package org.neo4j.kernel.configuration.ssl;

import java.io.File;
import java.io.FileNotFoundException;
import java.util.Map;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.neo4j.graphdb.factory.GraphDatabaseSettings;
import org.neo4j.helpers.collection.MapUtil;
import org.neo4j.io.fs.FileUtils;
import org.neo4j.kernel.configuration.Config;
import org.neo4j.logging.NullLogProvider;
import org.neo4j.ssl.PkiUtils;
import org.neo4j.ssl.SslPolicy;
import org.neo4j.test.rule.TestDirectory;

/* loaded from: input_file:org/neo4j/kernel/configuration/ssl/SslPolicyLoaderTest.class */
public class SslPolicyLoaderTest {

    @Rule
    public TestDirectory testDirectory = TestDirectory.testDirectory();
    private File home;
    private File publicCertificateFile;
    private File privateKeyFile;

    @Before
    public void setup() throws Exception {
        this.home = this.testDirectory.directory("home");
        File file = new File(this.home, "certificates/default");
        this.publicCertificateFile = new File(file, "public.crt");
        this.privateKeyFile = new File(file, "private.key");
        new PkiUtils().createSelfSignedCertificate(this.publicCertificateFile, this.privateKeyFile, "localhost");
        File file2 = new File(file, "trusted");
        file2.mkdir();
        FileUtils.copyFile(this.publicCertificateFile, new File(file2, "public.crt"));
        new File(file, "revoked").mkdir();
    }

    @Test
    public void shouldLoadBaseCryptographicObjects() throws Exception {
        Map stringMap = MapUtil.stringMap(new String[0]);
        SslPolicyConfig sslPolicyConfig = new SslPolicyConfig("default");
        stringMap.put(GraphDatabaseSettings.neo4j_home.name(), this.home.getAbsolutePath());
        stringMap.put(sslPolicyConfig.base_directory.name(), "certificates/default");
        SslPolicy policy = SslPolicyLoader.create(Config.defaults(stringMap), NullLogProvider.getInstance()).getPolicy("default");
        Assert.assertNotNull(policy);
        Assert.assertNotNull(policy.privateKey());
        Assert.assertNotNull(policy.certificateChain());
        Assert.assertNotNull(policy.nettyClientContext());
        Assert.assertNotNull(policy.nettyServerContext());
    }

    @Test
    public void shouldComplainIfMissingPrivateKey() {
        shouldComplainIfMissingFile(this.privateKeyFile);
    }

    @Test
    public void shouldComplainIfMissingPublicCertificate() {
        shouldComplainIfMissingFile(this.publicCertificateFile);
    }

    private void shouldComplainIfMissingFile(File file) {
        FileUtils.deleteFile(file);
        Map stringMap = MapUtil.stringMap(new String[0]);
        SslPolicyConfig sslPolicyConfig = new SslPolicyConfig("default");
        stringMap.put(GraphDatabaseSettings.neo4j_home.name(), this.home.getAbsolutePath());
        stringMap.put(sslPolicyConfig.base_directory.name(), "certificates/default");
        try {
            SslPolicyLoader.create(Config.defaults(stringMap), NullLogProvider.getInstance());
            Assert.fail();
        } catch (Exception e) {
            Assert.assertTrue(e.getCause() instanceof FileNotFoundException);
        }
    }

    @Test
    public void shouldThrowIfPolicyNameDoesNotExist() {
        Map stringMap = MapUtil.stringMap(new String[0]);
        SslPolicyConfig sslPolicyConfig = new SslPolicyConfig("default");
        stringMap.put(GraphDatabaseSettings.neo4j_home.name(), this.home.getAbsolutePath());
        stringMap.put(sslPolicyConfig.base_directory.name(), "certificates/default");
        try {
            SslPolicyLoader.create(Config.defaults(stringMap), NullLogProvider.getInstance()).getPolicy("unknown");
            Assert.fail();
        } catch (IllegalArgumentException e) {
        }
    }

    @Test
    public void shouldReturnNullPolicyIfNullRequested() {
        Assert.assertNull(SslPolicyLoader.create(Config.defaults(), NullLogProvider.getInstance()).getPolicy((String) null));
    }

    @Test
    public void shouldNotAllowLegacyPolicyToBeConfigured() {
        Map stringMap = MapUtil.stringMap(new String[0]);
        SslPolicyConfig sslPolicyConfig = new SslPolicyConfig("legacy");
        stringMap.put(GraphDatabaseSettings.neo4j_home.name(), this.home.getAbsolutePath());
        stringMap.put(sslPolicyConfig.base_directory.name(), "certificates/default");
        try {
            SslPolicyLoader.create(Config.defaults(stringMap), NullLogProvider.getInstance());
            Assert.fail();
        } catch (IllegalArgumentException e) {
        }
    }
}
