package org.eclipse.jetty.server.ssl;

import java.io.IOException;
import java.net.Socket;
import java.nio.channels.SelectionKey;
import java.nio.channels.SocketChannel;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicLong;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.http.ssl.SslContextFactory;
import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.io.nio.SelectChannelEndPoint;
import org.eclipse.jetty.io.nio.SelectorManager;
import org.eclipse.jetty.io.nio.SslSelectChannelEndPoint;
import org.eclipse.jetty.server.AsyncHttpConnection;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;

/* loaded from: input_file:org/eclipse/jetty/server/ssl/SslTruncationAttackTest.class */
public class SslTruncationAttackTest {
    private Server server;
    private SslSelectChannelConnector connector;
    private SSLContext sslContext;
    private AtomicBoolean endPointClosed;
    private AtomicLong handleCount;

    /* loaded from: input_file:org/eclipse/jetty/server/ssl/SslTruncationAttackTest$EmptyHandler.class */
    private class EmptyHandler extends AbstractHandler {
        private EmptyHandler() {
        }

        public void handle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
            request.setHandled(true);
        }
    }

    @Before
    public void initServer() throws Exception {
        this.handleCount = new AtomicLong();
        this.endPointClosed = new AtomicBoolean();
        this.server = new Server();
        this.connector = new SslSelectChannelConnector() { // from class: org.eclipse.jetty.server.ssl.SslTruncationAttackTest.1
            protected SelectChannelEndPoint newEndPoint(SocketChannel socketChannel, SelectorManager.SelectSet selectSet, SelectionKey selectionKey) throws IOException {
                return new SslSelectChannelEndPoint(getSslBuffers(), socketChannel, selectSet, selectionKey, createSSLEngine(socketChannel)) { // from class: org.eclipse.jetty.server.ssl.SslTruncationAttackTest.1.1
                    public void close() throws IOException {
                        SslTruncationAttackTest.this.endPointClosed.compareAndSet(false, true);
                        super.close();
                    }
                };
            }

            protected Connection newConnection(SocketChannel socketChannel, SelectChannelEndPoint selectChannelEndPoint) {
                AsyncHttpConnection asyncHttpConnection = new AsyncHttpConnection(this, selectChannelEndPoint, SslTruncationAttackTest.this.server) { // from class: org.eclipse.jetty.server.ssl.SslTruncationAttackTest.1.2
                    public Connection handle() throws IOException {
                        SslTruncationAttackTest.this.handleCount.incrementAndGet();
                        return super.handle();
                    }
                };
                asyncHttpConnection.getParser().setForceContentBuffer(true);
                return asyncHttpConnection;
            }
        };
        this.server.addConnector(this.connector);
        String str = System.getProperty("basedir", ".") + "/src/test/resources/keystore";
        SslContextFactory sslContextFactory = this.connector.getSslContextFactory();
        sslContextFactory.setKeyStore(str);
        sslContextFactory.setKeyStorePassword("storepwd");
        sslContextFactory.setKeyManagerPassword("keypwd");
        sslContextFactory.setTrustStore(str);
        sslContextFactory.setTrustStorePassword("storepwd");
        this.server.setHandler(new EmptyHandler());
        this.server.start();
        this.sslContext = sslContextFactory.getSslContext();
    }

    @After
    public void destroyServer() throws Exception {
        this.server.stop();
        this.server.join();
    }

    @Test
    public void testTruncationAttackAfterReading() throws Exception {
        Socket socket = new Socket("localhost", this.connector.getLocalPort());
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(socket, socket.getInetAddress().getHostName(), socket.getPort(), true);
        sSLSocket.setUseClientMode(true);
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        sSLSocket.addHandshakeCompletedListener(new HandshakeCompletedListener() { // from class: org.eclipse.jetty.server.ssl.SslTruncationAttackTest.2
            @Override // javax.net.ssl.HandshakeCompletedListener
            public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                countDownLatch.countDown();
            }
        });
        sSLSocket.startHandshake();
        Assert.assertTrue(countDownLatch.await(1L, TimeUnit.SECONDS));
        sSLSocket.getOutputStream().write(("GET / HTTP/1.1\r\nHost: localhost:" + this.connector.getLocalPort() + "\r\n\r\n").getBytes("UTF-8"));
        byte[] bArr = new byte[1024];
        StringBuilder sb = new StringBuilder();
        sSLSocket.setSoTimeout(1000);
        do {
            sb.append(new String(bArr, 0, sSLSocket.getInputStream().read(bArr), "UTF-8"));
        } while (sb.indexOf("\r\n\r\n") < 0);
        this.handleCount.set(0L);
        socket.close();
        TimeUnit.SECONDS.sleep(1L);
        Assert.assertTrue("handle() invocations", this.handleCount.get() <= 1);
        Assert.assertTrue("endpoint not closed", this.endPointClosed.get());
    }

    @Test
    @Ignore
    public void testTruncationAttackBeforeReading() throws Exception {
        Socket socket = new Socket("localhost", this.connector.getLocalPort());
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(socket, socket.getInetAddress().getHostName(), socket.getPort(), true);
        sSLSocket.setUseClientMode(true);
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        sSLSocket.addHandshakeCompletedListener(new HandshakeCompletedListener() { // from class: org.eclipse.jetty.server.ssl.SslTruncationAttackTest.3
            @Override // javax.net.ssl.HandshakeCompletedListener
            public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                countDownLatch.countDown();
            }
        });
        sSLSocket.startHandshake();
        Assert.assertTrue(countDownLatch.await(1L, TimeUnit.SECONDS));
        sSLSocket.getOutputStream().write(("GET / HTTP/1.1\r\nHost: localhost:" + this.connector.getLocalPort() + "\r\n\r\n").getBytes("UTF-8"));
        this.handleCount.set(0L);
        socket.close();
        TimeUnit.SECONDS.sleep(1L);
        Assert.assertEquals("handle() invocations", 1L, this.handleCount.get());
        Assert.assertTrue("endpoint not closed", this.endPointClosed.get());
    }

    @Test
    public void testTruncationAttackAfterHandshake() throws Exception {
        Socket socket = new Socket("localhost", this.connector.getLocalPort());
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(socket, socket.getInetAddress().getHostName(), socket.getPort(), true);
        sSLSocket.setUseClientMode(true);
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        sSLSocket.addHandshakeCompletedListener(new HandshakeCompletedListener() { // from class: org.eclipse.jetty.server.ssl.SslTruncationAttackTest.4
            @Override // javax.net.ssl.HandshakeCompletedListener
            public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                countDownLatch.countDown();
            }
        });
        sSLSocket.startHandshake();
        Assert.assertTrue(countDownLatch.await(1L, TimeUnit.SECONDS));
        this.handleCount.set(0L);
        socket.close();
        TimeUnit.SECONDS.sleep(1L);
        Assert.assertEquals("handle() invocations", 1L, this.handleCount.get());
        Assert.assertTrue("endpoint not closed", this.endPointClosed.get());
    }

    @Test
    public void testTruncationAttackBeforeHandshake() throws Exception {
        Socket socket = new Socket("localhost", this.connector.getLocalPort());
        ((SSLSocket) this.sslContext.getSocketFactory().createSocket(socket, socket.getInetAddress().getHostName(), socket.getPort(), true)).setUseClientMode(true);
        TimeUnit.SECONDS.sleep(1L);
        this.handleCount.set(0L);
        socket.close();
        TimeUnit.SECONDS.sleep(1L);
        Assert.assertEquals("handle() invocations", 1L, this.handleCount.get());
        Assert.assertTrue("endpoint not closed", this.endPointClosed.get());
    }
}
