package org.ejbca.core.protocol.ws.client;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.xml.bind.DatatypeConverter;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.util.encoders.Base64;
import org.cesecore.util.CertTools;
import org.ejbca.core.protocol.ws.client.gen.Certificate;
import org.ejbca.core.protocol.ws.client.gen.CertificateResponse;
import org.ejbca.core.protocol.ws.client.gen.EjbcaWS;
import org.ejbca.core.protocol.ws.client.gen.RevokeBackDateNotAllowedForProfileException_Exception;
import org.ejbca.core.protocol.ws.client.gen.UserDataVOWS;
import org.ejbca.core.protocol.ws.client.gen.UserMatch;
import org.ejbca.ui.cli.IAdminCommand;
import org.ejbca.util.PerformanceTest;

/* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand.class */
public class StressTestCommand extends EJBCAWSRABaseCommand implements IAdminCommand {
    private static final String USER_NAME_TAG = "<userName>";
    final PerformanceTest performanceTest;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$BaseCommand.class */
    public class BaseCommand {
        protected final JobData jobData;

        BaseCommand(JobData jobData) {
            this.jobData = jobData;
        }

        public String toString() {
            return "Class '" + getClass().getCanonicalName() + "' with this job data: " + this.jobData.toString();
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$CertificateRequestCommand.class */
    private class CertificateRequestCommand extends BaseCommand implements PerformanceTest.Command {
        private final EjbcaWS ejbcaWS;
        private final UserDataVOWS user;
        private final boolean doCreateNewUser;
        private final int bitsInCertificateSN;
        private PKCS10CertificationRequest pkcs10;

        CertificateRequestCommand(EjbcaWS ejbcaWS, String str, String str2, String str3, JobData jobData, boolean z, int i, KeyPair keyPair) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException {
            super(jobData);
            this.doCreateNewUser = z;
            this.ejbcaWS = ejbcaWS;
            this.user = new UserDataVOWS();
            this.user.setClearPwd(true);
            this.user.setCaName(str);
            this.user.setEmail(null);
            this.user.setSubjectAltName(null);
            this.user.setStatus(10);
            this.user.setTokenType(UserDataVOWS.TOKEN_TYPE_USERGENERATED);
            this.user.setEndEntityProfileName(str2);
            this.user.setCertificateProfileName(str3);
            this.bitsInCertificateSN = i;
            try {
                this.pkcs10 = CertTools.genPKCS10CertificationRequest("SHA1WithRSA", CertTools.stringToBcX500Name("CN=NOUSED"), keyPair.getPublic(), new DERSet(), keyPair.getPrivate(), (String) null);
            } catch (OperatorCreationException e) {
                StressTestCommand.this.getPrintStream().println(e.getLocalizedMessage());
                e.printStackTrace(StressTestCommand.this.getPrintStream());
            }
        }

        public boolean doIt() throws Exception {
            if (this.doCreateNewUser) {
                this.jobData.passWord = "foo123";
                this.jobData.userName = "WSTESTUSER" + StressTestCommand.this.performanceTest.nextLong();
            }
            if (this.bitsInCertificateSN > 0 && this.doCreateNewUser) {
                this.user.setCertificateSerialNumber(new BigInteger(this.bitsInCertificateSN, StressTestCommand.this.performanceTest.getRandom()));
            }
            this.user.setSubjectDN(this.jobData.getDN());
            this.user.setUsername(this.jobData.userName);
            this.user.setPassword(this.jobData.passWord);
            return StressTestCommand.this.checkAndLogCertificateResponse(this.ejbcaWS.certificateRequest(this.user, new String(Base64.encode(this.pkcs10.getEncoded())), 0, null, "CERTIFICATE"), this.jobData);
        }

        public String getJobTimeDescription() {
            return this.doCreateNewUser ? "Relative time spent registring new users" : "Relative time spent setting status of user to NEW";
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$EditUserCommand.class */
    private class EditUserCommand extends BaseCommand implements PerformanceTest.Command {
        private final EjbcaWS ejbcaWS;
        private final UserDataVOWS user;
        private final boolean doCreateNewUser;
        private final int bitsInCertificateSN;

