package org.eclipse.californium.scandium;

import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.TimeUnit;
import org.eclipse.californium.elements.AddressEndpointContext;
import org.eclipse.californium.elements.MapBasedEndpointContext;
import org.eclipse.californium.elements.MessageCallback;
import org.eclipse.californium.elements.RawData;
import org.eclipse.californium.elements.auth.AdditionalInfo;
import org.eclipse.californium.elements.auth.PreSharedKeyIdentity;
import org.eclipse.californium.elements.auth.RawPublicKeyIdentity;
import org.eclipse.californium.elements.auth.X509CertPath;
import org.eclipse.californium.elements.category.Medium;
import org.eclipse.californium.elements.rule.NetworkRule;
import org.eclipse.californium.elements.rule.TestNameLoggerRule;
import org.eclipse.californium.elements.rule.ThreadsRule;
import org.eclipse.californium.elements.util.ExecutorsUtil;
import org.eclipse.californium.elements.util.SimpleMessageCallback;
import org.eclipse.californium.elements.util.TestScope;
import org.eclipse.californium.elements.util.TestThreadFactory;
import org.eclipse.californium.scandium.ConnectorHelper;
import org.eclipse.californium.scandium.auth.ApplicationLevelInfoSupplier;
import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
import org.eclipse.californium.scandium.dtls.CertificateType;
import org.eclipse.californium.scandium.dtls.Connection;
import org.eclipse.californium.scandium.dtls.DtlsTestTools;
import org.eclipse.californium.scandium.dtls.HandshakeResultHandler;
import org.eclipse.californium.scandium.dtls.InMemoryClientSessionCache;
import org.eclipse.californium.scandium.dtls.InMemoryConnectionStore;
import org.eclipse.californium.scandium.dtls.PskSecretResultHandler;
import org.eclipse.californium.scandium.dtls.Record;
import org.eclipse.californium.scandium.dtls.SessionId;
import org.eclipse.californium.scandium.dtls.SessionTicket;
import org.eclipse.californium.scandium.dtls.cipher.CipherSuite;
import org.eclipse.californium.scandium.dtls.pskstore.AdvancedMultiPskStore;
import org.eclipse.californium.scandium.dtls.pskstore.AsyncAdvancedPskStore;
import org.eclipse.californium.scandium.dtls.x509.AsyncNewAdvancedCertificateVerifier;
import org.eclipse.californium.scandium.rule.DtlsNetworkRule;
import org.hamcrest.CoreMatchers;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@RunWith(Parameterized.class)
@Category({Medium.class})
/* loaded from: input_file:org/eclipse/californium/scandium/DTLSConnectorResumeTest.class */
public class DTLSConnectorResumeTest {
    public static final Logger LOGGER = LoggerFactory.getLogger(DTLSConnectorResumeTest.class);

    @ClassRule
    public static DtlsNetworkRule network = new DtlsNetworkRule(NetworkRule.Mode.DIRECT, NetworkRule.Mode.NATIVE);

    @ClassRule
    public static ThreadsRule cleanup = new ThreadsRule(new String[0]);
    static ConnectorHelper serverHelper;
    static AsyncAdvancedPskStore serverPskStore;
    static AsyncNewAdvancedCertificateVerifier serverCertificateVerifier;
    static ExecutorService executor;
    static PrivateKey clientPrivateKey;
    static X509Certificate[] clientCertificateChain;
    static AsyncAdvancedPskStore clientPskStore;
    static AsyncNewAdvancedCertificateVerifier clientCertificateVerifier;
    static AdvancedMultiPskStore clientInMemoryPskStore;
    private static final int CLIENT_CONNECTION_STORE_CAPACITY = 5;
    private static final int MAX_TIME_TO_WAIT_SECS = 2;
    private static final String DEVICE_ID = "the-device";
    private static final String KEY_DEVICE_ID = "device-id";
    private static final String SERVERNAME_ALT = "other.test.server";

    @Rule
    public TestNameLoggerRule names = new TestNameLoggerRule();
    Class<?> clientPrincipalType;
    DTLSConnector client;
    InMemoryConnectionStore clientConnectionStore;
    List<Record> lastReceivedFlight;

