package io.netty.testsuite.transport.socket;

import io.netty.bootstrap.Bootstrap;
import io.netty.bootstrap.ServerBootstrap;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled;
import io.netty.channel.Channel;
import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandlerAdapter;
import io.netty.channel.ChannelInitializer;
import io.netty.channel.ChannelOption;
import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.handler.ssl.OpenSsl;
import io.netty.handler.ssl.OpenSslContext;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslHandshakeCompletionEvent;
import io.netty.handler.ssl.SslProvider;
import io.netty.handler.stream.ChunkedWriteHandler;
import io.netty.pkitesting.CertificateBuilder;
import io.netty.pkitesting.X509Bundle;
import io.netty.testsuite.transport.AbstractComboTestsuiteTest;
import io.netty.testsuite.transport.TestsuitePermutation;
import io.netty.testsuite.util.TestUtils;
import io.netty.util.concurrent.Future;
import io.netty.util.concurrent.GenericFutureListener;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Random;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.atomic.AtomicReference;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.TestInfo;
import org.junit.jupiter.api.Timeout;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;

/* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslEchoTest.class */
public class SocketSslEchoTest extends AbstractSocketTest {
    private static final int FIRST_MESSAGE_SIZE = 16384;
    private static final File CERT_FILE;
    private static final File KEY_FILE;
    private volatile Channel clientChannel;
    private volatile Channel serverChannel;
    private volatile SslHandler clientSslHandler;
    private volatile SslHandler serverSslHandler;
    private SslContext serverCtx;
    private SslContext clientCtx;
    private Renegotiation renegotiation;
    private boolean serverUsesDelegatedTaskExecutor;
    private boolean clientUsesDelegatedTaskExecutor;
    private boolean autoRead;
    private boolean useChunkedWriteHandler;
    private boolean useCompositeByteBuf;
    private static final InternalLogger logger = InternalLoggerFactory.getInstance(SocketSslEchoTest.class);
    private static final Random random = new Random();
    static final byte[] data = new byte[1048576];
    private final AtomicReference<Throwable> clientException = new AtomicReference<>();
    private final AtomicReference<Throwable> serverException = new AtomicReference<>();
    private final AtomicInteger clientSendCounter = new AtomicInteger();
    private final AtomicInteger clientRecvCounter = new AtomicInteger();
    private final AtomicInteger serverRecvCounter = new AtomicInteger();
    private final AtomicInteger clientNegoCounter = new AtomicInteger();
    private final AtomicInteger serverNegoCounter = new AtomicInteger();
    private final EchoClientHandler clientHandler = new EchoClientHandler(this.clientRecvCounter, this.clientNegoCounter, this.clientException);
    private final EchoServerHandler serverHandler = new EchoServerHandler(this.serverRecvCounter, this.serverNegoCounter, this.serverException);

    /* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslEchoTest$EchoClientHandler.class */
    private class EchoClientHandler extends EchoHandler {
        EchoClientHandler(AtomicInteger atomicInteger, AtomicInteger atomicInteger2, AtomicReference<Throwable> atomicReference) {
            super(atomicInteger, atomicInteger2, atomicReference);
        }

        public void handlerAdded(final ChannelHandlerContext channelHandlerContext) {
            if (SocketSslEchoTest.this.autoRead) {
                return;
            }
            channelHandlerContext.pipeline().get(SslHandler.class).handshakeFuture().addListener(new GenericFutureListener<Future<? super Channel>>() { // from class: io.netty.testsuite.transport.socket.SocketSslEchoTest.EchoClientHandler.1
                public void operationComplete(Future<? super Channel> future) {
                    channelHandlerContext.read();
                }
            });
        }

        public void channelRead0(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf) throws Exception {
            byte[] bArr = new byte[byteBuf.readableBytes()];
            byteBuf.readBytes(bArr);
            int i = this.recvCounter.get();
            for (int i2 = 0; i2 < bArr.length; i2++) {
                Assertions.assertEquals(SocketSslEchoTest.data[i2 + i], bArr[i2]);
            }
            this.recvCounter.addAndGet(bArr.length);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @ChannelHandler.Sharable
    /* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslEchoTest$EchoHandler.class */
    public abstract class EchoHandler extends SimpleChannelInboundHandler<ByteBuf> {
        protected final AtomicInteger recvCounter;
        protected final AtomicInteger negoCounter;
        protected final AtomicReference<Throwable> exception;

