package org.graylog2.security.certutil;

import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Path;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import org.assertj.core.api.Assertions;
import org.graylog.security.certutil.CertutilCa;
import org.graylog.security.certutil.console.TestableConsole;
import org.graylog2.rest.resources.users.UsersResourceTest;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.io.TempDir;

/* loaded from: input_file:org/graylog2/security/certutil/CertutilCaTest.class */
class CertutilCaTest {

    @TempDir
    static Path tempDir;

    CertutilCaTest() {
    }

    @Test
    void testCaCertificateGeneration() throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidAlgorithmParameterException, CertPathValidatorException, SignatureException, InvalidKeyException, NoSuchProviderException {
        Path resolve = tempDir.resolve("test-ca.p12");
        new CertutilCa(resolve.toAbsolutePath().toString(), TestableConsole.empty().register(CertutilCa.PROMPT_ENTER_CA_PASSWORD, UsersResourceTest.PASSWORD)).run();
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(new FileInputStream(resolve.toFile()), UsersResourceTest.PASSWORD.toCharArray());
        Assertions.assertThat(keyStore.getKey("root", UsersResourceTest.PASSWORD.toCharArray())).isNotNull();
        Assertions.assertThat(keyStore.getKey("ca", UsersResourceTest.PASSWORD.toCharArray())).isNotNull();
        Certificate certificate = keyStore.getCertificate("root");
        Assertions.assertThat(certificate).isNotNull();
        Certificate certificate2 = keyStore.getCertificate("ca");
        Assertions.assertThatCode(() -> {
            certificate2.verify(certificate.getPublicKey());
        }).doesNotThrowAnyException();
    }
}