        EditUserCommand(EjbcaWS ejbcaWS, String str, String str2, String str3, JobData jobData, boolean z, int i) {
            super(jobData);
            this.doCreateNewUser = z;
            this.ejbcaWS = ejbcaWS;
            this.user = new UserDataVOWS();
            this.user.setClearPwd(true);
            this.user.setCaName(str);
            this.user.setEmail(null);
            this.user.setSubjectAltName(null);
            this.user.setStatus(10);
            this.user.setTokenType(UserDataVOWS.TOKEN_TYPE_USERGENERATED);
            this.user.setEndEntityProfileName(str2);
            this.user.setCertificateProfileName(str3);
            this.bitsInCertificateSN = i;
        }

        public boolean doIt() throws Exception {
            if (this.doCreateNewUser) {
                this.jobData.passWord = "foo123";
                this.jobData.userName = "WSTESTUSER" + StressTestCommand.this.performanceTest.nextLong();
            }
            if (this.bitsInCertificateSN > 0 && this.doCreateNewUser) {
                this.user.setCertificateSerialNumber(new BigInteger(this.bitsInCertificateSN, StressTestCommand.this.performanceTest.getRandom()));
            }
            this.user.setSubjectDN(this.jobData.getDN());
            this.user.setUsername(this.jobData.userName);
            this.user.setPassword(this.jobData.passWord);
            this.ejbcaWS.editUser(this.user);
            return true;
        }

        public String getJobTimeDescription() {
            return this.doCreateNewUser ? "Relative time spent registring new users" : "Relative time spent setting status of user to NEW";
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$FindUserCommand.class */
    private class FindUserCommand extends BaseCommand implements PerformanceTest.Command {
        private final EjbcaWS ejbcaWS;

        FindUserCommand(EjbcaWS ejbcaWS, JobData jobData) throws Exception {
            super(jobData);
            this.ejbcaWS = ejbcaWS;
        }

        public boolean doIt() throws Exception {
            UserMatch userMatch = new UserMatch();
            userMatch.setMatchtype(0);
            userMatch.setMatchvalue(this.jobData.getDN());
            userMatch.setMatchwith(7);
            List<UserDataVOWS> findUser = this.ejbcaWS.findUser(userMatch);
            if (findUser.size() < 1) {
                StressTestCommand.this.performanceTest.getLog().error("No users found for DN \"" + this.jobData.getDN() + "\"");
                return false;
            }
            Iterator<UserDataVOWS> it = findUser.iterator();
            while (it.hasNext()) {
                String username = it.next().getUsername();
                if (!username.equals(this.jobData.userName)) {
                    StressTestCommand.this.performanceTest.getLog().error("wrong user name \"" + username + "\" for certificate with DN \"" + this.jobData.getDN() + "\"");
                    return false;
                }
            }
            return true;
        }

        public String getJobTimeDescription() {
            return "Relative time spent looking for user";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$JobData.class */
    public class JobData {
        String userName;
        String passWord;
        final String subjectDN;
        X509Certificate[] userCertsToBeRevoked;

        public JobData(String str) {
            this.subjectDN = str;
        }

        String getDN() {
            return this.subjectDN.replace(StressTestCommand.USER_NAME_TAG, this.userName);
        }

        public String toString() {
            return "Username '" + this.userName + "' with password '" + this.passWord + "'.";
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$ListCertsCommand.class */
    private class ListCertsCommand extends BaseCommand implements PerformanceTest.Command {
        private final EjbcaWS ejbcaWS;

        ListCertsCommand(EjbcaWS ejbcaWS, JobData jobData) throws Exception {
            super(jobData);
            this.ejbcaWS = ejbcaWS;
        }

        public boolean doIt() throws Exception {
            List<Certificate> findCerts = this.ejbcaWS.findCerts(this.jobData.userName, true);
            Iterator<Certificate> it = findCerts.iterator();
            this.jobData.userCertsToBeRevoked = new X509Certificate[findCerts.size()];
            int i = 0;
            while (it.hasNext()) {
                this.jobData.userCertsToBeRevoked[i] = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(it.next().getCertificateData())));
                i++;
            }
            if (this.jobData.userCertsToBeRevoked.length >= 1) {
                return true;
            }
            StressTestCommand.this.performanceTest.getLog().error("no cert found for user " + this.jobData.userName);
            return false;
        }

        public String getJobTimeDescription() {
            return "Relative time spent finding certs for user.";
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$MultipleCertsRequestsForAUserCommand.class */
    private class MultipleCertsRequestsForAUserCommand extends BaseCommand implements PerformanceTest.Command {
        final EjbcaWS ejbcaWS;
        final String caName;
        final String endEntityProfileName;
        final String certificateProfileName;
        final KeyPairGenerator kpg;

