package io.netty.testsuite.transport.socket;

import io.netty.bootstrap.Bootstrap;
import io.netty.bootstrap.ServerBootstrap;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufUtil;
import io.netty.buffer.Unpooled;
import io.netty.channel.Channel;
import io.netty.channel.ChannelFutureListener;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInitializer;
import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.channel.socket.SocketChannel;
import io.netty.handler.ssl.ResumableX509ExtendedTrustManager;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslHandshakeCompletionEvent;
import io.netty.handler.ssl.SslProvider;
import io.netty.handler.ssl.util.SelfSignedCertificate;
import io.netty.testsuite.transport.AbstractComboTestsuiteTest;
import io.netty.util.internal.SuppressJava6Requirement;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.File;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.X509ExtendedTrustManager;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.TestInfo;
import org.junit.jupiter.api.Timeout;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;

/* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslSessionReuseTest.class */
public class SocketSslSessionReuseTest extends AbstractSocketTest {
    private static final InternalLogger logger = InternalLoggerFactory.getInstance(SocketSslSessionReuseTest.class);
    private static final File CERT_FILE;
    private static final File KEY_FILE;

    /* JADX INFO: Access modifiers changed from: private */
    @ChannelHandler.Sharable
    /* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslSessionReuseTest$ReadAndDiscardHandler.class */
    public static class ReadAndDiscardHandler extends SimpleChannelInboundHandler<ByteBuf> {
        final AtomicReference<Throwable> exception = new AtomicReference<>();
        private final boolean server;
        private final boolean autoRead;

        ReadAndDiscardHandler(boolean z, boolean z2) {
            this.server = z;
            this.autoRead = z2;
        }

        public void channelRead0(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf) throws Exception {
            byteBuf.skipBytes(byteBuf.readableBytes());
        }

        public void channelReadComplete(ChannelHandlerContext channelHandlerContext) throws Exception {
            try {
                channelHandlerContext.flush();
            } finally {
                if (!this.autoRead) {
                    channelHandlerContext.read();
                }
            }
        }

        public void exceptionCaught(ChannelHandlerContext channelHandlerContext, Throwable th) throws Exception {
            if (SocketSslSessionReuseTest.logger.isWarnEnabled()) {
                SocketSslSessionReuseTest.logger.warn("Unexpected exception from the " + (this.server ? "server" : "client") + " side", th);
            }
            this.exception.compareAndSet(null, th);
            channelHandlerContext.close();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @SuppressJava6Requirement(reason = "Test only")
    /* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslSessionReuseTest$SessionSettingTrustManager.class */
    public static final class SessionSettingTrustManager extends X509ExtendedTrustManager implements ResumableX509ExtendedTrustManager {
        private SessionSettingTrustManager() {
        }

        public void resumeServerTrusted(X509Certificate[] x509CertificateArr, SSLEngine sSLEngine) throws CertificateException {
            sSLEngine.getSession().putValue("key", "value");
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        @SuppressJava6Requirement(reason = "Test only")
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
            sSLEngine.getHandshakeSession().putValue("key", "value");
        }

        public void resumeClientTrusted(X509Certificate[] x509CertificateArr, SSLEngine sSLEngine) throws CertificateException {
            throw new CertificateException("Unsupported operation");
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
            throw new CertificateException("Unsupported operation");
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
            throw new CertificateException("Unsupported operation");
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
            throw new CertificateException("Unsupported operation");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new CertificateException("Unsupported operation");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new CertificateException("Unsupported operation");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public static Collection<Object[]> jdkOnly() throws Exception {
        return Collections.singleton(new Object[]{SslContextBuilder.forServer(CERT_FILE, KEY_FILE).sslProvider(SslProvider.JDK), SslContextBuilder.forClient().trustManager(CERT_FILE).sslProvider(SslProvider.JDK)});
    }

    public static Collection<Object[]> jdkAndOpenSSL() throws Exception {
        return Arrays.asList(new Object[]{SslContextBuilder.forServer(CERT_FILE, KEY_FILE).sslProvider(SslProvider.JDK), SslContextBuilder.forClient().trustManager(CERT_FILE).sslProvider(SslProvider.JDK)}, new Object[]{SslContextBuilder.forServer(CERT_FILE, KEY_FILE).sslProvider(SslProvider.OPENSSL), SslContextBuilder.forClient().trustManager(CERT_FILE).sslProvider(SslProvider.OPENSSL)});
    }

