package org.neo4j.driver.v1.util;

import java.io.File;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v1CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.crypto.util.PrivateKeyFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
import org.junit.Assert;
import org.junit.Test;
import org.neo4j.driver.internal.util.CertificateTool;

/* loaded from: input_file:org/neo4j/driver/v1/util/CertificateToolTest.class */
public class CertificateToolTest {
    public static X509Certificate generateSelfSignedCertificate() throws GeneralSecurityException, IOException, OperatorCreationException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
        keyPairGenerator.initialize(1024, new SecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Date date = new Date(System.currentTimeMillis());
        Date date2 = new Date(System.currentTimeMillis() + 31536000000L);
        X509v1CertificateBuilder x509v1CertificateBuilder = new X509v1CertificateBuilder(new X500Name("CN=NEO4J_JAVA_DRIVER"), BigInteger.valueOf(System.currentTimeMillis()), date, date2, new X500Name("CN=Test"), SubjectPublicKeyInfo.getInstance(generateKeyPair.getPublic().getEncoded()));
        AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
        AlgorithmIdentifier find2 = new DefaultDigestAlgorithmIdentifierFinder().find(find);
        return new JcaX509CertificateConverter().setProvider("BC").getCertificate(x509v1CertificateBuilder.build(new BcRSAContentSignerBuilder(find, find2).build(PrivateKeyFactory.createKey(generateKeyPair.getPrivate().getEncoded()))));
    }

    @Test
    public void shouldLoadMultipleCertsIntoKeyStore() throws Throwable {
        File createTempFile = File.createTempFile("3random", ".cer");
        createTempFile.deleteOnExit();
        CertificateTool.saveX509Cert(new Certificate[]{generateSelfSignedCertificate(), generateSelfSignedCertificate(), generateSelfSignedCertificate()}, createTempFile);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        CertificateTool.loadX509Cert(createTempFile, keyStore);
        Enumeration<String> aliases = keyStore.aliases();
        Assert.assertTrue(aliases.hasMoreElements());
        Assert.assertTrue(aliases.nextElement().startsWith("neo4j.javadriver.trustedcert"));
        Assert.assertTrue(aliases.hasMoreElements());
        Assert.assertTrue(aliases.nextElement().startsWith("neo4j.javadriver.trustedcert"));
        Assert.assertTrue(aliases.hasMoreElements());
        Assert.assertTrue(aliases.nextElement().startsWith("neo4j.javadriver.trustedcert"));
        Assert.assertFalse(aliases.hasMoreElements());
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
