package io.netty.testsuite.transport.socket;

import io.netty.bootstrap.Bootstrap;
import io.netty.bootstrap.ServerBootstrap;
import io.netty.buffer.ByteBuf;
import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInitializer;
import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.handler.codec.DecoderException;
import io.netty.handler.ssl.JdkSslClientContext;
import io.netty.handler.ssl.OpenSsl;
import io.netty.handler.ssl.OpenSslServerContext;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslHandshakeCompletionEvent;
import io.netty.handler.ssl.util.SelfSignedCertificate;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.io.File;
import java.nio.channels.ClosedChannelException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.concurrent.atomic.AtomicReference;
import javax.net.ssl.SSLHandshakeException;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
/* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslClientRenegotiateTest.class */
public class SocketSslClientRenegotiateTest extends AbstractSocketTest {
    private static final InternalLogger logger = InternalLoggerFactory.getInstance(SocketSslClientRenegotiateTest.class);
    private static final File CERT_FILE;
    private static final File KEY_FILE;
    private final SslContext serverCtx;
    private final SslContext clientCtx;
    private volatile Channel clientChannel;
    private volatile Channel serverChannel;
    private volatile SslHandler clientSslHandler;
    private volatile SslHandler serverSslHandler;
    private final AtomicReference<Throwable> clientException = new AtomicReference<>();
    private final AtomicReference<Throwable> serverException = new AtomicReference<>();
    private final TestHandler clientHandler = new TestHandler(this.clientException);
    private final TestHandler serverHandler = new TestHandler(this.serverException);

    /* JADX INFO: Access modifiers changed from: private */
    @ChannelHandler.Sharable
    /* loaded from: input_file:io/netty/testsuite/transport/socket/SocketSslClientRenegotiateTest$TestHandler.class */
    public static final class TestHandler extends SimpleChannelInboundHandler<ByteBuf> {
        protected final AtomicReference<Throwable> exception;
        private int handshakeCounter;

        TestHandler(AtomicReference<Throwable> atomicReference) {
            this.exception = atomicReference;
        }

        public void channelReadComplete(ChannelHandlerContext channelHandlerContext) throws Exception {
            channelHandlerContext.flush();
        }

        public void exceptionCaught(ChannelHandlerContext channelHandlerContext, Throwable th) throws Exception {
            this.exception.compareAndSet(null, th);
            channelHandlerContext.close();
        }

        public void userEventTriggered(ChannelHandlerContext channelHandlerContext, Object obj) throws Exception {
            if (obj instanceof SslHandshakeCompletionEvent) {
                SslHandshakeCompletionEvent sslHandshakeCompletionEvent = (SslHandshakeCompletionEvent) obj;
                if (this.handshakeCounter != 0) {
                    if (channelHandlerContext.channel().parent() == null) {
                        Assert.assertTrue(sslHandshakeCompletionEvent.cause() instanceof ClosedChannelException);
                    }
                } else {
                    this.handshakeCounter++;
                    if (sslHandshakeCompletionEvent.cause() != null) {
                        SocketSslClientRenegotiateTest.logger.warn("Handshake failed:", sslHandshakeCompletionEvent.cause());
                    }
                    Assert.assertSame(SslHandshakeCompletionEvent.SUCCESS, obj);
                }
            }
        }

        public void channelRead0(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf) throws Exception {
        }
    }

