package io.vertx.core.net;

import io.netty.buffer.ByteBufAllocator;
import io.netty.handler.ssl.OpenSsl;
import io.netty.handler.ssl.OpenSslServerSessionContext;
import io.vertx.core.http.HttpClientOptions;
import io.vertx.core.http.HttpServerOptions;
import io.vertx.core.net.impl.SSLHelper;
import io.vertx.core.net.impl.SslContextProvider;
import io.vertx.test.core.VertxTestBase;
import io.vertx.test.tls.Cert;
import io.vertx.test.tls.Trust;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.function.Consumer;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import org.junit.Test;

/* loaded from: input_file:io/vertx/core/net/SSLHelperTest.class */
public class SSLHelperTest extends VertxTestBase {
    @Test
    public void testUseJdkCiphersWhenNotSpecified() throws Exception {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, null, null);
        String[] enabledCipherSuites = sSLContext.createSSLEngine().getEnabledCipherSuites();
        new SSLHelper(new HttpClientOptions().setKeyStoreOptions((JksOptions) Cert.CLIENT_JKS.get()).setTrustOptions((TrustOptions) Trust.SERVER_JKS.get()), (List) null).buildContextProvider(new SSLOptions().setKeyCertOptions((KeyCertOptions) Cert.CLIENT_JKS.get()).setTrustOptions((TrustOptions) Trust.SERVER_JKS.get()), this.vertx.getOrCreateContext()).onComplete(onSuccess(sslContextProvider -> {
            assertEquals(new HashSet(Arrays.asList(enabledCipherSuites)), new HashSet(sslContextProvider.createContext(false, false).cipherSuites()));
            testComplete();
        }));
        await();
    }

    @Test
    public void testUseOpenSSLCiphersWhenNotSpecified() throws Exception {
        Set availableOpenSslCipherSuites = OpenSsl.availableOpenSslCipherSuites();
        new SSLHelper(new HttpClientOptions().setOpenSslEngineOptions(new OpenSSLEngineOptions()).setPemKeyCertOptions((PemKeyCertOptions) Cert.CLIENT_PEM.get()).setTrustOptions((TrustOptions) Trust.SERVER_PEM.get()), (List) null).buildContextProvider(new SSLOptions().setKeyCertOptions((KeyCertOptions) Cert.CLIENT_PEM.get()).setTrustOptions((TrustOptions) Trust.SERVER_PEM.get()), this.vertx.getOrCreateContext()).onComplete(onSuccess(sslContextProvider -> {
            assertEquals(availableOpenSslCipherSuites, new HashSet(sslContextProvider.createContext(false, false).cipherSuites()));
            testComplete();
        }));
        await();
    }

    @Test
    public void testDefaultOpenSslServerSessionContext() throws Exception {
        testOpenSslServerSessionContext(true);
    }

    @Test
    public void testUserSetOpenSslServerSessionContext() throws Exception {
        testOpenSslServerSessionContext(false);
    }

    private void testOpenSslServerSessionContext(boolean z) {
        HttpServerOptions openSslEngineOptions = new HttpServerOptions().setOpenSslEngineOptions(new OpenSSLEngineOptions());
        if (!z) {
            openSslEngineOptions.setOpenSslEngineOptions(new OpenSSLEngineOptions().setSessionCacheEnabled(false));
        }
        new SSLHelper(openSslEngineOptions.setPemKeyCertOptions((PemKeyCertOptions) Cert.SERVER_PEM.get()).setTrustOptions((TrustOptions) Trust.SERVER_PEM.get()), (List) null).buildContextProvider(openSslEngineOptions.getSslOptions(), this.vertx.getOrCreateContext()).onComplete(onSuccess(sslContextProvider -> {
            OpenSslServerSessionContext sessionContext = sslContextProvider.createContext(true, false).sessionContext();
            assertTrue(sessionContext instanceof OpenSslServerSessionContext);
            if (sessionContext instanceof OpenSslServerSessionContext) {
                assertEquals(Boolean.valueOf(z), Boolean.valueOf(sessionContext.isSessionCacheEnabled()));
            }
            testComplete();
        }));
        await();
    }

