package org.apache.http.conn.ssl;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.URL;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.HttpHost;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.localserver.BasicServerTestBase;
import org.apache.http.localserver.LocalTestServer;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/http/conn/ssl/TestSSLSocketFactory.class */
public class TestSSLSocketFactory extends BasicServerTestBase {
    private SSLContext serverSSLContext;
    private SSLContext clientSSLContext;

    /* loaded from: input_file:org/apache/http/conn/ssl/TestSSLSocketFactory$TestX509HostnameVerifier.class */
    static class TestX509HostnameVerifier implements X509HostnameVerifier {
        private boolean fired = false;

        TestX509HostnameVerifier() {
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier, javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public void verify(String str, SSLSocket sSLSocket) throws IOException {
            this.fired = true;
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public void verify(String str, String[] strArr, String[] strArr2) throws SSLException {
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public void verify(String str, X509Certificate x509Certificate) throws SSLException {
        }

        public boolean isFired() {
            return this.fired;
        }
    }

    private KeyManagerFactory createKeyManagerFactory() throws NoSuchAlgorithmException {
        try {
            return KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        } catch (NoSuchAlgorithmException e) {
            return KeyManagerFactory.getInstance("SunX509");
        }
    }

    private TrustManagerFactory createTrustManagerFactory() throws NoSuchAlgorithmException {
        try {
            return TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        } catch (NoSuchAlgorithmException e) {
            return TrustManagerFactory.getInstance("SunX509");
        }
    }

    @Before
    public void setUp() throws Exception {
        URL resource = getClass().getClassLoader().getResource("test.keystore");
        KeyStore keyStore = KeyStore.getInstance("jks");
        char[] charArray = "nopassword".toCharArray();
        keyStore.load(resource.openStream(), charArray);
        TrustManagerFactory createTrustManagerFactory = createTrustManagerFactory();
        createTrustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = createTrustManagerFactory.getTrustManagers();
        KeyManagerFactory createKeyManagerFactory = createKeyManagerFactory();
        createKeyManagerFactory.init(keyStore, charArray);
        KeyManager[] keyManagers = createKeyManagerFactory.getKeyManagers();
        this.serverSSLContext = SSLContext.getInstance("TLS");
        this.serverSSLContext.init(keyManagers, trustManagers, null);
        this.clientSSLContext = SSLContext.getInstance("TLS");
        this.clientSSLContext.init(null, trustManagers, null);
        this.localServer = new LocalTestServer(this.serverSSLContext);
        this.localServer.registerDefaultHandlers();
        this.localServer.start();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.http.localserver.BasicServerTestBase
    public HttpHost getServerHttp() {
        InetSocketAddress serviceAddress = this.localServer.getServiceAddress();
        return new HttpHost(serviceAddress.getHostName(), serviceAddress.getPort(), "https");
    }

    @Test
    public void testBasicSSL() throws Exception {
        TestX509HostnameVerifier testX509HostnameVerifier = new TestX509HostnameVerifier();
        new DefaultHttpClient().getConnectionManager().getSchemeRegistry().register(new Scheme("https", 443, (SchemeSocketFactory) new SSLSocketFactory(this.clientSSLContext, testX509HostnameVerifier)));
        Assert.assertEquals(200L, r0.execute(getServerHttp(), new HttpGet("/random/100")).getStatusLine().getStatusCode());
        Assert.assertTrue(testX509HostnameVerifier.isFired());
    }

    @Test(expected = SSLPeerUnverifiedException.class)
    public void testSSLTrustVerification() throws Exception {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, null, null);
        Scheme scheme = new Scheme("https", 443, (SchemeSocketFactory) new SSLSocketFactory(sSLContext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER));
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
        defaultHttpClient.getConnectionManager().getSchemeRegistry().register(scheme);
        defaultHttpClient.execute(getServerHttp(), new HttpGet("/random/100"));
    }

    @Test
    public void testSSLTrustVerificationOverride() throws Exception {
        SSLContext.getInstance("TLS").init(null, null, null);
        new DefaultHttpClient().getConnectionManager().getSchemeRegistry().register(new Scheme("https", 443, (SchemeSocketFactory) new SSLSocketFactory(new TrustStrategy() { // from class: org.apache.http.conn.ssl.TestSSLSocketFactory.1
            public boolean isTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                return x509CertificateArr.length == 1;
            }
        }, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)));
        Assert.assertEquals(200L, r0.execute(getServerHttp(), new HttpGet("/random/100")).getStatusLine().getStatusCode());
    }
}