    @MethodSource({"jdkOnly"})
    @Timeout(value = 30000, unit = TimeUnit.MILLISECONDS)
    @ParameterizedTest(name = "{index}: serverEngine = {0}, clientEngine = {1}")
    public void testSslSessionReuse(final SslContextBuilder sslContextBuilder, final SslContextBuilder sslContextBuilder2, TestInfo testInfo) throws Throwable {
        run(testInfo, new AbstractComboTestsuiteTest.Runner<ServerBootstrap, Bootstrap>() { // from class: io.netty.testsuite.transport.socket.SocketSslSessionReuseTest.1
            @Override // io.netty.testsuite.transport.AbstractComboTestsuiteTest.Runner
            public void run(ServerBootstrap serverBootstrap, Bootstrap bootstrap) throws Throwable {
                SocketSslSessionReuseTest.this.testSslSessionReuse((ServerBootstrap) SocketSslSessionReuseTest.this.sb, (Bootstrap) SocketSslSessionReuseTest.this.cb, sslContextBuilder.build(), sslContextBuilder2.build());
            }
        });
    }

    public void testSslSessionReuse(ServerBootstrap serverBootstrap, Bootstrap bootstrap, final SslContext sslContext, final SslContext sslContext2) throws Throwable {
        final ReadAndDiscardHandler readAndDiscardHandler = new ReadAndDiscardHandler(true, true);
        final ReadAndDiscardHandler readAndDiscardHandler2 = new ReadAndDiscardHandler(false, true);
        final String[] strArr = {"TLSv1", "TLSv1.1", "TLSv1.2"};
        serverBootstrap.childHandler(new ChannelInitializer<SocketChannel>() { // from class: io.netty.testsuite.transport.socket.SocketSslSessionReuseTest.2
            /* JADX INFO: Access modifiers changed from: protected */
            public void initChannel(SocketChannel socketChannel) throws Exception {
                SSLEngine newEngine = sslContext.newEngine(socketChannel.alloc());
                newEngine.setUseClientMode(false);
                newEngine.setEnabledProtocols(strArr);
                socketChannel.pipeline().addLast(new ChannelHandler[]{new SslHandler(newEngine)});
                socketChannel.pipeline().addLast(new ChannelHandler[]{readAndDiscardHandler});
            }
        });
        final Channel channel = serverBootstrap.bind().sync().channel();
        bootstrap.handler(new ChannelInitializer<SocketChannel>() { // from class: io.netty.testsuite.transport.socket.SocketSslSessionReuseTest.3
            /* JADX INFO: Access modifiers changed from: protected */
            public void initChannel(SocketChannel socketChannel) throws Exception {
                InetSocketAddress inetSocketAddress = (InetSocketAddress) channel.localAddress();
                SSLEngine newEngine = sslContext2.newEngine(socketChannel.alloc(), inetSocketAddress.getHostString(), inetSocketAddress.getPort());
                newEngine.setUseClientMode(true);
                newEngine.setEnabledProtocols(strArr);
                socketChannel.pipeline().addLast(new ChannelHandler[]{new SslHandler(newEngine)});
                socketChannel.pipeline().addLast(new ChannelHandler[]{readAndDiscardHandler2});
            }
        });
        try {
            SSLSessionContext sessionContext = sslContext2.sessionContext();
            ByteBuf wrappedBuffer = Unpooled.wrappedBuffer(new byte[]{10, 11, 12, 13}, 0, 4);
            Channel channel2 = bootstrap.connect(channel.localAddress()).sync().channel();
            channel2.writeAndFlush(wrappedBuffer).addListener(ChannelFutureListener.CLOSE).sync();
            channel2.closeFuture().sync();
            rethrowHandlerExceptions(readAndDiscardHandler, readAndDiscardHandler2);
            Set<String> sessionIdSet = sessionIdSet(sessionContext.getIds());
            ByteBuf wrappedBuffer2 = Unpooled.wrappedBuffer(new byte[]{10, 11, 12, 13}, 0, 4);
            Channel channel3 = bootstrap.connect(channel.localAddress()).sync().channel();
            channel3.writeAndFlush(wrappedBuffer2).addListener(ChannelFutureListener.CLOSE).sync();
            channel3.closeFuture().sync();
            Assertions.assertEquals(sessionIdSet, sessionIdSet(sessionContext.getIds()), "Expected no new sessions");
            rethrowHandlerExceptions(readAndDiscardHandler, readAndDiscardHandler2);
            channel.close().awaitUninterruptibly();
        } catch (Throwable th) {
            channel.close().awaitUninterruptibly();
            throw th;
        }
    }