        EchoHandler(AtomicInteger atomicInteger, AtomicInteger atomicInteger2, AtomicReference<Throwable> atomicReference) {
            this.recvCounter = atomicInteger;
            this.negoCounter = atomicInteger2;
            this.exception = atomicReference;
        }

        public final void channelReadComplete(ChannelHandlerContext channelHandlerContext) throws Exception {
            if (!SocketSslEchoTest.this.autoRead) {
                channelHandlerContext.read();
            }
            channelHandlerContext.fireChannelReadComplete();
        }

        public final void userEventTriggered(ChannelHandlerContext channelHandlerContext, Object obj) {
            if (obj instanceof SslHandshakeCompletionEvent) {
                SslHandshakeCompletionEvent sslHandshakeCompletionEvent = (SslHandshakeCompletionEvent) obj;
                if (sslHandshakeCompletionEvent.cause() != null) {
                    SocketSslEchoTest.logger.warn("Handshake failed:", sslHandshakeCompletionEvent.cause());
                }
                Assertions.assertSame(SslHandshakeCompletionEvent.SUCCESS, obj);
                this.negoCounter.incrementAndGet();
                SocketSslEchoTest.this.logStats("HANDSHAKEN");
            }
            channelHandlerContext.fireUserEventTriggered(obj);
        }

        public final void exceptionCaught(ChannelHandlerContext channelHandlerContext, Throwable th) throws Exception {
            if (SocketSslEchoTest.logger.isWarnEnabled()) {
                SocketSslEchoTest.logger.warn("Unexpected exception from the client side:", th);
            }
            this.exception.compareAndSet(null, th);
            channelHandlerContext.close();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslEchoTest$EchoServerHandler.class */
    public class EchoServerHandler extends EchoHandler {
        volatile Future<Channel> renegoFuture;

        EchoServerHandler(AtomicInteger atomicInteger, AtomicInteger atomicInteger2, AtomicReference<Throwable> atomicReference) {
            super(atomicInteger, atomicInteger2, atomicReference);
        }

        public final void channelRegistered(ChannelHandlerContext channelHandlerContext) {
            this.renegoFuture = null;
        }

        public void channelActive(ChannelHandlerContext channelHandlerContext) throws Exception {
            if (!SocketSslEchoTest.this.autoRead) {
                channelHandlerContext.read();
            }
            channelHandlerContext.fireChannelActive();
        }

        public void channelRead0(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf) throws Exception {
            byte[] bArr = new byte[byteBuf.readableBytes()];
            byteBuf.readBytes(bArr);
            int i = this.recvCounter.get();
            for (int i2 = 0; i2 < bArr.length; i2++) {
                Assertions.assertEquals(SocketSslEchoTest.data[i2 + i], bArr[i2]);
            }
            ByteBuf randomBufferType = TestsuitePermutation.randomBufferType(channelHandlerContext.alloc(), bArr, 0, bArr.length);
            if (SocketSslEchoTest.this.useCompositeByteBuf) {
                randomBufferType = Unpooled.compositeBuffer().addComponent(true, randomBufferType);
            }
            channelHandlerContext.writeAndFlush(randomBufferType);
            this.recvCounter.addAndGet(bArr.length);
            if (SocketSslEchoTest.this.renegotiation.type == RenegotiationType.SERVER_INITIATED && this.recvCounter.get() > SocketSslEchoTest.data.length / 2 && this.renegoFuture == null) {
                SslHandler sslHandler = channelHandlerContext.pipeline().get(SslHandler.class);
                Future handshakeFuture = sslHandler.handshakeFuture();
                MatcherAssert.assertThat(Boolean.valueOf(handshakeFuture.isDone()), Matchers.is(true));
                sslHandler.engine().setEnabledCipherSuites(new String[]{SocketSslEchoTest.this.renegotiation.cipherSuite});
                SocketSslEchoTest.this.logStats("SERVER RENEGOTIATES");
                this.renegoFuture = sslHandler.renegotiate();
                MatcherAssert.assertThat(this.renegoFuture, Matchers.is(Matchers.not(Matchers.sameInstance(handshakeFuture))));
                MatcherAssert.assertThat(this.renegoFuture, Matchers.is(Matchers.sameInstance(sslHandler.handshakeFuture())));
                MatcherAssert.assertThat(Boolean.valueOf(this.renegoFuture.isDone()), Matchers.is(false));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslEchoTest$Renegotiation.class */
    public static class Renegotiation {
        static final Renegotiation NONE = new Renegotiation(RenegotiationType.NONE, null);
        final RenegotiationType type;
        final String cipherSuite;

