package org.bouncycastle.jsse.provider.test;

import java.security.SecureRandom;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;
import junit.framework.TestCase;
import org.bouncycastle.jsse.BCSSLConnection;
import org.bouncycastle.jsse.BCSSLParameters;
import org.bouncycastle.jsse.BCSSLSocket;
import org.bouncycastle.jsse.provider.test.TestProtocolUtil;
import org.bouncycastle.util.Arrays;

/* loaded from: input_file:org/bouncycastle/jsse/provider/test/CipherSuitesTestCase.class */
public class CipherSuitesTestCase extends TestCase {
    protected final CipherSuitesTestConfig config;
    private static final String HOST = "localhost";
    private static final AtomicInteger PORT_NO = new AtomicInteger(9100);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/bouncycastle/jsse/provider/test/CipherSuitesTestCase$SimpleClient.class */
    public static class SimpleClient implements TestProtocolUtil.BlockingCallable {
        private final SSLContext clientContext;
        private final int port;
        private final CipherSuitesTestConfig config;
        private byte[] tlsUnique = null;
        private final CountDownLatch latch = new CountDownLatch(1);

        SimpleClient(SSLContext sSLContext, int i, CipherSuitesTestConfig cipherSuitesTestConfig) {
            this.clientContext = sSLContext;
            this.port = i;
            this.config = cipherSuitesTestConfig;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public Exception call() throws Exception {
            try {
                BCSSLSocket bCSSLSocket = (SSLSocket) this.clientContext.getSocketFactory().createSocket(CipherSuitesTestCase.HOST, this.port);
                bCSSLSocket.setEnabledCipherSuites(new String[]{this.config.cipherSuite});
                bCSSLSocket.setEnabledProtocols(new String[]{this.config.protocol});
                if (bCSSLSocket instanceof BCSSLSocket) {
                    BCSSLSocket bCSSLSocket2 = bCSSLSocket;
                    BCSSLParameters bCSSLParameters = new BCSSLParameters();
                    bCSSLParameters.setApplicationProtocols(new String[]{"http/1.1", "h2"});
                    bCSSLSocket2.setParameters(bCSSLParameters);
                    BCSSLConnection connection = bCSSLSocket2.getConnection();
                    if (connection != null) {
                        System.out.println("Client ALPN: '" + connection.getApplicationProtocol() + "'");
                    }
                }
                this.tlsUnique = TestUtils.getChannelBinding((SSLSocket) bCSSLSocket, "tls-unique");
                TestProtocolUtil.doClientProtocol(bCSSLSocket, "Hello");
                this.latch.countDown();
                return null;
            } catch (Throwable th) {
                this.latch.countDown();
                throw th;
            }
        }

        @Override // org.bouncycastle.jsse.provider.test.TestProtocolUtil.BlockingCallable
        public void await() throws InterruptedException {
            this.latch.await();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/bouncycastle/jsse/provider/test/CipherSuitesTestCase$SimpleServer.class */
    public static class SimpleServer implements TestProtocolUtil.BlockingCallable {
        private final SSLContext serverContext;
        private final int port;
        private final CipherSuitesTestConfig config;
        private byte[] tlsUnique = null;
        private final CountDownLatch latch = new CountDownLatch(1);

