package io.vertx.core.net.impl;

import io.netty.buffer.ByteBufAllocator;
import io.netty.channel.ChannelHandler;
import io.netty.handler.ssl.SniHandler;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.util.AsyncMapping;
import io.netty.util.concurrent.ImmediateExecutor;
import io.vertx.core.VertxException;
import io.vertx.core.net.SocketAddress;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.Executor;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;

/* loaded from: input_file:BOOT-INF/lib/vertx-core-4.5.10.jar:io/vertx/core/net/impl/SslChannelProvider.class */
public class SslChannelProvider {
    private final long sslHandshakeTimeout;
    private final TimeUnit sslHandshakeTimeoutUnit;
    private final Executor workerPool;
    private final boolean useWorkerPool;
    private final boolean sni;
    private final boolean useAlpn;
    private final boolean trustAll;
    private final SslContextProvider sslContextProvider;
    private final SslContext[] sslContexts = new SslContext[2];
    private final Map<String, SslContext>[] sslContextMaps = {new ConcurrentHashMap(), new ConcurrentHashMap()};

    public SslChannelProvider(SslContextProvider sslContextProvider, long j, TimeUnit timeUnit, boolean z, boolean z2, boolean z3, Executor executor, boolean z4) {
        this.workerPool = executor;
        this.useWorkerPool = z4;
        this.useAlpn = z3;
        this.sni = z;
        this.trustAll = z2;
        this.sslHandshakeTimeout = j;
        this.sslHandshakeTimeoutUnit = timeUnit;
        this.sslContextProvider = sslContextProvider;
    }

    public int sniEntrySize() {
        return this.sslContextMaps[0].size() + this.sslContextMaps[1].size();
    }

    public SslContextProvider sslContextProvider() {
        return this.sslContextProvider;
    }

    public SslContext sslClientContext(String str, boolean z) {
        return sslClientContext(str, z, this.trustAll);
    }

    public SslContext sslClientContext(String str, boolean z, boolean z2) {
        try {
            return sslContext(str, z, false, z2);
        } catch (Exception e) {
            throw new VertxException(e);
        }
    }

    public SslContext sslContext(String str, boolean z, boolean z2, boolean z3) throws Exception {
        int idx = idx(z);
        if (str != null) {
            KeyManagerFactory resolveKeyManagerFactory = this.sslContextProvider.resolveKeyManagerFactory(str);
            TrustManager[] resolveTrustManagers = z3 ? null : this.sslContextProvider.resolveTrustManagers(str);
            if (resolveKeyManagerFactory != null || resolveTrustManagers != null || !z2) {
                return this.sslContextMaps[idx].computeIfAbsent(str, str2 -> {
                    return this.sslContextProvider.createContext(z2, resolveKeyManagerFactory, resolveTrustManagers, str2, z, z3);
                });
            }
        }
        if (this.sslContexts[idx] == null) {
            this.sslContexts[idx] = this.sslContextProvider.createContext(z2, null, null, str, z, z3);
        }
        return this.sslContexts[idx];
    }

    public SslContext sslServerContext(boolean z) {
        try {
            return sslContext(null, z, true, false);
        } catch (Exception e) {
            throw new VertxException(e);
        }
    }

    public AsyncMapping<? super String, ? extends SslContext> serverNameMapping() {
        return (str, promise) -> {
            this.workerPool.execute(() -> {
                try {
                    promise.setSuccess(sslContext(str, this.useAlpn, true, false));
                } catch (Exception e) {
                    promise.setFailure(e);
                }
            });
            return promise;
        };
    }

    public SslHandler createClientSslHandler(SocketAddress socketAddress, String str, boolean z) {
        SslContext sslClientContext = sslClientContext(str, z);
        Executor executor = this.useWorkerPool ? this.workerPool : ImmediateExecutor.INSTANCE;
        SslHandler newHandler = socketAddress.isDomainSocket() ? sslClientContext.newHandler(ByteBufAllocator.DEFAULT, executor) : sslClientContext.newHandler(ByteBufAllocator.DEFAULT, socketAddress.host(), socketAddress.port(), executor);
        newHandler.setHandshakeTimeout(this.sslHandshakeTimeout, this.sslHandshakeTimeoutUnit);
        return newHandler;
    }

    public ChannelHandler createServerHandler() {
        return this.sni ? createSniHandler() : createServerSslHandler(this.useAlpn);
    }

    private SslHandler createServerSslHandler(boolean z) {
        SslHandler newHandler = sslServerContext(z).newHandler(ByteBufAllocator.DEFAULT, this.useWorkerPool ? this.workerPool : ImmediateExecutor.INSTANCE);
        newHandler.setHandshakeTimeout(this.sslHandshakeTimeout, this.sslHandshakeTimeoutUnit);
        return newHandler;
    }

    private SniHandler createSniHandler() {
        return new VertxSniHandler(serverNameMapping(), this.sslHandshakeTimeoutUnit.toMillis(this.sslHandshakeTimeout), this.useWorkerPool ? this.workerPool : ImmediateExecutor.INSTANCE);
    }

    private static int idx(boolean z) {
        return z ? 0 : 1;
    }
}