        MultipleCertsRequestsForAUserCommand(EjbcaWS ejbcaWS, String str, String str2, String str3, JobData jobData, KeyPairGenerator keyPairGenerator) throws Exception {
            super(jobData);
            this.caName = str;
            this.endEntityProfileName = str2;
            this.certificateProfileName = str3;
            this.kpg = keyPairGenerator;
            this.ejbcaWS = ejbcaWS;
        }

        public boolean doIt() throws Exception {
            boolean z = true;
            for (int i = 0; i < 50; i++) {
                if (!new EditUserCommand(this.ejbcaWS, this.caName, this.endEntityProfileName, this.certificateProfileName, this.jobData, z, -1).doIt()) {
                    StressTestCommand.this.performanceTest.getLog().error("MultiplePkcs10RequestsCommand failed for " + this.jobData.userName);
                    return false;
                }
                z = false;
                if (!new Pkcs10RequestCommand(this.ejbcaWS, this.kpg.generateKeyPair(), this.jobData).doIt()) {
                    StressTestCommand.this.performanceTest.getLog().error("MultiplePkcs10RequestsCommand failed for " + this.jobData.userName);
                    return false;
                }
            }
            return true;
        }

        public String getJobTimeDescription() {
            return "Relative time spent creating a lot of certificates";
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$MyCommandFactory.class */
    private class MyCommandFactory implements PerformanceTest.CommandFactory {
        private final String caName;
        private final String endEntityProfileName;
        private final String certificateProfileName;
        private final TestType testType;
        private final int maxCertificateSN;
        private final String subjectDN;

        MyCommandFactory(String str, String str2, String str3, TestType testType, int i, String str4) {
            this.testType = testType;
            this.caName = str;
            this.endEntityProfileName = str2;
            this.certificateProfileName = str3;
            this.maxCertificateSN = i;
            this.subjectDN = str4;
        }

        public PerformanceTest.Command[] getCommands() throws Exception {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            EjbcaWS ejbcaRAWSFNewReference = StressTestCommand.this.getEjbcaRAWSFNewReference();
            JobData jobData = new JobData(this.subjectDN);
            switch (this.testType) {
                case BASIC:
                    return new PerformanceTest.Command[]{new EditUserCommand(ejbcaRAWSFNewReference, this.caName, this.endEntityProfileName, this.certificateProfileName, jobData, true, this.maxCertificateSN), new Pkcs10RequestCommand(ejbcaRAWSFNewReference, keyPairGenerator.generateKeyPair(), jobData)};
                case BASICSINGLETRANS:
                    return new PerformanceTest.Command[]{new CertificateRequestCommand(ejbcaRAWSFNewReference, this.caName, this.endEntityProfileName, this.certificateProfileName, jobData, true, this.maxCertificateSN, keyPairGenerator.generateKeyPair())};
                case REVOKE_BACKDATED:
                case REVOKE:
                    PerformanceTest.Command[] commandArr = new PerformanceTest.Command[7];
                    commandArr[0] = new EditUserCommand(ejbcaRAWSFNewReference, this.caName, this.endEntityProfileName, this.certificateProfileName, jobData, true, this.maxCertificateSN);
                    commandArr[1] = new Pkcs10RequestCommand(ejbcaRAWSFNewReference, keyPairGenerator.generateKeyPair(), jobData);
                    commandArr[2] = new FindUserCommand(ejbcaRAWSFNewReference, jobData);
                    commandArr[3] = new ListCertsCommand(ejbcaRAWSFNewReference, jobData);
                    commandArr[4] = this.testType.equals(TestType.REVOKE_BACKDATED) ? new RevokeCertBackdatedCommand(ejbcaRAWSFNewReference, jobData) : new RevokeCertCommand(ejbcaRAWSFNewReference, jobData);
                    commandArr[5] = new EditUserCommand(ejbcaRAWSFNewReference, this.caName, this.endEntityProfileName, this.certificateProfileName, jobData, false, -1);
                    commandArr[6] = new Pkcs10RequestCommand(ejbcaRAWSFNewReference, keyPairGenerator.generateKeyPair(), jobData);
                    return commandArr;
                case REVOKEALOT:
                    return new PerformanceTest.Command[]{new MultipleCertsRequestsForAUserCommand(ejbcaRAWSFNewReference, this.caName, this.endEntityProfileName, this.certificateProfileName, jobData, keyPairGenerator), new FindUserCommand(ejbcaRAWSFNewReference, jobData), new ListCertsCommand(ejbcaRAWSFNewReference, jobData), new RevokeCertCommand(ejbcaRAWSFNewReference, jobData)};
                default:
                    return null;
            }
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$Pkcs10RequestCommand.class */
    private class Pkcs10RequestCommand extends BaseCommand implements PerformanceTest.Command {
        private final EjbcaWS ejbcaWS;
        private final PKCS10CertificationRequest pkcs10;