    @MethodSource({"jdkAndOpenSSL"})
    @Timeout(value = 30000, unit = TimeUnit.MILLISECONDS)
    @ParameterizedTest(name = "{index}: serverEngine = {0}, clientEngine = {1}")
    public void testSslSessionTrustManagerResumption(final SslContextBuilder sslContextBuilder, final SslContextBuilder sslContextBuilder2, TestInfo testInfo) throws Throwable {
        run(testInfo, new AbstractComboTestsuiteTest.Runner<ServerBootstrap, Bootstrap>() { // from class: io.netty.testsuite.transport.socket.SocketSslSessionReuseTest.4
            @Override // io.netty.testsuite.transport.AbstractComboTestsuiteTest.Runner
            public void run(ServerBootstrap serverBootstrap, Bootstrap bootstrap) throws Throwable {
                SocketSslSessionReuseTest.this.testSslSessionTrustManagerResumption((ServerBootstrap) SocketSslSessionReuseTest.this.sb, (Bootstrap) SocketSslSessionReuseTest.this.cb, sslContextBuilder, sslContextBuilder2);
            }
        });
    }

    public void testSslSessionTrustManagerResumption(ServerBootstrap serverBootstrap, Bootstrap bootstrap, SslContextBuilder sslContextBuilder, SslContextBuilder sslContextBuilder2) throws Throwable {
        String[] strArr = {"TLSv1", "TLSv1.1", "TLSv1.2"};
        sslContextBuilder.protocols(strArr);
        sslContextBuilder2.protocols(strArr);
        sslContextBuilder2.trustManager(new SessionSettingTrustManager());
        final SslContext build = sslContextBuilder.build();
        final SslContext build2 = sslContextBuilder2.build();
        final LinkedBlockingQueue linkedBlockingQueue = new LinkedBlockingQueue();
        final ReadAndDiscardHandler readAndDiscardHandler = new ReadAndDiscardHandler(true, true);
        final ReadAndDiscardHandler readAndDiscardHandler2 = new ReadAndDiscardHandler(false, true) { // from class: io.netty.testsuite.transport.socket.SocketSslSessionReuseTest.5
            public void userEventTriggered(ChannelHandlerContext channelHandlerContext, Object obj) throws Exception {
                if (obj instanceof SslHandshakeCompletionEvent) {
                    SslHandshakeCompletionEvent sslHandshakeCompletionEvent = (SslHandshakeCompletionEvent) obj;
                    if (sslHandshakeCompletionEvent.isSuccess()) {
                        Assertions.assertTrue(linkedBlockingQueue.offer(String.valueOf(channelHandlerContext.pipeline().get(SslHandler.class).engine().getSession().getValue("key"))));
                    } else {
                        SocketSslSessionReuseTest.logger.error("SSL handshake failed", sslHandshakeCompletionEvent.cause());
                    }
                }
                super.userEventTriggered(channelHandlerContext, obj);
            }
        };
        serverBootstrap.childHandler(new ChannelInitializer<SocketChannel>() { // from class: io.netty.testsuite.transport.socket.SocketSslSessionReuseTest.6
            /* JADX INFO: Access modifiers changed from: protected */
            public void initChannel(SocketChannel socketChannel) throws Exception {
                socketChannel.pipeline().addLast(new ChannelHandler[]{build.newHandler(socketChannel.alloc())});
                socketChannel.pipeline().addLast(new ChannelHandler[]{readAndDiscardHandler});
            }
        });
        final Channel channel = serverBootstrap.bind().sync().channel();
