// **********************************************************************
//
// Copyright (c) 2002
// MutableRealms, Inc.
// Huntsville, AL, USA
//
// All Rights Reserved
//
// **********************************************************************

#include <Ice/Ice.h>
#include <TestCommon.h>
#include <Ice/SslException.h>
#include <Ice/System.h>

using namespace std;
using namespace Ice;

void
testExpectCertificateAndPrivateKeyLoadException(const Ice::CommunicatorPtr& communicator,
                                                const std::string& configFile)
{
    PropertiesPtr properties = communicator->getProperties();
    IceSSL::SystemPtr system = communicator->getSslSystem();

    try
    {
        properties->setProperty("Ice.SSL.Client.Config", configFile);
        system->configure(IceSSL::Client);
        test(false);
    }
    catch (const IceSSL::OpenSSL::CertificateLoadException&)
    {
        std::cout << "ok" << std::endl;
    }
    catch (const IceSSL::OpenSSL::PrivateKeyLoadException&)
    {
        std::cout << "ok" << std::endl;
    }
    catch (const LocalException&)
    {
        //
        // Any other exception is bad.
        //

        test(false);
    }
    catch (...)
    {
        //
        // Unknown exceptions are always bad.
        //

        test(false);
    }
}

void
testExpectPrivateKeyLoadException(const Ice::CommunicatorPtr& communicator, const std::string& configFile)
{
    PropertiesPtr properties = communicator->getProperties();
    IceSSL::SystemPtr system = communicator->getSslSystem();

    try
    {
        properties->setProperty("Ice.SSL.Client.Config", configFile);
        system->configure(IceSSL::Client);
        test(false);
    }
    catch (const IceSSL::OpenSSL::PrivateKeyLoadException&)
    {
        std::cout << "ok" << std::endl;
    }
    catch (const LocalException&)
    {
        //
        // Any other exception is bad.
        //

        test(false);
    }
    catch (...)
    {
        //
        // Unknown exceptions are always bad.
        //

        test(false);
    }
}

void
testExpectCertificateLoadException(const Ice::CommunicatorPtr& communicator, const std::string& configFile)
{
    PropertiesPtr properties = communicator->getProperties();
    IceSSL::SystemPtr system = communicator->getSslSystem();

    try
    {
        properties->setProperty("Ice.SSL.Client.Config", configFile);
        system->configure(IceSSL::Client);
        test(false);
    }
    catch (const IceSSL::OpenSSL::CertificateLoadException&)
    {
        std::cout << "ok" << std::endl;
    }
    catch (const LocalException&)
    {
        //
        // Any other exception is bad.
        //

        test(false);
    }
    catch (...)
    {
        //
        // Unknown exceptions are always bad.
        //

        test(false);
    }
}

void
testExpectCertificateKeyMatchException(const Ice::CommunicatorPtr& communicator, const std::string& configFile)
{
    PropertiesPtr properties = communicator->getProperties();
    IceSSL::SystemPtr system = communicator->getSslSystem();

    try
    {
        properties->setProperty("Ice.SSL.Client.Config", configFile);
        system->configure(IceSSL::Client);
        test(false);
    }
    catch (const IceSSL::OpenSSL::CertificateKeyMatchException&)
    {
        std::cout << "ok" << std::endl;
    }
    catch (const LocalException&)
    {
        //
        // Any other exception is bad.
        //

        test(false);
    }
    catch (...)
    {
        //
        // Unknown exceptions are always bad.
        //

        test(false);
    }
}

void
testNoException(const Ice::CommunicatorPtr& communicator, const std::string& configFile)
{
    PropertiesPtr properties = communicator->getProperties();
    IceSSL::SystemPtr system = communicator->getSslSystem();

    try
    {
        properties->setProperty("Ice.SSL.Client.Config", configFile);
        system->configure(IceSSL::Client);
        std::cout << "ok" << std::endl;
    }
    catch (const LocalException&)
    {
        //
        // Any other exception is bad.
        //

        test(false);
    }
    catch (...)
    {
        //
        // Unknown exceptions are always bad.
        //

        test(false);
    }
}

int
run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
{
    PropertiesPtr properties = communicator->getProperties();
    properties->setProperty("Ice.SSL.Client.CertPath", "../certs");

    std::cout << "Bad private key and certificate... " << std::flush;
    testExpectCertificateAndPrivateKeyLoadException(communicator, "sslconfig_1.xml");

    std::cout << "Bad private key and good certificate 1... " << std::flush;
    testExpectPrivateKeyLoadException(communicator, "sslconfig_2.xml");

    std::cout << "Good private key 1 and bad certificate... " << std::flush;
    testExpectCertificateLoadException(communicator, "sslconfig_3.xml");

    std::cout << "Good private key 1 and good certificate 2, mismatched... " << std::flush;
    testExpectCertificateKeyMatchException(communicator, "sslconfig_4.xml");

    std::cout << "Good private key 2 and good certificate 1, mismatched (again)... " << std::flush;
    testExpectCertificateKeyMatchException(communicator, "sslconfig_5.xml");

    std::cout << "Good matched private key and certificate... " << std::flush;
    testNoException(communicator, "sslconfig_6.xml");

    return EXIT_SUCCESS;
}

int
main(int argc, char* argv[])
{
    int status;
    Ice::CommunicatorPtr communicator;

    try
    {
	communicator = Ice::initialize(argc, argv);
	status = run(argc, argv, communicator);
    }
    catch(const Ice::Exception& ex)
    {
	cerr << ex << endl;
	status = EXIT_FAILURE;
    }

    if (communicator)
    {
	try
	{
	    communicator->destroy();
	}
	catch(const Ice::Exception& ex)
	{
	    cerr << ex << endl;
	    status = EXIT_FAILURE;
	}
    }

    return status;
}