        Renegotiation(RenegotiationType renegotiationType, String str) {
            this.type = renegotiationType;
            this.cipherSuite = str;
        }

        public String toString() {
            return this.type == RenegotiationType.NONE ? "NONE" : this.type + "(" + this.cipherSuite + ')';
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslEchoTest$RenegotiationType.class */
    public enum RenegotiationType {
        NONE,
        CLIENT_INITIATED,
        SERVER_INITIATED
    }

    public static Collection<Object[]> data() throws Exception {
        Renegotiation renegotiation;
        ArrayList<SslContext> arrayList = new ArrayList();
        arrayList.add(SslContextBuilder.forServer(CERT_FILE, KEY_FILE).sslProvider(SslProvider.JDK).protocols(new String[]{"TLSv1.2"}).build());
        ArrayList<SslContext> arrayList2 = new ArrayList();
        arrayList2.add(SslContextBuilder.forClient().sslProvider(SslProvider.JDK).trustManager(CERT_FILE).protocols(new String[]{"TLSv1.2"}).endpointIdentificationAlgorithm((String) null).build());
        if (OpenSsl.isAvailable()) {
            arrayList.add(SslContextBuilder.forServer(CERT_FILE, KEY_FILE).sslProvider(SslProvider.OPENSSL).protocols(new String[]{"TLSv1.2"}).build());
            arrayList2.add(SslContextBuilder.forClient().sslProvider(SslProvider.OPENSSL).trustManager(CERT_FILE).protocols(new String[]{"TLSv1.2"}).endpointIdentificationAlgorithm((String) null).build());
        } else {
            logger.warn("OpenSSL is unavailable and thus will not be tested.", OpenSsl.unavailabilityCause());
        }
        ArrayList arrayList3 = new ArrayList();
        for (SslContext sslContext : arrayList) {
            for (SslContext sslContext2 : arrayList2) {
                for (RenegotiationType renegotiationType : RenegotiationType.values()) {
                    if (renegotiationType == RenegotiationType.NONE || (!(sslContext instanceof OpenSslContext) && !(sslContext2 instanceof OpenSslContext))) {
                        switch (renegotiationType) {
                            case NONE:
                                renegotiation = Renegotiation.NONE;
                                break;
                            case SERVER_INITIATED:
                                renegotiation = new Renegotiation(renegotiationType, (String) sslContext.cipherSuites().get(sslContext.cipherSuites().size() - 1));
                                break;
                            case CLIENT_INITIATED:
                                renegotiation = new Renegotiation(renegotiationType, (String) sslContext2.cipherSuites().get(sslContext2.cipherSuites().size() - 1));
                                break;
                            default:
                                throw new Error();
                        }
                        for (int i = 0; i < 32; i++) {
                            Object[] objArr = new Object[8];
                            objArr[0] = sslContext;
                            objArr[1] = sslContext2;
                            objArr[2] = renegotiation;
                            objArr[3] = Boolean.valueOf((i & 16) != 0);
                            objArr[4] = Boolean.valueOf((i & 8) != 0);
                            objArr[5] = Boolean.valueOf((i & 4) != 0);
                            objArr[6] = Boolean.valueOf((i & 2) != 0);
                            objArr[7] = Boolean.valueOf((i & 1) != 0);
                            arrayList3.add(objArr);
                        }
                    }
                }
            }
        }
        return arrayList3;
    }

    @AfterAll
    public static void compressHeapDumps() throws Exception {
        TestUtils.compressHeapDumps();
    }

    @MethodSource({"data"})
    @Timeout(value = 30000, unit = TimeUnit.MILLISECONDS)
    @ParameterizedTest(name = "{index}: serverEngine = {0}, clientEngine = {1}, renegotiation = {2}, serverUsesDelegatedTaskExecutor = {3}, clientUsesDelegatedTaskExecutor = {4}, autoRead = {5}, useChunkedWriteHandler = {6}, useCompositeByteBuf = {7}")
    public void testSslEcho(SslContext sslContext, SslContext sslContext2, Renegotiation renegotiation, boolean z, boolean z2, boolean z3, boolean z4, boolean z5, TestInfo testInfo) throws Throwable {
        this.serverCtx = sslContext;
        this.clientCtx = sslContext2;
        this.serverUsesDelegatedTaskExecutor = z;
        this.clientUsesDelegatedTaskExecutor = z2;
        this.renegotiation = renegotiation;
        this.autoRead = z3;
        this.useChunkedWriteHandler = z4;
        this.useCompositeByteBuf = z5;
        run(testInfo, new AbstractComboTestsuiteTest.Runner<ServerBootstrap, Bootstrap>() { // from class: io.netty.testsuite.transport.socket.SocketSslEchoTest.1
            @Override // io.netty.testsuite.transport.AbstractComboTestsuiteTest.Runner
            public void run(ServerBootstrap serverBootstrap, Bootstrap bootstrap) throws Throwable {
                SocketSslEchoTest.this.testSslEcho(serverBootstrap, bootstrap);
            }
        });
    }