    @Test
    public void testPreserveEnabledCipherSuitesOrder() throws Exception {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, null, null);
        SSLEngine createSSLEngine = sSLContext.createSSLEngine();
        HttpServerOptions httpServerOptions = new HttpServerOptions();
        for (String str : createSSLEngine.getEnabledCipherSuites()) {
            httpServerOptions.addEnabledCipherSuite(str);
        }
        assertEquals(new ArrayList(httpServerOptions.getEnabledCipherSuites()), Arrays.asList(createSSLEngine.getEnabledCipherSuites()));
        assertEquals(new ArrayList(new HttpServerOptions(httpServerOptions).getEnabledCipherSuites()), Arrays.asList(createSSLEngine.getEnabledCipherSuites()));
        assertEquals(new ArrayList(new HttpServerOptions(httpServerOptions.toJson()).getEnabledCipherSuites()), Arrays.asList(createSSLEngine.getEnabledCipherSuites()));
        new SSLHelper(httpServerOptions.setKeyCertOptions((KeyCertOptions) Cert.SERVER_JKS.get()), (List) null).buildContextProvider(httpServerOptions.getSslOptions(), this.vertx.getOrCreateContext()).onComplete(onSuccess(sslContextProvider -> {
            assertEquals(new HashSet(Arrays.asList(createEngine(sslContextProvider).getEnabledCipherSuites())), new HashSet(Arrays.asList(createSSLEngine.getEnabledCipherSuites())));
            testComplete();
        }));
        await();
    }

    @Test
    public void testPreserveEnabledSecureTransportProtocolOrder() throws Exception {
        HttpServerOptions httpServerOptions = new HttpServerOptions();
        ArrayList arrayList = new ArrayList(httpServerOptions.getEnabledSecureTransportProtocols());
        httpServerOptions.removeEnabledSecureTransportProtocol("TLSv1");
        httpServerOptions.addEnabledSecureTransportProtocol("SSLv3");
        arrayList.remove("TLSv1");
        arrayList.add("SSLv3");
        assertEquals(new ArrayList(httpServerOptions.getEnabledSecureTransportProtocols()), arrayList);
        assertEquals(new ArrayList(new HttpServerOptions(httpServerOptions).getEnabledSecureTransportProtocols()), arrayList);
        assertEquals(new ArrayList(new HttpServerOptions(httpServerOptions.toJson()).getEnabledSecureTransportProtocols()), arrayList);
    }

    @Test
    public void testDefaultVersions() {
        testTLSVersions(new HttpServerOptions(), sSLEngine -> {
            List asList = Arrays.asList(sSLEngine.getEnabledProtocols());
            assertEquals(2L, asList.size());
            assertTrue(asList.contains("TLSv1.2"));
            assertTrue(asList.contains("TLSv1.3"));
        });
    }

    @Test
    public void testSetVersion() {
        testTLSVersions(new HttpServerOptions().setEnabledSecureTransportProtocols(new HashSet(Arrays.asList("TLSv1.3"))), sSLEngine -> {
            List asList = Arrays.asList(sSLEngine.getEnabledProtocols());
            assertEquals(1L, asList.size());
            assertTrue(asList.contains("TLSv1.3"));
        });
    }

    @Test
    public void testSetVersions() {
        testTLSVersions(new HttpServerOptions().setEnabledSecureTransportProtocols(new HashSet(Arrays.asList("TLSv1", "TLSv1.3"))), sSLEngine -> {
            List asList = Arrays.asList(sSLEngine.getEnabledProtocols());
            assertEquals(2L, asList.size());
            assertTrue(asList.contains("TLSv1"));
            assertTrue(asList.contains("TLSv1.3"));
        });
    }

    private void testTLSVersions(HttpServerOptions httpServerOptions, Consumer<SSLEngine> consumer) {
        new SSLHelper(httpServerOptions.setSsl(true).setKeyCertOptions((KeyCertOptions) Cert.SERVER_JKS.get()), (List) null).buildContextProvider(httpServerOptions.getSslOptions(), this.vertx.getOrCreateContext()).onComplete(onSuccess(sslContextProvider -> {
            consumer.accept(createEngine(sslContextProvider));
            testComplete();
        }));
        await();
    }

    public SSLEngine createEngine(SslContextProvider sslContextProvider) {
        return sslContextProvider.createContext(false, false).newEngine(ByteBufAllocator.DEFAULT);
    }
}