    @Parameterized.Parameter
    public TypedBuilderSetup builderSetup;

    /* loaded from: input_file:org/eclipse/californium/scandium/DTLSConnectorResumeTest$TypedBuilderSetup.class */
    public interface TypedBuilderSetup extends ConnectorHelper.BuilderSetup {
        Class<?> getPrincipalType();
    }

    @Parameterized.Parameters(name = "setup = {0}")
    public static Iterable<TypedBuilderSetup> builderSetups() {
        TypedBuilderSetup[] typedBuilderSetupArr = {new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.1
            public String toString() {
                return "PSK-sync-master";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return PreSharedKeyIdentity.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientPskStore.setDelay(0);
                DTLSConnectorResumeTest.serverPskStore.setDelay(0);
                DTLSConnectorResumeTest.clientPskStore.setSecretMode(true);
                DTLSConnectorResumeTest.serverPskStore.setSecretMode(true);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_PSK_WITH_AES_128_CCM_8}).setAdvancedPskStore(DTLSConnectorResumeTest.clientPskStore);
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.2
            public String toString() {
                return "PSK-async-master";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return PreSharedKeyIdentity.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientPskStore.setDelay(100);
                DTLSConnectorResumeTest.serverPskStore.setDelay(100);
                DTLSConnectorResumeTest.clientPskStore.setSecretMode(true);
                DTLSConnectorResumeTest.serverPskStore.setSecretMode(true);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_PSK_WITH_AES_128_CCM_8}).setEnableMultiHandshakeMessageRecords(true).setAdvancedPskStore(DTLSConnectorResumeTest.clientPskStore);
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.3
            public String toString() {
                return "PSK-sync-key";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return PreSharedKeyIdentity.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientPskStore.setDelay(0);
                DTLSConnectorResumeTest.serverPskStore.setDelay(0);
                DTLSConnectorResumeTest.clientPskStore.setSecretMode(false);
                DTLSConnectorResumeTest.serverPskStore.setSecretMode(false);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_PSK_WITH_AES_128_CCM_8}).setEnableMultiHandshakeMessageRecords(true).setAdvancedPskStore(DTLSConnectorResumeTest.clientPskStore);
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.4
            public String toString() {
                return "PSK-async-key";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return PreSharedKeyIdentity.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientPskStore.setDelay(100);
                DTLSConnectorResumeTest.serverPskStore.setDelay(100);
                DTLSConnectorResumeTest.clientPskStore.setSecretMode(false);
                DTLSConnectorResumeTest.serverPskStore.setSecretMode(false);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_PSK_WITH_AES_128_CCM_8}).setAdvancedPskStore(DTLSConnectorResumeTest.clientPskStore);
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.5
            public String toString() {
                return "PSK-ECDHE-async-master";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return PreSharedKeyIdentity.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientPskStore.setDelay(100);
                DTLSConnectorResumeTest.serverPskStore.setDelay(100);
                DTLSConnectorResumeTest.clientPskStore.setSecretMode(true);
                DTLSConnectorResumeTest.serverPskStore.setSecretMode(true);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256}).setEnableMultiHandshakeMessageRecords(true).setAdvancedPskStore(DTLSConnectorResumeTest.clientPskStore);
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.6
            public String toString() {
                return "PSK-ECDHE-sync-key";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return PreSharedKeyIdentity.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientPskStore.setDelay(0);
                DTLSConnectorResumeTest.serverPskStore.setDelay(0);
                DTLSConnectorResumeTest.clientPskStore.setSecretMode(false);
                DTLSConnectorResumeTest.serverPskStore.setSecretMode(false);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256}).setAdvancedPskStore(DTLSConnectorResumeTest.clientPskStore);
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.7
            public String toString() {
                return "ECDSA-x509";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return X509CertPath.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientCertificateVerifier.setDelay(0);
                DTLSConnectorResumeTest.serverCertificateVerifier.setDelay(0);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8}).setIdentity(DTLSConnectorResumeTest.clientPrivateKey, DTLSConnectorResumeTest.clientCertificateChain, new CertificateType[]{CertificateType.X_509}).setAdvancedCertificateVerifier(DTLSConnectorResumeTest.clientCertificateVerifier).setTrustCertificateTypes(new CertificateType[]{CertificateType.X_509});
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.8
            public String toString() {
                return "ECDSA-x509-async";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return X509CertPath.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientCertificateVerifier.setDelay(100);
                DTLSConnectorResumeTest.serverCertificateVerifier.setDelay(100);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8}).setEnableMultiHandshakeMessageRecords(true).setIdentity(DTLSConnectorResumeTest.clientPrivateKey, DTLSConnectorResumeTest.clientCertificateChain, new CertificateType[]{CertificateType.X_509}).setAdvancedCertificateVerifier(DTLSConnectorResumeTest.clientCertificateVerifier).setTrustCertificateTypes(new CertificateType[]{CertificateType.X_509});
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.9
            public String toString() {
                return "ECDSA-RPK-sync";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return RawPublicKeyIdentity.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8}).setIdentity(DTLSConnectorResumeTest.clientPrivateKey, DTLSConnectorResumeTest.clientCertificateChain, new CertificateType[]{CertificateType.RAW_PUBLIC_KEY}).setTrustCertificateTypes(new CertificateType[]{CertificateType.RAW_PUBLIC_KEY}).setAdvancedCertificateVerifier(DTLSConnectorResumeTest.clientCertificateVerifier).setEnableMultiHandshakeMessageRecords(true);
            }
        }, new TypedBuilderSetup() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.10
            public String toString() {
                return "ECDSA-RPK-async";
            }