        Pkcs10RequestCommand(EjbcaWS ejbcaWS, KeyPair keyPair, JobData jobData) throws Exception {
            super(jobData);
            this.pkcs10 = CertTools.genPKCS10CertificationRequest("SHA1WithRSA", CertTools.stringToBcX500Name("CN=NOUSED"), keyPair.getPublic(), new DERSet(), keyPair.getPrivate(), (String) null);
            this.ejbcaWS = ejbcaWS;
        }

        public boolean doIt() throws Exception {
            return StressTestCommand.this.checkAndLogCertificateResponse(this.ejbcaWS.pkcs10Request(this.jobData.userName, this.jobData.passWord, new String(Base64.encode(this.pkcs10.getEncoded())), null, "CERTIFICATE"), this.jobData);
        }

        public String getJobTimeDescription() {
            return "Relative time spent signing certificates";
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$RevokeCertBackdatedCommand.class */
    private class RevokeCertBackdatedCommand extends BaseCommand implements PerformanceTest.Command {
        private final EjbcaWS ejbcaWS;
        final String revoceTime;

        RevokeCertBackdatedCommand(EjbcaWS ejbcaWS, JobData jobData) throws Exception {
            super(jobData);
            this.ejbcaWS = ejbcaWS;
            Calendar calendar = Calendar.getInstance();
            calendar.setTime(new Date(new Date().getTime() - 86400000));
            this.revoceTime = DatatypeConverter.printDateTime(calendar);
            StressTestCommand.this.performanceTest.getLog().info("Revoke time: " + this.revoceTime);
        }

        private void revokeBackdated(int i) throws Exception {
            this.ejbcaWS.revokeCertBackdated(this.jobData.userCertsToBeRevoked[i].getIssuerDN().getName(), this.jobData.userCertsToBeRevoked[i].getSerialNumber().toString(16), 0, this.revoceTime);
        }

        private void revoke(int i) throws Exception {
            this.ejbcaWS.revokeCert(this.jobData.userCertsToBeRevoked[i].getIssuerDN().getName(), this.jobData.userCertsToBeRevoked[i].getSerialNumber().toString(16), 0);
        }

        public boolean doIt() throws Exception {
            for (int i = 0; i < this.jobData.userCertsToBeRevoked.length; i++) {
                try {
                    revokeBackdated(i);
                } catch (RevokeBackDateNotAllowedForProfileException_Exception e) {
                    revoke(i);
                    StressTestCommand.this.performanceTest.getLog().info("No back dating since not allowed for the profile.");
                }
            }
            return true;
        }

        public String getJobTimeDescription() {
            return "Relative time spent revoking certificates.";
        }
    }

    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$RevokeCertCommand.class */
    private class RevokeCertCommand extends BaseCommand implements PerformanceTest.Command {
        private final EjbcaWS ejbcaWS;

