package org.mozilla.jss.tests;

import java.io.EOFException;
import java.io.InputStream;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Calendar;
import java.util.Date;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.asn1.ASN1Util;
import org.mozilla.jss.asn1.BOOLEAN;
import org.mozilla.jss.asn1.INTEGER;
import org.mozilla.jss.asn1.OBJECT_IDENTIFIER;
import org.mozilla.jss.asn1.OCTET_STRING;
import org.mozilla.jss.asn1.SEQUENCE;
import org.mozilla.jss.crypto.CryptoToken;
import org.mozilla.jss.crypto.InternalCertificate;
import org.mozilla.jss.crypto.KeyPairAlgorithm;
import org.mozilla.jss.crypto.KeyPairGenerator;
import org.mozilla.jss.crypto.SignatureAlgorithm;
import org.mozilla.jss.crypto.X509Certificate;
import org.mozilla.jss.pkix.cert.Certificate;
import org.mozilla.jss.pkix.cert.CertificateInfo;
import org.mozilla.jss.pkix.cert.Extension;
import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier;
import org.mozilla.jss.pkix.primitive.Name;
import org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo;
import org.mozilla.jss.ssl.SSLHandshakeCompletedEvent;
import org.mozilla.jss.ssl.SSLHandshakeCompletedListener;
import org.mozilla.jss.ssl.SSLServerSocket;
import org.mozilla.jss.ssl.SSLSocket;
import org.mozilla.jss.util.NativeErrcodes;

/* JADX WARN: Classes with same name are omitted:
  input_file:117724-10/SUNWjss/reloc/usr/share/lib/mps/secv1/jss3.jar:org/mozilla/jss/tests/SSLClientAuth.class
  input_file:117724-10/SUNWjss/reloc/usr/share/lib/mps/secv1/jss4.jar:org/mozilla/jss/tests/SSLClientAuth.class
  input_file:117724-10/SUNWjssx/reloc/usr/share/lib/mps/secv1/sparcv9/jss3.jar:org/mozilla/jss/tests/SSLClientAuth.class
 */
/* loaded from: input_file:117724-10/SUNWjssx/reloc/usr/share/lib/mps/secv1/sparcv9/jss4.jar:org/mozilla/jss/tests/SSLClientAuth.class */
public class SSLClientAuth implements Runnable {
    private X509Certificate nssServerCert;
    private X509Certificate nssClientCert;
    private String serverCertNick;
    private String clientCertNick;
    private boolean useNickname;
    private boolean success = true;
    public boolean serverReady = false;
    public static final SignatureAlgorithm sigAlg = SignatureAlgorithm.RSASignatureWithSHA1Digest;
    public static int port = 29752;

    /* JADX WARN: Classes with same name are omitted:
      input_file:117724-10/SUNWjss/reloc/usr/share/lib/mps/secv1/jss3.jar:org/mozilla/jss/tests/SSLClientAuth$HandshakeListener.class
      input_file:117724-10/SUNWjss/reloc/usr/share/lib/mps/secv1/jss4.jar:org/mozilla/jss/tests/SSLClientAuth$HandshakeListener.class
      input_file:117724-10/SUNWjssx/reloc/usr/share/lib/mps/secv1/sparcv9/jss3.jar:org/mozilla/jss/tests/SSLClientAuth$HandshakeListener.class
     */
    /* loaded from: input_file:117724-10/SUNWjssx/reloc/usr/share/lib/mps/secv1/sparcv9/jss4.jar:org/mozilla/jss/tests/SSLClientAuth$HandshakeListener.class */
    public static class HandshakeListener implements SSLHandshakeCompletedListener {
        private String who;
        private SSLClientAuth boss;

        public HandshakeListener(String str, SSLClientAuth sSLClientAuth) {
            this.who = str;
            this.boss = sSLClientAuth;
        }

        @Override // org.mozilla.jss.ssl.SSLHandshakeCompletedListener
        public void handshakeCompleted(SSLHandshakeCompletedEvent sSLHandshakeCompletedEvent) {
            try {
                String stringBuffer = new StringBuffer().append(this.who).append(" got a completed handshake ").toString();
                System.out.println(sSLHandshakeCompletedEvent.getStatus().isSecurityOn() ? new StringBuffer().append(stringBuffer).append("(security is ON)").toString() : new StringBuffer().append(stringBuffer).append("(security is OFF)").toString());
            } catch (Exception e) {
                e.printStackTrace();
                this.boss.setFailure();
            }
        }
    }

    public static Certificate makeCert(String str, String str2, int i, PrivateKey privateKey, PublicKey publicKey, int i2, SEQUENCE sequence) throws Exception {
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(sigAlg.toOID());
        Name name = new Name();
        name.addCommonName(str);
        name.addCountryName("US");
        name.addOrganizationName(new StringBuffer().append("Mozilla").append(i2).toString());
        name.addOrganizationalUnitName("JSS Testing");
        Name name2 = new Name();
        name2.addCommonName(str2);
        name2.addCountryName("US");
        name2.addOrganizationName(new StringBuffer().append("Mozilla").append(i2).toString());
        name2.addOrganizationalUnitName("JSS Testing");
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.add(1, 1);
        CertificateInfo certificateInfo = new CertificateInfo(CertificateInfo.v3, new INTEGER(i), algorithmIdentifier, name, time, calendar.getTime(), name2, (SubjectPublicKeyInfo) ASN1Util.decode(new SubjectPublicKeyInfo.Template(), publicKey.getEncoded()));
        if (sequence != null) {
            certificateInfo.setExtensions(sequence);
        }
        return new Certificate(certificateInfo, privateKey, sigAlg);
    }