            @Override // org.eclipse.californium.scandium.DTLSConnectorResumeTest.TypedBuilderSetup
            public Class<?> getPrincipalType() {
                return RawPublicKeyIdentity.class;
            }

            @Override // org.eclipse.californium.scandium.ConnectorHelper.BuilderSetup
            public void setup(DtlsConnectorConfig.Builder builder) {
                DTLSConnectorResumeTest.clientCertificateVerifier.setDelay(100);
                DTLSConnectorResumeTest.serverCertificateVerifier.setDelay(100);
                builder.setSupportedCipherSuites(new CipherSuite[]{CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8}).setIdentity(DTLSConnectorResumeTest.clientPrivateKey, DTLSConnectorResumeTest.clientCertificateChain, new CertificateType[]{CertificateType.RAW_PUBLIC_KEY}).setTrustCertificateTypes(new CertificateType[]{CertificateType.RAW_PUBLIC_KEY}).setAdvancedCertificateVerifier(DTLSConnectorResumeTest.clientCertificateVerifier).setEnableMultiHandshakeMessageRecords(true);
            }
        }};
        return TestScope.enableIntensiveTests() ? Arrays.asList(typedBuilderSetupArr) : Arrays.asList(Arrays.copyOf(typedBuilderSetupArr, 1));
    }

