package org.dcache.oncrpc4j.benchmarks;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.dcache.oncrpc4j.rpc.OncRpcProgram;
import org.dcache.oncrpc4j.rpc.OncRpcSvc;
import org.dcache.oncrpc4j.rpc.OncRpcSvcBuilder;
import org.dcache.oncrpc4j.rpc.RpcAuthTypeNone;
import org.dcache.oncrpc4j.rpc.RpcCall;
import org.dcache.oncrpc4j.rpc.RpcDispatchable;
import org.dcache.oncrpc4j.xdr.XdrAble;
import org.dcache.oncrpc4j.xdr.XdrVoid;
import org.openjdk.jmh.annotations.Benchmark;
import org.openjdk.jmh.annotations.BenchmarkMode;
import org.openjdk.jmh.annotations.Mode;
import org.openjdk.jmh.annotations.Param;
import org.openjdk.jmh.annotations.Scope;
import org.openjdk.jmh.annotations.Setup;
import org.openjdk.jmh.annotations.State;
import org.openjdk.jmh.annotations.TearDown;

@BenchmarkMode({Mode.Throughput})
@State(Scope.Thread)
/* loaded from: input_file:org/dcache/oncrpc4j/benchmarks/TlsOverhead.class */
public class TlsOverhead {
    private static final int PROGNUM = 100017;
    private static final int PROGVER = 1;

    @Param({"true", "false"})
    private String withTLS;
    private OncRpcSvc svc;
    private OncRpcSvc clnt;
    private RpcCall clntCall;
    private SSLContext sslContext;
    private final RpcDispatchable NULL = rpcCall -> {
        rpcCall.reply(XdrVoid.XDR_VOID);
    };

    @Setup
    public void setUp() throws IOException, Exception {
        if (Boolean.getBoolean(this.withTLS)) {
            this.sslContext = createSslContext();
        }
        this.svc = new OncRpcSvcBuilder().withoutAutoPublish().withTCP().withWorkerThreadIoStrategy().withBindAddress("127.0.0.1").withSelectorThreadPoolSize(1).withWorkerThreadPoolSize(1).withRpcService(new OncRpcProgram(PROGNUM, 1), this.NULL).withSSLContext(this.sslContext).withServiceName("svc").build();
        this.svc.start();
        this.clnt = new OncRpcSvcBuilder().withoutAutoPublish().withTCP().withClientMode().withWorkerThreadIoStrategy().withSelectorThreadPoolSize(1).withWorkerThreadPoolSize(1).withSSLContext(this.sslContext).withServiceName("clnt").build();
        this.clnt.start();
        this.clntCall = new RpcCall(PROGNUM, 1, new RpcAuthTypeNone(), this.clnt.connect(this.svc.getInetSocketAddress(6)));
    }

    @TearDown
    public void shutdown() throws IOException {
        this.clnt.stop();
        this.svc.stop();
    }

    @Benchmark
    public XdrAble callOpNull() throws IOException {
        XdrVoid xdrVoid = new XdrVoid();
        this.clntCall.call(0, XdrVoid.XDR_VOID, xdrVoid);
        return xdrVoid;
    }

    public static SSLContext createSslContext() throws Exception {
        char[] charArray = "password".toCharArray();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
        keyPairGenerator.initialize(2048, new SecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Certificate generateSelfSignedCert = generateSelfSignedCert(generateKeyPair);
        Certificate[] certificateArr = {generateSelfSignedCert};
        KeyStore createEmptyKeystore = createEmptyKeystore();
        createEmptyKeystore.setKeyEntry("private", generateKeyPair.getPrivate(), charArray, certificateArr);
        createEmptyKeystore.setCertificateEntry("cert", generateSelfSignedCert);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(createEmptyKeystore, charArray);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(createEmptyKeystore);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    private static Certificate generateSelfSignedCert(KeyPair keyPair) throws GeneralSecurityException, OperatorCreationException {
        long currentTimeMillis = System.currentTimeMillis();
        long millis = currentTimeMillis + TimeUnit.DAYS.toMillis(1L);
        X500Name x500Name = new X500Name("CN=localhost, O=dCache.org");
        return new JcaX509CertificateConverter().getCertificate(new X509v3CertificateBuilder(x500Name, BigInteger.ONE, new Date(currentTimeMillis), new Date(millis), x500Name, SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())).build(new JcaContentSignerBuilder("SHA256WithRSA").build(keyPair.getPrivate())));
    }

    private static KeyStore createEmptyKeystore() throws GeneralSecurityException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            return keyStore;
        } catch (IOException e) {
            throw new AssertionError(e);
        }
    }
}