        bootstrap.handler(new ChannelInitializer<SocketChannel>() { // from class: io.netty.testsuite.transport.socket.SocketSslSessionReuseTest.7
            /* JADX INFO: Access modifiers changed from: protected */
            public void initChannel(SocketChannel socketChannel) throws Exception {
                InetSocketAddress inetSocketAddress = (InetSocketAddress) channel.localAddress();
                socketChannel.pipeline().addLast(new ChannelHandler[]{build2.newHandler(socketChannel.alloc(), inetSocketAddress.getHostString(), inetSocketAddress.getPort())});
                socketChannel.pipeline().addLast(new ChannelHandler[]{readAndDiscardHandler2});
            }
        });
        try {
            ByteBuf wrappedBuffer = Unpooled.wrappedBuffer(new byte[]{10, 11, 12, 13}, 0, 4);
            Channel channel2 = bootstrap.connect(channel.localAddress()).sync().channel();
            channel2.writeAndFlush(wrappedBuffer).addListener(ChannelFutureListener.CLOSE).sync();
            channel2.closeFuture().sync();
            rethrowHandlerExceptions(readAndDiscardHandler, readAndDiscardHandler2);
            Assertions.assertEquals("value", linkedBlockingQueue.poll(10L, TimeUnit.SECONDS));
            ByteBuf wrappedBuffer2 = Unpooled.wrappedBuffer(new byte[]{10, 11, 12, 13}, 0, 4);
            Channel channel3 = bootstrap.connect(channel.localAddress()).sync().channel();
            channel3.writeAndFlush(wrappedBuffer2).addListener(ChannelFutureListener.CLOSE).sync();
            channel3.closeFuture().sync();
            rethrowHandlerExceptions(readAndDiscardHandler, readAndDiscardHandler2);
            Assertions.assertEquals("value", linkedBlockingQueue.poll(10L, TimeUnit.SECONDS));
            channel.close().awaitUninterruptibly();
        } catch (Throwable th) {
            channel.close().awaitUninterruptibly();
            throw th;
        }
    }

    private static void rethrowHandlerExceptions(ReadAndDiscardHandler readAndDiscardHandler, ReadAndDiscardHandler readAndDiscardHandler2) throws Throwable {
        if (readAndDiscardHandler.exception.get() != null && !(readAndDiscardHandler.exception.get() instanceof IOException)) {
            throw new ExecutionException(readAndDiscardHandler.exception.get());
        }
        if (readAndDiscardHandler2.exception.get() != null && !(readAndDiscardHandler2.exception.get() instanceof IOException)) {
            throw new ExecutionException(readAndDiscardHandler2.exception.get());
        }
        if (readAndDiscardHandler.exception.get() != null) {
            throw new ExecutionException(readAndDiscardHandler.exception.get());
        }
        if (readAndDiscardHandler2.exception.get() != null) {
            throw new ExecutionException(readAndDiscardHandler2.exception.get());
        }
    }

    private static Set<String> sessionIdSet(Enumeration<byte[]> enumeration) {
        HashSet hashSet = new HashSet();
        while (enumeration.hasMoreElements()) {
            hashSet.add(ByteBufUtil.hexDump(Unpooled.wrappedBuffer(enumeration.nextElement())));
        }
        return hashSet;
    }

    static {
        try {
            SelfSignedCertificate selfSignedCertificate = new SelfSignedCertificate();
            CERT_FILE = selfSignedCertificate.certificate();
            KEY_FILE = selfSignedCertificate.privateKey();
        } catch (CertificateException e) {
            throw new Error(e);
        }
    }
}