    @BeforeClass
    public static void startServer() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(KEY_DEVICE_ID, DEVICE_ID);
        final AdditionalInfo from = AdditionalInfo.from(hashMap);
        ApplicationLevelInfoSupplier applicationLevelInfoSupplier = new ApplicationLevelInfoSupplier() { // from class: org.eclipse.californium.scandium.DTLSConnectorResumeTest.11
            public AdditionalInfo getInfo(Principal principal) {
                return from;
            }
        };
        AdvancedMultiPskStore advancedMultiPskStore = new AdvancedMultiPskStore();
        advancedMultiPskStore.setKey("Client_identity", "secretPSK".getBytes());
        advancedMultiPskStore.setKey("My_client_identity", "mySecretPSK".getBytes(), "my.test.server");
        advancedMultiPskStore.setKey("My_client_identity", "mySecretPSK".getBytes(), SERVERNAME_ALT);
        serverPskStore = new AsyncAdvancedPskStore(advancedMultiPskStore);
        serverCertificateVerifier = AsyncNewAdvancedCertificateVerifier.builder().setTrustedCertificates(DtlsTestTools.getTrustedCertificates()).setTrustAllRPKs().build();
        DtlsConnectorConfig.Builder advancedPskStore = DtlsConnectorConfig.builder().setSniEnabled(true).setApplicationLevelInfoSupplier(applicationLevelInfoSupplier).setAdvancedCertificateVerifier(serverCertificateVerifier).setAdvancedPskStore(serverPskStore);
        serverHelper = new ConnectorHelper();
        serverHelper.startServer(advancedPskStore);
        executor = ExecutorsUtil.newFixedThreadPool(MAX_TIME_TO_WAIT_SECS, new TestThreadFactory("DTLS-RESUME-"));
        clientPrivateKey = DtlsTestTools.getClientPrivateKey();
        clientCertificateChain = DtlsTestTools.getClientCertificateChain();
        clientInMemoryPskStore = new AdvancedMultiPskStore();
        clientInMemoryPskStore.addKnownPeer(serverHelper.serverEndpoint, "Client_identity", "secretPSK".getBytes());
        clientInMemoryPskStore.addKnownPeer(serverHelper.serverEndpoint, "my.test.server", "My_client_identity", "mySecretPSK".getBytes());
        clientInMemoryPskStore.addKnownPeer(serverHelper.serverEndpoint, SERVERNAME_ALT, "My_client_identity", "mySecretPSK".getBytes());
        clientPskStore = new AsyncAdvancedPskStore(clientInMemoryPskStore);
        clientCertificateVerifier = AsyncNewAdvancedCertificateVerifier.builder().setTrustedCertificates(DtlsTestTools.getTrustedCertificates()).setTrustAllRPKs().build();
    }

    @AfterClass
    public static void tearDown() {
        if (clientPskStore != null) {
            clientPskStore.shutdown();
            clientPskStore = null;
        }
        if (serverPskStore != null) {
            serverPskStore.shutdown();
            serverPskStore = null;
        }
        if (clientCertificateVerifier != null) {
            clientCertificateVerifier.shutdown();
            clientCertificateVerifier = null;
        }
        if (serverCertificateVerifier != null) {
            serverCertificateVerifier.shutdown();
            serverCertificateVerifier = null;
        }
        serverHelper.destroyServer();
        ExecutorsUtil.shutdownExecutorGracefully(100L, new ExecutorService[]{executor});
    }

    @Before
    public void setUp() throws Exception {
        this.clientConnectionStore = new InMemoryConnectionStore(CLIENT_CONNECTION_STORE_CAPACITY, 60L);
        this.client = new DTLSConnector(createClientConfigBuilder("client", null).build(), this.clientConnectionStore);
        this.client.setExecutor(executor);
    }

    @After
    public void cleanUp() {
        if (this.client != null) {
            this.client.destroy();
        }
        this.lastReceivedFlight = null;
        serverHelper.cleanUpServer();
    }

    private void autoResumeSetUp(Long l) throws Exception {
        cleanUp();
        serverHelper.serverSessionCache.establishedSessionCounter.set(0);
        this.clientConnectionStore = new InMemoryConnectionStore(CLIENT_CONNECTION_STORE_CAPACITY, 60L);
        DtlsConnectorConfig.Builder createClientConfigBuilder = createClientConfigBuilder("client-auto-resume", null);
        createClientConfigBuilder.setAutoResumptionTimeoutMillis(l);
        this.client = new DTLSConnector(createClientConfigBuilder.build(), this.clientConnectionStore);
        this.client.setExecutor(executor);
    }

    private DtlsConnectorConfig.Builder createClientConfigBuilder(String str, InetSocketAddress inetSocketAddress) {
        if (inetSocketAddress == null) {
            inetSocketAddress = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
        }
        DtlsConnectorConfig.Builder maxConnections = DtlsConnectorConfig.builder().setLoggingTag(str).setAddress(inetSocketAddress).setSniEnabled(true).setReceiverThreadCount(1).setConnectionThreadCount(MAX_TIME_TO_WAIT_SECS).setMaxConnections(CLIENT_CONNECTION_STORE_CAPACITY);
        clientPskStore.setResultHandler((PskSecretResultHandler) null);
        clientCertificateVerifier.setResultHandler((HandshakeResultHandler) null);
        this.clientPrincipalType = this.builderSetup.getPrincipalType();
        this.builderSetup.setup(maxConnections);
        return maxConnections;
    }