    @Parameterized.Parameters(name = "{index}: serverEngine = {0}, clientEngine = {1}")
    public static Collection<Object[]> data() throws Exception {
        ArrayList<SslContext> arrayList = new ArrayList();
        ArrayList<SslContext> arrayList2 = new ArrayList();
        arrayList2.add(new JdkSslClientContext(CERT_FILE));
        if (OpenSsl.isAvailable()) {
            arrayList.add(new OpenSslServerContext(CERT_FILE, KEY_FILE));
        } else {
            logger.warn("OpenSSL is unavailable and thus will not be tested.", OpenSsl.unavailabilityCause());
        }
        ArrayList arrayList3 = new ArrayList();
        for (SslContext sslContext : arrayList) {
            for (SslContext sslContext2 : arrayList2) {
                for (int i = 0; i < 32; i++) {
                    arrayList3.add(new Object[]{sslContext, sslContext2});
                }
            }
        }
        return arrayList3;
    }

    public SocketSslClientRenegotiateTest(SslContext sslContext, SslContext sslContext2) {
        this.serverCtx = sslContext;
        this.clientCtx = sslContext2;
    }

    @Test(timeout = 30000)
    public void testSslRenegotiationRejected() throws Throwable {
        Assume.assumeFalse("BoringSSL".equals(OpenSsl.versionString()));
        Assume.assumeTrue(OpenSsl.isAvailable());
        run();
    }

    public void testSslRenegotiationRejected(ServerBootstrap serverBootstrap, Bootstrap bootstrap) throws Throwable {
        reset();
        serverBootstrap.childHandler(new ChannelInitializer<Channel>() { // from class: io.netty.testsuite.transport.socket.SocketSslClientRenegotiateTest.1
            public void initChannel(Channel channel) throws Exception {
                SocketSslClientRenegotiateTest.this.serverChannel = channel;
                SocketSslClientRenegotiateTest.this.serverSslHandler = SocketSslClientRenegotiateTest.this.serverCtx.newHandler(channel.alloc());
                channel.pipeline().addLast("ssl", SocketSslClientRenegotiateTest.this.serverSslHandler);
                channel.pipeline().addLast("handler", SocketSslClientRenegotiateTest.this.serverHandler);
            }
        });
        bootstrap.handler(new ChannelInitializer<Channel>() { // from class: io.netty.testsuite.transport.socket.SocketSslClientRenegotiateTest.2
            public void initChannel(Channel channel) throws Exception {
                SocketSslClientRenegotiateTest.this.clientChannel = channel;
                SocketSslClientRenegotiateTest.this.clientSslHandler = SocketSslClientRenegotiateTest.this.clientCtx.newHandler(channel.alloc());
                channel.pipeline().addLast("ssl", SocketSslClientRenegotiateTest.this.clientSslHandler);
                channel.pipeline().addLast("handler", SocketSslClientRenegotiateTest.this.clientHandler);
            }
        });
        Channel channel = serverBootstrap.bind().sync().channel();
        bootstrap.connect(channel.localAddress()).sync();
        this.clientSslHandler.handshakeFuture().sync();
        this.clientSslHandler.engine().setEnabledCipherSuites(new String[]{this.clientSslHandler.engine().getEnabledCipherSuites()[0]});
        this.clientSslHandler.renegotiate().await();
        this.serverChannel.close().awaitUninterruptibly();
        this.clientChannel.close().awaitUninterruptibly();
        channel.close().awaitUninterruptibly();
        try {
        } catch (DecoderException e) {
            Assert.assertTrue(e.getCause() instanceof SSLHandshakeException);
        }
        if (this.serverException.get() != null) {
            throw this.serverException.get();
        }
        Assert.fail();
        if (this.clientException.get() != null) {
            throw this.clientException.get();
        }
    }

    private void reset() {
        this.clientException.set(null);
        this.serverException.set(null);
        this.clientHandler.handshakeCounter = 0;
        this.serverHandler.handshakeCounter = 0;
        this.clientChannel = null;
        this.serverChannel = null;
        this.clientSslHandler = null;
        this.serverSslHandler = null;
    }

    static {
        try {
            SelfSignedCertificate selfSignedCertificate = new SelfSignedCertificate();
            CERT_FILE = selfSignedCertificate.certificate();
            KEY_FILE = selfSignedCertificate.privateKey();
        } catch (CertificateException e) {
            throw new Error(e);
        }
    }
}