        SimpleServer(SSLContext sSLContext, int i, CipherSuitesTestConfig cipherSuitesTestConfig) {
            this.serverContext = sSLContext;
            this.port = i;
            this.config = cipherSuitesTestConfig;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public Exception call() throws Exception {
            try {
                SSLServerSocket sSLServerSocket = (SSLServerSocket) this.serverContext.getServerSocketFactory().createServerSocket(this.port);
                sSLServerSocket.setEnabledCipherSuites(new String[]{this.config.cipherSuite});
                sSLServerSocket.setEnabledProtocols(new String[]{this.config.protocol});
                this.latch.countDown();
                BCSSLSocket bCSSLSocket = (SSLSocket) sSLServerSocket.accept();
                bCSSLSocket.setUseClientMode(false);
                if (bCSSLSocket instanceof BCSSLSocket) {
                    BCSSLSocket bCSSLSocket2 = bCSSLSocket;
                    BCSSLParameters bCSSLParameters = new BCSSLParameters();
                    bCSSLParameters.setApplicationProtocols(new String[]{"h2", "http/1.1"});
                    bCSSLSocket2.setParameters(bCSSLParameters);
                    BCSSLConnection connection = bCSSLSocket2.getConnection();
                    if (connection != null) {
                        System.out.println("Server ALPN: '" + connection.getApplicationProtocol() + "'");
                    }
                }
                this.tlsUnique = TestUtils.getChannelBinding((SSLSocket) bCSSLSocket, "tls-unique");
                TestProtocolUtil.doServerProtocol(bCSSLSocket, "World");
                bCSSLSocket.close();
                sSLServerSocket.close();
                this.latch.countDown();
                return null;
            } catch (Throwable th) {
                this.latch.countDown();
                throw th;
            }
        }

        @Override // org.bouncycastle.jsse.provider.test.TestProtocolUtil.BlockingCallable
        public void await() throws InterruptedException {
            this.latch.await();
        }
    }

    private static String getName(CipherSuitesTestConfig cipherSuitesTestConfig) {
        String str = cipherSuitesTestConfig.category;
        return ((null == str || str.length() < 1) ? "" : str + " ") + cipherSuitesTestConfig.protocol + " : " + cipherSuitesTestConfig.cipherSuite;
    }

    public CipherSuitesTestCase(String str) {
        super(str);
        this.config = null;
    }

    public CipherSuitesTestCase(CipherSuitesTestConfig cipherSuitesTestConfig) {
        super(getName(cipherSuitesTestConfig));
        this.config = cipherSuitesTestConfig;
    }

    protected void setUp() {
        if (this.config != null) {
            ProviderUtils.setupHighPriority(this.config.fips);
        }
    }

    public void testDummy() {
    }

    protected void runTest() throws Throwable {
        if (this.config == null) {
            return;
        }
        int incrementAndGet = PORT_NO.incrementAndGet();
        SSLContext createClientContext = createClientContext();
        SSLContext createServerContext = createServerContext();
        runTestConnection(incrementAndGet, createClientContext, createServerContext);
        runTestConnection(incrementAndGet, createClientContext, createServerContext);
    }

    private void runTestConnection(int i, SSLContext sSLContext, SSLContext sSLContext2) throws Throwable {
        SimpleClient simpleClient = new SimpleClient(sSLContext, i, this.config);
        SimpleServer simpleServer = new SimpleServer(sSLContext2, i, this.config);
        TestProtocolUtil.runClientAndServer(simpleServer, simpleClient);
        if (TestUtils.isTlsUniqueProtocol(this.config.protocol)) {
            TestCase.assertNotNull(simpleClient.tlsUnique);
            TestCase.assertNotNull(simpleServer.tlsUnique);
        }
        TestCase.assertTrue(Arrays.areEqual(simpleClient.tlsUnique, simpleServer.tlsUnique));
    }

    private SSLContext createClientContext() throws Exception {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", "BCJSSE");
        trustManagerFactory.init(this.config.clientTrustStore);
        SSLContext sSLContext = SSLContext.getInstance("TLS", "BCJSSE");
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), SecureRandom.getInstance("DEFAULT", "BC"));
        return sSLContext;
    }

    private SSLContext createServerContext() throws Exception {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", "BCJSSE");
        keyManagerFactory.init(this.config.serverKeyStore, this.config.serverPassword);
        SSLContext sSLContext = SSLContext.getInstance("TLS", "BCJSSE");
        sSLContext.init(keyManagerFactory.getKeyManagers(), null, SecureRandom.getInstance("DEFAULT", "BC"));
        return sSLContext;
    }
}