    public void testSslEcho(ServerBootstrap serverBootstrap, Bootstrap bootstrap) throws Throwable {
        final ExecutorService newCachedThreadPool = Executors.newCachedThreadPool();
        reset();
        serverBootstrap.childOption(ChannelOption.AUTO_READ, Boolean.valueOf(this.autoRead));
        bootstrap.option(ChannelOption.AUTO_READ, Boolean.valueOf(this.autoRead));
        serverBootstrap.childHandler(new ChannelInitializer<Channel>() { // from class: io.netty.testsuite.transport.socket.SocketSslEchoTest.2
            public void initChannel(Channel channel) {
                SocketSslEchoTest.this.serverChannel = channel;
                if (SocketSslEchoTest.this.serverUsesDelegatedTaskExecutor) {
                    SocketSslEchoTest.this.serverSslHandler = new SslHandler(SocketSslEchoTest.this.serverCtx.newEngine(channel.alloc()), newCachedThreadPool);
                } else {
                    SocketSslEchoTest.this.serverSslHandler = SocketSslEchoTest.this.serverCtx.newHandler(channel.alloc());
                }
                SocketSslEchoTest.this.serverSslHandler.setHandshakeTimeoutMillis(0L);
                channel.pipeline().addLast("ssl", SocketSslEchoTest.this.serverSslHandler);
                if (SocketSslEchoTest.this.useChunkedWriteHandler) {
                    channel.pipeline().addLast(new ChannelHandler[]{new ChunkedWriteHandler()});
                }
                channel.pipeline().addLast("serverHandler", SocketSslEchoTest.this.serverHandler);
            }
        });
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        bootstrap.handler(new ChannelInitializer<Channel>() { // from class: io.netty.testsuite.transport.socket.SocketSslEchoTest.3
            public void initChannel(Channel channel) {
                SocketSslEchoTest.this.clientChannel = channel;
                if (SocketSslEchoTest.this.clientUsesDelegatedTaskExecutor) {
                    SocketSslEchoTest.this.clientSslHandler = new SslHandler(SocketSslEchoTest.this.clientCtx.newEngine(channel.alloc()), newCachedThreadPool);
                } else {
                    SocketSslEchoTest.this.clientSslHandler = SocketSslEchoTest.this.clientCtx.newHandler(channel.alloc());
                }
                SocketSslEchoTest.this.clientSslHandler.setHandshakeTimeoutMillis(0L);
                channel.pipeline().addLast("ssl", SocketSslEchoTest.this.clientSslHandler);
                if (SocketSslEchoTest.this.useChunkedWriteHandler) {
                    channel.pipeline().addLast(new ChannelHandler[]{new ChunkedWriteHandler()});
                }
                channel.pipeline().addLast("clientHandler", SocketSslEchoTest.this.clientHandler);
                channel.pipeline().addLast(new ChannelHandler[]{new ChannelInboundHandlerAdapter() { // from class: io.netty.testsuite.transport.socket.SocketSslEchoTest.3.1
                    public void userEventTriggered(ChannelHandlerContext channelHandlerContext, Object obj) {
                        if (obj instanceof SslHandshakeCompletionEvent) {
                            countDownLatch.countDown();
                        }
                        channelHandlerContext.fireUserEventTriggered(obj);
                    }
                }});
            }
        });
        Channel channel = serverBootstrap.bind().sync().channel();
        bootstrap.connect(channel.localAddress()).sync();
        Future handshakeFuture = this.clientSslHandler.handshakeFuture();
        handshakeFuture.sync();
        countDownLatch.await();
        this.clientChannel.writeAndFlush(TestsuitePermutation.randomBufferType(this.clientChannel.alloc(), data, 0, FIRST_MESSAGE_SIZE));
        this.clientSendCounter.set(FIRST_MESSAGE_SIZE);
        boolean z = this.renegotiation.type == RenegotiationType.CLIENT_INITIATED;
        Future future = null;
        while (this.clientSendCounter.get() < data.length) {
            int i = this.clientSendCounter.get();
            int min = Math.min(random.nextInt(65536), data.length - i);
            ByteBuf randomBufferType = TestsuitePermutation.randomBufferType(this.clientChannel.alloc(), data, i, min);
            if (this.useCompositeByteBuf) {
                randomBufferType = Unpooled.compositeBuffer().addComponent(true, randomBufferType);
            }
            ChannelFuture writeAndFlush = this.clientChannel.writeAndFlush(randomBufferType);
            int i2 = i + min;
            this.clientSendCounter.set(i2);
            writeAndFlush.sync();
            if (z && i2 >= data.length / 2) {
                z = false;
                this.clientSslHandler.engine().setEnabledCipherSuites(new String[]{this.renegotiation.cipherSuite});
                future = this.clientSslHandler.renegotiate();
                logStats("CLIENT RENEGOTIATES");
                MatcherAssert.assertThat(future, Matchers.is(Matchers.not(Matchers.sameInstance(handshakeFuture))));
            }
        }
        while (this.clientRecvCounter.get() < data.length && this.serverException.get() == null && this.clientException.get() == null) {
            Thread.sleep(50L);
        }
        while (this.serverRecvCounter.get() < data.length && this.serverException.get() == null && this.clientException.get() == null) {
            Thread.sleep(50L);
        }
        if (future != null) {
            future.sync();
        }
        if (this.serverHandler.renegoFuture != null) {
            this.serverHandler.renegoFuture.sync();
        }
        this.serverChannel.close().awaitUninterruptibly();
        this.clientChannel.close().awaitUninterruptibly();
        channel.close().awaitUninterruptibly();
        newCachedThreadPool.shutdown();
        if (this.serverException.get() != null && !(this.serverException.get() instanceof IOException)) {
            throw this.serverException.get();
        }
        if (this.clientException.get() != null && !(this.clientException.get() instanceof IOException)) {
            throw this.clientException.get();
        }
        if (this.serverException.get() != null) {
            throw this.serverException.get();
        }
        if (this.clientException.get() != null) {
            throw this.clientException.get();
        }
        try {
            switch (this.renegotiation.type) {
                case NONE:
                    MatcherAssert.assertThat(Integer.valueOf(this.serverNegoCounter.get()), Matchers.is(1));
                    MatcherAssert.assertThat(Integer.valueOf(this.clientNegoCounter.get()), Matchers.is(1));
                    break;
                case SERVER_INITIATED:
                    MatcherAssert.assertThat(this.serverSslHandler.engine().getSession().getCipherSuite(), Matchers.is(this.renegotiation.cipherSuite));
                    MatcherAssert.assertThat(Integer.valueOf(this.serverNegoCounter.get()), Matchers.is(2));
                    MatcherAssert.assertThat(Integer.valueOf(this.clientNegoCounter.get()), Matchers.anyOf(Matchers.is(1), Matchers.is(2)));
                    break;
                case CLIENT_INITIATED:
                    MatcherAssert.assertThat(Integer.valueOf(this.serverNegoCounter.get()), Matchers.anyOf(Matchers.is(1), Matchers.is(2)));
                    MatcherAssert.assertThat(this.clientSslHandler.engine().getSession().getCipherSuite(), Matchers.is(this.renegotiation.cipherSuite));
                    MatcherAssert.assertThat(Integer.valueOf(this.clientNegoCounter.get()), Matchers.is(2));
                    break;
            }
        } finally {
            logStats("STATS");
        }
    }

