SHA1PRNG");
        hashMap.put("ssl.client.auth", "required");
        hashMap.put("ssl.endpoint.identification.algorithm", "HTTPS");
        hashMap.put("ssl.keystore.type", "JKS");
        hashMap.put("ssl.protocol", "TLS");
        hashMap.put("ssl.truststore.type", "JKS");
        hashMap.put("ssl.enabled.protocols", "TLSv1.2,TLSv1.1,TLSv1");
        hashMap.put("ssl.keymanager.algorithm", "SunX509");
        hashMap.put("ssl.trustmanager.algorithm", "PKIX");
        SslContextFactory.Server createServerSideSslContextFactory = SSLUtils.createServerSideSslContextFactory(RestServerConfig.forPublic((Integer) null, hashMap));
        Assertions.assertEquals("file://" + this.keystorePath, createServerSideSslContextFactory.getKeyStorePath());
        Assertions.assertEquals("file://" + this.truststorePath, createServerSideSslContextFactory.getTrustStorePath());
        Assertions.assertEquals("SunJSSE", createServerSideSslContextFactory.getProvider());
        Assertions.assertArrayEquals(new String[]{"SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_RC4_128_MD5"}, createServerSideSslContextFactory.getIncludeCipherSuites());
        Assertions.assertEquals("SHA1PRNG", createServerSideSslContextFactory.getSecureRandomAlgorithm());
        Assertions.assertTrue(createServerSideSslContextFactory.getNeedClientAuth());
        Assertions.assertFalse(createServerSideSslContextFactory.getWantClientAuth());
        Assertions.assertEquals("JKS", createServerSideSslContextFactory.getKeyStoreType());
        Assertions.assertEquals("JKS", createServerSideSslContextFactory.getTrustStoreType());
        Assertions.assertEquals("TLS", createServerSideSslContextFactory.getProtocol());
        Assertions.assertArrayEquals(new String[]{"TLSv1.2", "TLSv1.1", "TLSv1"}, createServerSideSslContextFactory.getIncludeProtocols());
        Assertions.assertEquals("SunX509", createServerSideSslContextFactory.getKeyManagerFactoryAlgorithm());
        Assertions.assertEquals("PKIX", createServerSideSslContextFactory.getTrustManagerFactoryAlgorithm());
    }

    @Test
    public void testCreateClientSideSslContextFactory() {
        HashMap hashMap = new HashMap();
        hashMap.put("ssl.keystore.location", this.keystorePath);
        hashMap.put("ssl.keystore.password", this.keystorePassword.value());
        hashMap.put("ssl.key.password", this.keystorePassword.value());
        hashMap.put("ssl.truststore.location", this.truststorePath);
        hashMap.put("ssl.truststore.password", this.truststorePassword.value());
        hashMap.put("ssl.provider", "SunJSSE");
        hashMap.put("ssl.cipher.suites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5");
        hashMap.put("ssl.secure.random.implementation", "SHA1PRNG");
        hashMap.put("ssl.client.auth", "required");
        hashMap.put("ssl.endpoint.identification.algorithm", "HTTPS");
        hashMap.put("ssl.keystore.type", "JKS");
        hashMap.put("ssl.protocol", "TLS");
        hashMap.put("ssl.truststore.type", "JKS");
        hashMap.put("ssl.enabled.protocols", "TLSv1.2,TLSv1.1,TLSv1");
        hashMap.put("ssl.keymanager.algorithm", "SunX509");
        hashMap.put("ssl.trustmanager.algorithm", "PKIX");
        SslContextFactory.Client createClientSideSslContextFactory = SSLUtils.createClientSideSslContextFactory(RestServerConfig.forPublic((Integer) null, hashMap));
        Assertions.assertEquals("file://" + this.keystorePath, createClientSideSslContextFactory.getKeyStorePath());
        Assertions.assertEquals("file://" + this.truststorePath, createClientSideSslContextFactory.getTrustStorePath());
        Assertions.assertEquals("SunJSSE", createClientSideSslContextFactory.getProvider());
        Assertions.assertArrayEquals(new String[]{"SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_RC4_128_MD5"}, createClientSideSslContextFactory.getIncludeCipherSuites());
        Assertions.assertEquals("SHA1PRNG", createClientSideSslContextFactory.getSecureRandomAlgorithm());
        Assertions.assertEquals("JKS", createClientSideSslContextFactory.getKeyStoreType());
        Assertions.assertEquals("JKS", createClientSideSslContextFactory.getTrustStoreType());
        Assertions.assertEquals("TLS", createClientSideSslContextFactory.getProtocol());
        Assertions.assertArrayEquals(new String[]{"TLSv1.2", "TLSv1.1", "TLSv1"}, createClientSideSslContextFactory.getIncludeProtocols());
        Assertions.assertEquals("SunX509", createClientSideSslContextFactory.getKeyManagerFactoryAlgorithm());
        Assertions.assertEquals("PKIX", createClientSideSslContextFactory.getTrustManagerFactoryAlgorithm());
    }