    @Test
    public void testConnectorResumesSessionFromNewConnection() throws Exception {
        InMemoryClientSessionCache inMemoryClientSessionCache = new InMemoryClientSessionCache();
        this.clientConnectionStore = new InMemoryConnectionStore(CLIENT_CONNECTION_STORE_CAPACITY, 60L, inMemoryClientSessionCache);
        this.client = new DTLSConnector(createClientConfigBuilder("client-before", new InetSocketAddress(InetAddress.getLoopbackAddress(), 10000)).build(), this.clientConnectionStore);
        this.client.setExecutor(executor);
        serverHelper.givenAnEstablishedSession(this.client);
        this.client.stop();
        SessionId sessionIdentifier = serverHelper.establishedServerSession.getSessionIdentifier();
        this.client.forceResumeSessionFor(serverHelper.serverEndpoint);
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        long timestamp = inMemoryClientSessionCache.get(sessionIdentifier).getTimestamp();
        DtlsConnectorConfig build = createClientConfigBuilder("client-after", new InetSocketAddress(InetAddress.getLoopbackAddress(), 10001)).build();
        this.clientConnectionStore = new InMemoryConnectionStore(CLIENT_CONNECTION_STORE_CAPACITY, 60L, inMemoryClientSessionCache);
        this.client = new DTLSConnector(build, this.clientConnectionStore);
        ConnectorHelper.LatchDecrementingRawDataChannel latchDecrementingRawDataChannel = new ConnectorHelper.LatchDecrementingRawDataChannel(1);
        this.client.setRawDataReceiver(latchDecrementingRawDataChannel);
        this.client.start();
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint), (MessageCallback) null, false));
        Assert.assertTrue(latchDecrementingRawDataChannel.await(2L, TimeUnit.SECONDS));
        Connection connection = this.clientConnectionStore.get(serverHelper.serverEndpoint);
        Assert.assertThat(connection.getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        Assert.assertThat(Long.valueOf(timestamp), CoreMatchers.is(Long.valueOf(connection.getEstablishedSession().getCreationTime())));
        assertClientIdentity(this.clientPrincipalType);
    }

    @Test
    public void testConnectorAutoResumesSession() throws Exception {
        autoResumeSetUp(500L);
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client, false);
        Connection connection = this.clientConnectionStore.get(serverHelper.serverEndpoint);
        SessionId sessionIdentifier = connection.getSession().getSessionIdentifier();
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
        Assert.assertThat(Boolean.valueOf(connection.isAutoResumptionRequired(500L)), CoreMatchers.is(false));
        Thread.sleep(1000L);
        Assert.assertThat(Boolean.valueOf(connection.isAutoResumptionRequired(500L)), CoreMatchers.is(true));
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        assertClientIdentity(this.clientPrincipalType);
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(Integer.valueOf(MAX_TIME_TO_WAIT_SECS)));
    }

    @Test
    public void testConnectorNoAutoResumesSession() throws Exception {
        autoResumeSetUp(1000L);
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client, false);
        Connection connection = this.clientConnectionStore.get(serverHelper.serverEndpoint);
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
        Assert.assertThat(Boolean.valueOf(connection.isAutoResumptionRequired(1000L)), CoreMatchers.is(false));
        Thread.sleep(750L);
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Thread.sleep(750L);
        Assert.assertThat(Boolean.valueOf(connection.isAutoResumptionRequired(1000L)), CoreMatchers.is(false));
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
    }

    @Test
    public void testConnectorSupressAutoResumesSession() throws Exception {
        autoResumeSetUp(500L);
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client, false);
        SessionId sessionIdentifier = this.clientConnectionStore.get(serverHelper.serverEndpoint).getSession().getSessionIdentifier();
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
        assertClientIdentity(this.clientPrincipalType);
        Thread.sleep(1000L);
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new MapBasedEndpointContext(serverHelper.serverEndpoint, (Principal) null, new String[]{"*DTLS_RESUMPTION_TIMEOUT", ""}), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        assertClientIdentity(this.clientPrincipalType);
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
    }