    private void reset() {
        this.clientException.set(null);
        this.serverException.set(null);
        this.clientSendCounter.set(0);
        this.clientRecvCounter.set(0);
        this.serverRecvCounter.set(0);
        this.clientNegoCounter.set(0);
        this.serverNegoCounter.set(0);
        this.clientChannel = null;
        this.serverChannel = null;
        this.clientSslHandler = null;
        this.serverSslHandler = null;
    }

    void logStats(String str) {
        logger.debug("{}:\n\tclient { sent: {}, rcvd: {}, nego: {}, cipher: {} },\n\tserver { rcvd: {}, nego: {}, cipher: {} }", new Object[]{str, this.clientSendCounter, this.clientRecvCounter, this.clientNegoCounter, this.clientSslHandler.engine().getSession().getCipherSuite(), this.serverRecvCounter, this.serverNegoCounter, this.serverSslHandler.engine().getSession().getCipherSuite()});
    }

    static {
        random.nextBytes(data);
        try {
            X509Bundle buildSelfSigned = new CertificateBuilder().rsa2048().subject("cn=localhost").setIsCertificateAuthority(true).buildSelfSigned();
            CERT_FILE = buildSelfSigned.toTempCertChainPem();
            KEY_FILE = buildSelfSigned.toTempPrivateKeyPem();
        } catch (Exception e) {
            throw new ExceptionInInitializerError(e);
        }
    }
}