    @Test
    public void testCreateServerSideSslContextFactoryDefaultValues() {
        HashMap hashMap = new HashMap();
        hashMap.put("ssl.keystore.location", this.keystorePath);
        hashMap.put("ssl.keystore.password", this.keystorePassword.value());
        hashMap.put("ssl.key.password", this.keystorePassword.value());
        hashMap.put("ssl.truststore.location", this.truststorePath);
        hashMap.put("ssl.truststore.password", this.truststorePassword.value());
        hashMap.put("ssl.provider", "SunJSSE");
        hashMap.put("ssl.cipher.suites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5");
        hashMap.put("ssl.secure.random.implementation", "SHA1PRNG");
        SslContextFactory.Server createServerSideSslContextFactory = SSLUtils.createServerSideSslContextFactory(RestServerConfig.forPublic((Integer) null, hashMap));
        Assertions.assertEquals("JKS", createServerSideSslContextFactory.getKeyStoreType());
        Assertions.assertEquals("JKS", createServerSideSslContextFactory.getTrustStoreType());
        Assertions.assertEquals("TLSv1.3", createServerSideSslContextFactory.getProtocol());
        Assertions.assertArrayEquals(Arrays.asList("TLSv1.2,TLSv1.3".split("\\s*,\\s*")).toArray(), createServerSideSslContextFactory.getIncludeProtocols());
        Assertions.assertEquals(SslConfigs.DEFAULT_SSL_KEYMANGER_ALGORITHM, createServerSideSslContextFactory.getKeyManagerFactoryAlgorithm());
        Assertions.assertEquals(SslConfigs.DEFAULT_SSL_TRUSTMANAGER_ALGORITHM, createServerSideSslContextFactory.getTrustManagerFactoryAlgorithm());
        Assertions.assertFalse(createServerSideSslContextFactory.getNeedClientAuth());
        Assertions.assertFalse(createServerSideSslContextFactory.getWantClientAuth());
    }

    @Test
    public void testCreateClientSideSslContextFactoryDefaultValues() {
        HashMap hashMap = new HashMap();
        hashMap.put("ssl.keystore.location", this.keystorePath);
        hashMap.put("ssl.keystore.password", this.keystorePassword.value());
        hashMap.put("ssl.key.password", this.keystorePassword.value());
        hashMap.put("ssl.truststore.location", this.truststorePath);
        hashMap.put("ssl.truststore.password", this.truststorePassword.value());
        hashMap.put("ssl.provider", "SunJSSE");
        hashMap.put("ssl.cipher.suites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5");
        hashMap.put("ssl.secure.random.implementation", "SHA1PRNG");
        SslContextFactory.Client createClientSideSslContextFactory = SSLUtils.createClientSideSslContextFactory(RestServerConfig.forPublic((Integer) null, hashMap));
        Assertions.assertEquals("JKS", createClientSideSslContextFactory.getKeyStoreType());
        Assertions.assertEquals("JKS", createClientSideSslContextFactory.getTrustStoreType());
        Assertions.assertEquals("TLSv1.3", createClientSideSslContextFactory.getProtocol());
        Assertions.assertArrayEquals(Arrays.asList("TLSv1.2,TLSv1.3".split("\\s*,\\s*")).toArray(), createClientSideSslContextFactory.getIncludeProtocols());
        Assertions.assertEquals(SslConfigs.DEFAULT_SSL_KEYMANGER_ALGORITHM, createClientSideSslContextFactory.getKeyManagerFactoryAlgorithm());
        Assertions.assertEquals(SslConfigs.DEFAULT_SSL_TRUSTMANAGER_ALGORITHM, createClientSideSslContextFactory.getTrustManagerFactoryAlgorithm());
    }
}
