package org.vertx.java.core.net.impl;

import io.netty.bootstrap.Bootstrap;
import io.netty.bootstrap.ServerBootstrap;
import io.netty.buffer.PooledByteBufAllocator;
import io.netty.buffer.UnpooledByteBufAllocator;
import io.netty.channel.ChannelOption;
import io.netty.channel.FixedRecvByteBufAllocator;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.vertx.java.core.file.impl.PathAdjuster;
import org.vertx.java.core.impl.VertxInternal;
import org.vertx.java.core.logging.Logger;
import org.vertx.java.core.logging.impl.LoggerFactory;

/* loaded from: input_file:org/vertx/java/core/net/impl/TCPSSLHelper.class */
public class TCPSSLHelper {
    private boolean ssl;
    private String keyStorePath;
    private String keyStorePassword;
    private String trustStorePath;
    private String trustStorePassword;
    private boolean trustAll;
    private boolean usePooledBuffers;
    private SSLContext sslContext;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) TCPSSLHelper.class);
    private static SocketDefaults defaults = SocketDefaults.instance;
    private boolean verifyHost = true;
    private ClientAuth clientAuth = ClientAuth.NONE;
    private boolean tcpNoDelay = true;
    private int tcpSendBufferSize = defaults.getTcpSendBufferSize();
    private int tcpReceiveBufferSize = defaults.getTcpReceiveBufferSize();
    private boolean tcpKeepAlive = defaults.isTcpKeepAlive();
    private boolean reuseAddress = defaults.isReuseAddress();
    private int soLinger = defaults.getSoLinger();
    private int trafficClass = defaults.getTrafficClass();
    private int acceptBackLog = 1024;
    private int connectTimeout = 60000;

    /* loaded from: input_file:org/vertx/java/core/net/impl/TCPSSLHelper$ClientAuth.class */
    public enum ClientAuth {
        NONE,
        REQUEST,
        REQUIRED
    }

    public void checkSSL(VertxInternal vertxInternal) {
        if (this.ssl) {
            this.sslContext = createContext(vertxInternal, this.keyStorePath, this.keyStorePassword, this.trustStorePath, this.trustStorePassword, this.trustAll);
        }
    }

    public void applyConnectionOptions(ServerBootstrap serverBootstrap) {
        serverBootstrap.childOption(ChannelOption.TCP_NODELAY, Boolean.valueOf(this.tcpNoDelay));
        serverBootstrap.childOption(ChannelOption.SO_SNDBUF, Integer.valueOf(this.tcpSendBufferSize));
        serverBootstrap.childOption(ChannelOption.SO_RCVBUF, Integer.valueOf(this.tcpReceiveBufferSize));
        serverBootstrap.childOption(ChannelOption.RCVBUF_ALLOCATOR, new FixedRecvByteBufAllocator(this.tcpReceiveBufferSize));
        serverBootstrap.option(ChannelOption.SO_LINGER, Integer.valueOf(this.soLinger));
        serverBootstrap.childOption(ChannelOption.IP_TOS, Integer.valueOf(this.trafficClass));
        if (this.usePooledBuffers) {
            serverBootstrap.childOption(ChannelOption.ALLOCATOR, new PooledByteBufAllocator());
        } else {
            serverBootstrap.childOption(ChannelOption.ALLOCATOR, UnpooledByteBufAllocator.DEFAULT);
        }
        serverBootstrap.childOption(ChannelOption.SO_KEEPALIVE, Boolean.valueOf(this.tcpKeepAlive));
        serverBootstrap.option(ChannelOption.SO_REUSEADDR, Boolean.valueOf(this.reuseAddress));
        serverBootstrap.option(ChannelOption.SO_BACKLOG, Integer.valueOf(this.acceptBackLog));
    }

    public void applyConnectionOptions(Bootstrap bootstrap) {
        bootstrap.option(ChannelOption.TCP_NODELAY, Boolean.valueOf(this.tcpNoDelay));
        bootstrap.option(ChannelOption.SO_SNDBUF, Integer.valueOf(this.tcpSendBufferSize));
        bootstrap.option(ChannelOption.SO_RCVBUF, Integer.valueOf(this.tcpReceiveBufferSize));
        bootstrap.option(ChannelOption.RCVBUF_ALLOCATOR, new FixedRecvByteBufAllocator(this.tcpReceiveBufferSize));
        bootstrap.option(ChannelOption.SO_LINGER, Integer.valueOf(this.soLinger));
        bootstrap.option(ChannelOption.IP_TOS, Integer.valueOf(this.trafficClass));
        bootstrap.option(ChannelOption.CONNECT_TIMEOUT_MILLIS, Integer.valueOf(this.connectTimeout));
        bootstrap.option(ChannelOption.ALLOCATOR, new PooledByteBufAllocator());
        bootstrap.option(ChannelOption.ALLOCATOR, UnpooledByteBufAllocator.DEFAULT);
    }