    @Test
    public void testConnectorChangedAutoResumesSession() throws Exception {
        autoResumeSetUp(500L);
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client, false);
        Connection connection = this.clientConnectionStore.get(serverHelper.serverEndpoint);
        SessionId sessionIdentifier = connection.getSession().getSessionIdentifier();
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
        Assert.assertThat(Boolean.valueOf(connection.isAutoResumptionRequired(500L)), CoreMatchers.is(false));
        Thread.sleep(1000L);
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new MapBasedEndpointContext(serverHelper.serverEndpoint, (Principal) null, new String[]{"*DTLS_RESUMPTION_TIMEOUT", "10000"}), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        assertClientIdentity(this.clientPrincipalType);
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
    }

    @Test
    public void testConnectorResumesSessionFromSharedSessionTicket() throws Exception {
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client);
        InetSocketAddress address = givenAnEstablishedSession.getAddress();
        SessionId sessionIdentifier = serverHelper.establishedServerSession.getSessionIdentifier();
        this.client.forceResumeSessionFor(serverHelper.serverEndpoint);
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        this.client.start();
        SessionTicket sessionTicket = serverHelper.establishedServerSession.getSessionTicket();
        Assert.assertThat(sessionTicket, CoreMatchers.is(CoreMatchers.notNullValue()));
        serverHelper.remove(address, true);
        Assert.assertThat(serverHelper.serverSessionCache.get(sessionIdentifier), CoreMatchers.is(CoreMatchers.nullValue()));
        serverHelper.serverSessionCache.put(sessionIdentifier, sessionTicket);
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        assertClientIdentity(this.clientPrincipalType);
    }

    @Test
    public void testConnectorResumesSessionFromExistingConnection() throws Exception {
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client);
        SessionId sessionIdentifier = serverHelper.establishedServerSession.getSessionIdentifier();
        this.client.forceResumeSessionFor(serverHelper.serverEndpoint);
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        this.client.start();
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        assertClientIdentity(this.clientPrincipalType);
    }

    @Test
    public void testConnectorResumesSessionFromHiddenConnection() throws Exception {
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client);
        InetSocketAddress address = givenAnEstablishedSession.getAddress();
        SessionId sessionIdentifier = serverHelper.establishedServerSession.getSessionIdentifier();
        int remainingCapacity = serverHelper.serverConnectionStore.remainingCapacity();
        DTLSConnector dTLSConnector = new DTLSConnector(createClientConfigBuilder("client-2", address).setSniEnabled(true).setMaxConnections(CLIENT_CONNECTION_STORE_CAPACITY).build(), new InMemoryConnectionStore(CLIENT_CONNECTION_STORE_CAPACITY, 60L));
        dTLSConnector.setExecutor(executor);
        serverHelper.givenAnEstablishedSession(dTLSConnector);
        Assert.assertThat(Integer.valueOf(serverHelper.serverConnectionStore.remainingCapacity()), CoreMatchers.is(Integer.valueOf(remainingCapacity - 1)));
        this.client.forceResumeSessionFor(serverHelper.serverEndpoint);
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        this.client.start();
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        assertClientIdentity(this.clientPrincipalType);
        Assert.assertThat(Integer.valueOf(serverHelper.serverConnectionStore.remainingCapacity()), CoreMatchers.is(Integer.valueOf(remainingCapacity - 1)));
    }

    public void testConnectorResumesSessionFromClosedConnection() throws Exception {
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client, false);
        SessionId sessionIdentifier = serverHelper.establishedServerSession.getSessionIdentifier();
        Connection connection = this.clientConnectionStore.get(serverHelper.serverEndpoint);
        String lastHandshakeTime = connection.getEstablishedSession().getLastHandshakeTime();
        Assert.assertThat(connection.getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        this.client.close(serverHelper.serverEndpoint);
        for (int i = 0; i < 20 && !connection.isResumptionRequired(); i++) {
            Thread.sleep(100L);
        }
        Assert.assertThat(Boolean.valueOf(connection.isResumptionRequired()), CoreMatchers.is(true));
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Connection connection2 = this.clientConnectionStore.get(serverHelper.serverEndpoint);
        Assert.assertThat(connection2.getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        assertClientIdentity(this.clientPrincipalType);
        Assert.assertThat(lastHandshakeTime, CoreMatchers.is(CoreMatchers.not(connection2.getEstablishedSession().getLastHandshakeTime())));
    }

