package org.kuali.rice.ksb.security.admin;

import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.xml.namespace.QName;
import org.junit.Assert;
import org.junit.Test;
import org.kuali.rice.core.api.resourceloader.GlobalResourceLoader;
import org.kuali.rice.ksb.test.KSBTestCase;

/* loaded from: input_file:org/kuali/rice/ksb/security/admin/JavaSecurityManagementServiceTest.class */
public class JavaSecurityManagementServiceTest extends KSBTestCase {
    private static final String TEST_CLIENT_ALIAS = "test_alias";
    private static final String TEST_CLIENT_PASSWORD = "test_password";
    private static final String MOCK_JAVA_SECURITY_MANAGEMENT_SERVICE_BEAN_ID = "testJavaSecurityManagementService";

    private MockJavaSecurityManagementService getMockJavaSecurityManagementService() {
        return (MockJavaSecurityManagementService) GlobalResourceLoader.getService(new QName("KEW", MOCK_JAVA_SECURITY_MANAGEMENT_SERVICE_BEAN_ID));
    }

    @Test
    public void testCertificatesExistInKeyStores() throws Exception {
        MockJavaSecurityManagementService mockJavaSecurityManagementService = getMockJavaSecurityManagementService();
        String moduleKeyStoreAlias = mockJavaSecurityManagementService.getModuleKeyStoreAlias();
        KeyStore generateClientKeystore = mockJavaSecurityManagementService.generateClientKeystore(TEST_CLIENT_ALIAS, TEST_CLIENT_PASSWORD);
        verifyKeyStoreContents(generateClientKeystore, "client", moduleKeyStoreAlias, TEST_CLIENT_ALIAS);
        Assert.assertEquals("Certs do not match in client keystore file", mockJavaSecurityManagementService.getCertificate(moduleKeyStoreAlias), generateClientKeystore.getCertificate(moduleKeyStoreAlias));
        verifyKeyStoreContents(mockJavaSecurityManagementService.getModuleKeyStore(), "module", TEST_CLIENT_ALIAS, mockJavaSecurityManagementService.getModuleKeyStoreAlias());
        Assert.assertEquals("Certs do not match in module keystore file", generateClientKeystore.getCertificate(moduleKeyStoreAlias), mockJavaSecurityManagementService.getCertificate(moduleKeyStoreAlias));
    }

    private void verifyKeyStoreContents(KeyStore keyStore, String str, String str2, String str3) throws GeneralSecurityException {
        Assert.assertTrue("Alias for Certificate Entry '" + str2 + "' should exist in " + str + " keystore file", keyStore.containsAlias(str2));
        Assert.assertTrue("Alias '" + str2 + "' should be Certificate Entry in " + str + " keystore file", keyStore.isCertificateEntry(str2));
        Assert.assertTrue("Alias for Private Key Entry '" + str3 + "' should exist in " + str + " keystore file", keyStore.containsAlias(str3));
        Assert.assertTrue("Alias '" + str3 + "' should be Private Key Entry in " + str + " keystore file", keyStore.entryInstanceOf(str3, KeyStore.PrivateKeyEntry.class));
    }
}