    public boolean isTCPNoDelay() {
        return this.tcpNoDelay;
    }

    public int getSendBufferSize() {
        return this.tcpSendBufferSize;
    }

    public int getReceiveBufferSize() {
        return this.tcpReceiveBufferSize;
    }

    public boolean isTCPKeepAlive() {
        return this.tcpKeepAlive;
    }

    public boolean isReuseAddress() {
        return this.reuseAddress;
    }

    public int getSoLinger() {
        return this.soLinger;
    }

    public int getTrafficClass() {
        return this.trafficClass;
    }

    public void setTCPNoDelay(boolean z) {
        this.tcpNoDelay = z;
    }

    public void setSendBufferSize(int i) {
        if (i < 1) {
            throw new IllegalArgumentException("TCP send buffer size must be >= 1");
        }
        this.tcpSendBufferSize = i;
    }

    public void setReceiveBufferSize(int i) {
        if (i < 1) {
            throw new IllegalArgumentException("TCP receive buffer size must be >= 1");
        }
        this.tcpReceiveBufferSize = i;
    }

    public void setTCPKeepAlive(boolean z) {
        this.tcpKeepAlive = z;
    }

    public void setReuseAddress(boolean z) {
        this.reuseAddress = z;
    }

    public void setSoLinger(int i) {
        this.soLinger = i;
    }

    public void setTrafficClass(int i) {
        this.trafficClass = i;
    }

    public boolean isSSL() {
        return this.ssl;
    }

    public boolean isVerifyHost() {
        return this.verifyHost;
    }

    public String getKeyStorePath() {
        return this.keyStorePath;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public String getTrustStorePath() {
        return this.trustStorePath;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public ClientAuth getClientAuth() {
        return this.clientAuth;
    }

    public boolean isTrustAll() {
        return this.trustAll;
    }

    public SSLContext getSSLContext() {
        return this.sslContext;
    }

    public void setSSL(boolean z) {
        this.ssl = z;
    }

    public void setVerifyHost(boolean z) {
        this.verifyHost = z;
    }

    public void setKeyStorePath(String str) {
        this.keyStorePath = str;
    }

    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    public void setTrustStorePath(String str) {
        this.trustStorePath = str;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    public void setClientAuthRequired(boolean z) {
        this.clientAuth = z ? ClientAuth.REQUIRED : ClientAuth.NONE;
    }

    public void setTrustAll(boolean z) {
        this.trustAll = z;
    }

    public int getAcceptBacklog() {
        return this.acceptBackLog;
    }

    public int getConnectTimeout() {
        return this.connectTimeout;
    }

    public void setConnectTimeout(int i) {
        if (i < 0) {
            throw new IllegalArgumentException("connectTimeout must be >= 0");
        }
        this.connectTimeout = i;
    }

    public void setAcceptBacklog(int i) {
        if (i < 0) {
            throw new IllegalArgumentException("acceptBackLog must be >= 0");
        }
        this.acceptBackLog = i;
    }

    public void setUsePooledBuffers(boolean z) {
        this.usePooledBuffers = z;
    }

    public boolean isUsePooledBuffers() {
        return this.usePooledBuffers;
    }

    public SSLContext createContext(VertxInternal vertxInternal, String str, String str2, String str3, String str4, boolean z) {
        TrustManager[] trustMgrs;
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyManager[] keyMgrs = str == null ? null : getKeyMgrs(vertxInternal, str, str2);
            if (z) {
                trustMgrs = new TrustManager[]{createTrustAllTrustManager()};
            } else {
                trustMgrs = str3 == null ? null : getTrustMgrs(vertxInternal, str3, str4);
            }
            sSLContext.init(keyMgrs, trustMgrs, new SecureRandom());
            return sSLContext;
        } catch (Exception e) {
            log.error("Failed to create context", e);
            throw new RuntimeException(e.getMessage());
        }
    }

    private static TrustManager createTrustAllTrustManager() {
        return new X509TrustManager() { // from class: org.vertx.java.core.net.impl.TCPSSLHelper.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
    }

    private static TrustManager[] getTrustMgrs(VertxInternal vertxInternal, String str, String str2) throws Exception {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(loadStore(vertxInternal, str, str2));
        return trustManagerFactory.getTrustManagers();
    }

    private static KeyManager[] getKeyMgrs(VertxInternal vertxInternal, String str, String str2) throws Exception {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(loadStore(vertxInternal, str, str2), str2 != null ? str2.toCharArray() : null);
        return keyManagerFactory.getKeyManagers();
    }

    private static KeyStore loadStore(VertxInternal vertxInternal, String str, String str2) throws Exception {
        String adjust = PathAdjuster.adjust(vertxInternal, str);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(new File(adjust));
            keyStore.load(fileInputStream, str2 != null ? str2.toCharArray() : null);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e) {
                }
            }
            return keyStore;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }
}