    @Test
    public void testConnectorForceResumeSession() throws Exception {
        autoResumeSetUp(null);
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client, false);
        SessionId sessionIdentifier = this.clientConnectionStore.get(serverHelper.serverEndpoint).getSession().getSessionIdentifier();
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
        Thread.sleep(500L);
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new MapBasedEndpointContext(serverHelper.serverEndpoint, (Principal) null, new String[]{"*DTLS_HANDSHAKE_MODE", "force"}), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        assertClientIdentity(this.clientPrincipalType);
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(Integer.valueOf(MAX_TIME_TO_WAIT_SECS)));
    }

    @Test
    public void testConnectorForceFullHandshake() throws Exception {
        autoResumeSetUp(null);
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client, false);
        SessionId sessionIdentifier = this.clientConnectionStore.get(serverHelper.serverEndpoint).getSession().getSessionIdentifier();
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(1));
        Thread.sleep(500L);
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new MapBasedEndpointContext(serverHelper.serverEndpoint, (Principal) null, new String[]{"*DTLS_HANDSHAKE_MODE", "full"}), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.not(CoreMatchers.equalTo(sessionIdentifier)));
        assertClientIdentity(this.clientPrincipalType);
        Assert.assertThat(Integer.valueOf(serverHelper.serverSessionCache.establishedSessionCounter.get()), CoreMatchers.is(Integer.valueOf(MAX_TIME_TO_WAIT_SECS)));
    }

    @Test
    public void testConnectorPerformsFullHandshakeWhenResumingNonExistingSession() throws Exception {
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client);
        InetSocketAddress address = givenAnEstablishedSession.getAddress();
        SessionId sessionIdentifier = serverHelper.establishedServerSession.getSessionIdentifier();
        this.client.forceResumeSessionFor(serverHelper.serverEndpoint);
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        this.client.start();
        givenAnEstablishedSession.setLatchCount(1);
        serverHelper.remove(address, true);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.not(CoreMatchers.equalTo(sessionIdentifier)));
        assertClientIdentity(this.clientPrincipalType);
    }

    @Test
    public void testConnectorPerformsFullHandshakeWhenResumingWithDifferentSni() throws Exception {
        ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = serverHelper.givenAnEstablishedSession(this.client, RawData.outbound("Hello World".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint, "my.test.server", (Principal) null), (MessageCallback) null, false), true);
        SessionId sessionIdentifier = serverHelper.establishedServerSession.getSessionIdentifier();
        this.client.forceResumeSessionFor(serverHelper.serverEndpoint);
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        this.client.start();
        givenAnEstablishedSession.setLatchCount(1);
        this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(serverHelper.serverEndpoint, SERVERNAME_ALT, (Principal) null), (MessageCallback) null, false));
        Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.not(CoreMatchers.equalTo(sessionIdentifier)));
        assertClientIdentity(this.clientPrincipalType);
    }