        RevokeCertCommand(EjbcaWS ejbcaWS, JobData jobData) throws Exception {
            super(jobData);
            this.ejbcaWS = ejbcaWS;
        }

        public boolean doIt() throws Exception {
            for (int i = 0; i < this.jobData.userCertsToBeRevoked.length; i++) {
                this.ejbcaWS.revokeCert(this.jobData.userCertsToBeRevoked[i].getIssuerDN().getName(), this.jobData.userCertsToBeRevoked[i].getSerialNumber().toString(16), 0);
            }
            return true;
        }

        public String getJobTimeDescription() {
            return "Relative time spent revoking certificates.";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/ejbca/core/protocol/ws/client/StressTestCommand$TestType.class */
    public enum TestType {
        BASIC,
        BASICSINGLETRANS,
        REVOKE,
        REVOKE_BACKDATED,
        REVOKEALOT
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean checkAndLogCertificateResponse(CertificateResponse certificateResponse, JobData jobData) throws CertificateException {
        X509Certificate x509Certificate = null;
        Iterator<? extends java.security.cert.Certificate> it = CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(Base64.decode(certificateResponse.getData()))).iterator();
        while (it.hasNext()) {
            x509Certificate = (X509Certificate) it.next();
        }
        if (x509Certificate == null) {
            this.performanceTest.getLog().error("no certificate generated for user " + jobData.userName);
            return false;
        }
        if (!CertTools.getPartFromDN(x509Certificate.getSubjectDN().getName(), "CN").equals(jobData.userName)) {
            this.performanceTest.getLog().error("Cert not created for right user. Username: \"" + jobData.userName + "\" Subject DN: \"" + x509Certificate.getSubjectDN() + "\".");
            return false;
        }
        this.performanceTest.getLog().info("Cert created. Subject DN: \"" + x509Certificate.getSubjectDN() + "\".");
        this.performanceTest.getLog().result(CertTools.getSerialNumber(x509Certificate));
        return true;
    }

    public StressTestCommand(String[] strArr) {
        super(strArr);
        this.performanceTest = new PerformanceTest();
    }

    @Override // org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand
    protected void usage() {
        getPrintStream().println("Command used to perform a \"stress\" test of EJBCA.");
        getPrintStream().println("The command will start up a number of threads.");
        getPrintStream().println("Each thread will continuously add new users to EJBCA. After adding a new user the thread will fetch a certificate for it.");
        getPrintStream().println();
        getPrintStream().println("Usage : stress <caname> <nr of threads> <max wait time in ms to fetch cert after adding user> [<end entity profile name>] [<certificate profile name>] [<type of test>]");
        getPrintStream().println();
        getPrintStream().println("Here is an example of how the test could be started:");
        getPrintStream().println("./ejbcawsracli.sh stress ManagementCA 20 5000");
        getPrintStream().println("20 threads is started. After adding a user the thread waits between 0-500 ms before requesting a certificate for it. The certificates will all be signed by the CA ManagementCA.");
        getPrintStream().println();
        getPrintStream().println("To define a template for the subject DN of each new user use the java system property 'subjectDN'.");
        getPrintStream().println("If the property value contains one or several '<userName>' string these strings will be substituted with the user name.");
        getPrintStream().println("Example: JAVA_OPT=\"-DsubjectDN=CN=<userName>,O=Acme,UID=hej<userName>,OU=,OU=First Fixed,OU=sfsdf,OU=Middle Fixed,OU=fsfsd,OU=Last Fixed\" ../../PWE/ejbca_3_11/dist/clientToolBox/ejbcaClientToolBox.sh EjbcaWsRaCli stress ldapDirect 1 1000 ldapClientOUTest ldapClientDirect");
        getPrintStream().print("Types of stress tests:");
        for (TestType testType : TestType.values()) {
            getPrintStream().print(" " + testType);
        }
        getPrintStream().println();
    }

    /* JADX WARN: Removed duplicated region for block: B:27:0x00f0 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void execute() throws org.ejbca.ui.cli.IllegalAdminCommandException, org.ejbca.ui.cli.ErrorAdminCommandException {
        /*
            Method dump skipped, instructions count: 311
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.ejbca.core.protocol.ws.client.StressTestCommand.execute():void");
    }
}
