package org.mule.transport.ssl;

import edu.emory.mathcs.backport.java.util.concurrent.CountDownLatch;
import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit;
import java.io.IOException;
import java.net.Socket;
import java.security.cert.Certificate;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import javax.resource.spi.work.Work;
import org.mule.api.MuleMessage;
import org.mule.api.construct.FlowConstruct;
import org.mule.api.endpoint.InboundEndpoint;
import org.mule.api.lifecycle.CreateException;
import org.mule.api.transport.Connector;
import org.mule.transport.AbstractMessageReceiver;
import org.mule.transport.tcp.TcpMessageReceiver;

/* loaded from: input_file:WEB-INF/lib/mule-transport-ssl-3.0.0-M4.jar:org/mule/transport/ssl/SslMessageReceiver.class */
public class SslMessageReceiver extends TcpMessageReceiver implements HandshakeCompletedListener {
    private CountDownLatch handshakeComplete;
    private Certificate[] peerCertificateChain;
    private Certificate[] localCertificateChain;

    /* loaded from: input_file:WEB-INF/lib/mule-transport-ssl-3.0.0-M4.jar:org/mule/transport/ssl/SslMessageReceiver$SslWorker.class */
    protected class SslWorker extends TcpMessageReceiver.TcpWorker {
        public SslWorker(Socket socket, AbstractMessageReceiver abstractMessageReceiver) throws IOException {
            super(SslMessageReceiver.this, socket, abstractMessageReceiver);
            ((SSLSocket) socket).addHandshakeCompletedListener(SslMessageReceiver.this);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.mule.transport.tcp.TcpMessageReceiver.TcpWorker, org.mule.transport.AbstractReceiverWorker
        public void preRouteMuleMessage(MuleMessage muleMessage) throws Exception {
            super.preRouteMuleMessage(muleMessage);
            SslMessageReceiver.this.preRoute(muleMessage);
        }

        @Override // org.mule.transport.tcp.TcpMessageReceiver.TcpWorker
        protected void shutdownSocket() throws IOException {
        }
    }

    public SslMessageReceiver(Connector connector, FlowConstruct flowConstruct, InboundEndpoint inboundEndpoint) throws CreateException {
        super(connector, flowConstruct, inboundEndpoint);
        this.handshakeComplete = new CountDownLatch(1);
    }

    @Override // org.mule.transport.tcp.TcpMessageReceiver
    protected Work createWork(Socket socket) throws IOException {
        return new SslWorker(socket, this);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void preRoute(MuleMessage muleMessage) throws Exception {
        if (!this.handshakeComplete.await(((SslConnector) getConnector()).getSslHandshakeTimeout(), TimeUnit.MILLISECONDS)) {
            throw new IllegalStateException("Handshake did not complete");
        }
        if (this.peerCertificateChain != null) {
            muleMessage.setProperty("PEER_CERTIFICATES", this.peerCertificateChain);
        }
        if (this.localCertificateChain != null) {
            muleMessage.setProperty("LOCAL_CERTIFICATES", this.localCertificateChain);
        }
    }

    @Override // javax.net.ssl.HandshakeCompletedListener
    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
        try {
            this.localCertificateChain = handshakeCompletedEvent.getLocalCertificates();
            try {
                this.peerCertificateChain = handshakeCompletedEvent.getPeerCertificates();
            } catch (SSLPeerUnverifiedException e) {
                this.logger.debug("Cannot get peer certificate chain: " + e.getMessage());
            }
        } finally {
            this.handshakeComplete.countDown();
        }
    }
}