    @Test
    public void testConnectorPerformsFullHandshakeWhenResumingWithEmptySessionId() throws Exception {
        ConnectorHelper connectorHelper = new ConnectorHelper();
        try {
            connectorHelper.startServer(DtlsConnectorConfig.builder().setNoServerSessionId(true).setSniEnabled(true));
            clientInMemoryPskStore.addKnownPeer(connectorHelper.serverEndpoint, "Client_identity", "secretPSK".getBytes());
            clientInMemoryPskStore.addKnownPeer(connectorHelper.serverEndpoint, "my.test.server", "My_client_identity", "mySecretPSK".getBytes());
            clientInMemoryPskStore.addKnownPeer(connectorHelper.serverEndpoint, SERVERNAME_ALT, "My_client_identity", "mySecretPSK".getBytes());
            ConnectorHelper.LatchDecrementingRawDataChannel givenAnEstablishedSession = connectorHelper.givenAnEstablishedSession(this.client, RawData.outbound("Hello World".getBytes(), new AddressEndpointContext(connectorHelper.serverEndpoint, "my.test.server", (Principal) null), (MessageCallback) null, false), true);
            Assert.assertTrue("session id must be empty", connectorHelper.establishedServerSession.getSessionIdentifier().isEmpty());
            this.client.forceResumeSessionFor(connectorHelper.serverEndpoint);
            Connection connection = this.clientConnectionStore.get(connectorHelper.serverEndpoint);
            Assert.assertTrue(connection.getEstablishedSession().getSessionIdentifier().isEmpty());
            long creationTime = connection.getEstablishedSession().getCreationTime();
            this.client.start();
            givenAnEstablishedSession.setLatchCount(1);
            this.client.send(RawData.outbound("Hello Again".getBytes(), new AddressEndpointContext(connectorHelper.serverEndpoint, "my.test.server", (Principal) null), (MessageCallback) null, false));
            Assert.assertTrue(givenAnEstablishedSession.await(2L, TimeUnit.SECONDS));
            Connection connection2 = this.clientConnectionStore.get(connectorHelper.serverEndpoint);
            Assert.assertTrue(connection2.getEstablishedSession().getSessionIdentifier().isEmpty());
            Assert.assertThat(Long.valueOf(creationTime), CoreMatchers.is(CoreMatchers.not(Long.valueOf(connection2.getEstablishedSession().getCreationTime()))));
            connectorHelper.destroyServer();
        } catch (Throwable th) {
            connectorHelper.destroyServer();
            throw th;
        }
    }

    @Test
    public void testConnectorSupressHandshake() throws Exception {
        autoResumeSetUp(null);
        SimpleMessageCallback simpleMessageCallback = new SimpleMessageCallback(1, false);
        RawData outbound = RawData.outbound("Hello World".getBytes(), new MapBasedEndpointContext(serverHelper.serverEndpoint, (Principal) null, new String[]{"*DTLS_HANDSHAKE_MODE", "none"}), simpleMessageCallback, false);
        this.client.start();
        this.client.send(outbound);
        Assert.assertNotNull(simpleMessageCallback.getError(TimeUnit.SECONDS.toMillis(2L)));
        Assert.assertNull(serverHelper.serverConnectionStore.get(this.client.getAddress()));
    }

    @Test
    public void testConnectorRequiresResumptionSupressHandshake() throws Exception {
        serverHelper.givenAnEstablishedSession(this.client);
        SessionId sessionIdentifier = serverHelper.establishedServerSession.getSessionIdentifier();
        this.client.forceResumeSessionFor(serverHelper.serverEndpoint);
        Assert.assertThat(this.clientConnectionStore.get(serverHelper.serverEndpoint).getEstablishedSession().getSessionIdentifier(), CoreMatchers.is(sessionIdentifier));
        SimpleMessageCallback simpleMessageCallback = new SimpleMessageCallback(1, false);
        RawData outbound = RawData.outbound("Hello World".getBytes(), new MapBasedEndpointContext(serverHelper.serverEndpoint, (Principal) null, new String[]{"*DTLS_HANDSHAKE_MODE", "none"}), simpleMessageCallback, false);
        this.client.start();
        this.client.send(outbound);
        Assert.assertNotNull(simpleMessageCallback.getError(TimeUnit.SECONDS.toMillis(2L)));
        Assert.assertNull(serverHelper.serverConnectionStore.get(this.client.getAddress()));
    }

    private void assertClientIdentity(Class<?> cls) {
        Principal peerIdentity = serverHelper.serverRawDataProcessor.getClientEndpointContext().getPeerIdentity();
        if (cls == null) {
            Assert.assertThat(peerIdentity, CoreMatchers.is(CoreMatchers.nullValue()));
        } else {
            Assert.assertThat(peerIdentity, CoreMatchers.instanceOf(cls));
            ConnectorHelper.assertPrincipalHasAdditionalInfo(peerIdentity, KEY_DEVICE_ID, DEVICE_ID);
        }
    }
}