    public static void main(String[] strArr) throws Exception {
        new SSLClientAuth().doIt(strArr);
    }

    public void doIt(String[] strArr) throws Exception {
        CryptoManager.initialize(strArr[0]);
        CryptoManager cryptoManager = CryptoManager.getInstance();
        CryptoToken internalKeyStorageToken = cryptoManager.getInternalKeyStorageToken();
        internalKeyStorageToken.login(new FilePasswordCallback(strArr[1]));
        int nextRandInt = nextRandInt(SecureRandom.getInstance("pkcs11prng", "Mozilla-JSS"));
        KeyPairGenerator keyPairGenerator = internalKeyStorageToken.getKeyPairGenerator(KeyPairAlgorithm.RSA);
        keyPairGenerator.initialize(512);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        SEQUENCE sequence = new SEQUENCE();
        sequence.addElement(makeBasicConstraintsExtension());
        ((InternalCertificate) cryptoManager.importUserCACertPackage(ASN1Util.encode(makeCert("CACert", "CACert", 1, genKeyPair.getPrivate(), genKeyPair.getPublic(), nextRandInt, sequence)), new StringBuffer().append("cacertnick").append(nextRandInt).toString())).setSSLTrust(NativeErrcodes.SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
        keyPairGenerator.initialize(512);
        Certificate makeCert = makeCert("CACert", "localhost", 2, genKeyPair.getPrivate(), keyPairGenerator.genKeyPair().getPublic(), nextRandInt, null);
        this.serverCertNick = new StringBuffer().append("servercertnick").append(nextRandInt).toString();
        this.nssServerCert = cryptoManager.importCertPackage(ASN1Util.encode(makeCert), this.serverCertNick);
        keyPairGenerator.initialize(512);
        Certificate makeCert2 = makeCert("CACert", "ClientCert", 3, genKeyPair.getPrivate(), keyPairGenerator.genKeyPair().getPublic(), nextRandInt, null);
        this.clientCertNick = new StringBuffer().append("clientcertnick").append(nextRandInt).toString();
        this.nssClientCert = cryptoManager.importCertPackage(ASN1Util.encode(makeCert2), this.clientCertNick);
        this.useNickname = false;
        testConnection();
        this.useNickname = true;
        testConnection();
        System.out.println("Exiting main()");
        if (getSuccess()) {
            System.exit(0);
        } else {
            System.exit(1);
        }
    }

    private void testConnection() throws Exception {
        this.serverReady = false;
        Thread thread = new Thread(this);
        thread.start();
        synchronized (this) {
            while (!this.serverReady) {
                wait();
            }
        }
        System.out.println("client about to connect");
        SSLSocket sSLSocket = new SSLSocket("localhost", port);
        if (this.useNickname) {
            sSLSocket.setClientCertNickname(this.clientCertNick);
            System.out.println("Client specified cert by nickname");
        } else {
            sSLSocket.setClientCert(this.nssClientCert);
            System.out.println("Client specified cert directly");
        }
        System.out.println("client connected");
        sSLSocket.addHandshakeCompletedListener(new HandshakeListener("client", this));
        sSLSocket.forceHandshake();
        System.out.println("client forced handshake");
        sSLSocket.close();
        thread.join();
    }

    public synchronized void setFailure() {
        this.success = false;
    }

    public synchronized boolean getSuccess() {
        return this.success;
    }

    @Override // java.lang.Runnable
    public void run() {
        try {
            SSLServerSocket.configServerSessionIDCache(10, 100, 100, null);
            System.out.println("Server about to create socket");
            SSLServerSocket sSLServerSocket = new SSLServerSocket(port, 5, null, null, true);
            System.out.println("Server created socket");
            sSLServerSocket.requireClientAuth(true, true);
            if (this.useNickname) {
                sSLServerSocket.setServerCertNickname(this.serverCertNick);
                System.out.println("Server specified cert by nickname");
            } else {
                sSLServerSocket.setServerCert(this.nssServerCert);
                System.out.println("Server specified cert directly");
            }
            synchronized (this) {
                this.serverReady = true;
                notify();
            }
            System.out.println("Server about to accept");
            SSLSocket sSLSocket = (SSLSocket) sSLServerSocket.accept();
            System.out.println("Server accepted");
            sSLSocket.addHandshakeCompletedListener(new HandshakeListener("server", this));
            InputStream inputStream = sSLSocket.getInputStream();
            try {
                System.out.println("Server about to read");
                inputStream.read();
                System.out.println("Server read successful");
            } catch (EOFException e) {
                System.out.println("Server got EOF");
            }
            sSLSocket.close();
            sSLServerSocket.close();
        } catch (Exception e2) {
            synchronized (this) {
                this.serverReady = true;
                setFailure();
                notify();
                e2.printStackTrace();
            }
        }
        System.out.println("Server exiting");
    }

    static Extension makeBasicConstraintsExtension() throws Exception {
        SEQUENCE sequence = new SEQUENCE();
        sequence.addElement(new BOOLEAN(true));
        return new Extension(new OBJECT_IDENTIFIER(new long[]{2, 5, 29, 19}), true, new OCTET_STRING(ASN1Util.encode(sequence)));
    }

    static int nextRandInt(SecureRandom secureRandom) throws Exception {
        byte[] bArr = new byte[4];
        secureRandom.nextBytes(bArr);
        return (bArr[0] << 24) | (bArr[1] << 16) | (bArr[2] << 8) | bArr[3];
    }
}
