package pt.unl.fct.di.novasys.network.tls.pipeline;

import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.EventLoop;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslHandshakeCompletionEvent;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider;
import pt.unl.fct.di.novasys.network.NetworkManager;
import pt.unl.fct.di.novasys.network.data.Attributes;
import pt.unl.fct.di.novasys.network.listeners.InConnListener;
import pt.unl.fct.di.novasys.network.listeners.MessageListener;
import pt.unl.fct.di.novasys.network.pipeline.InConnectionHandler;
import pt.unl.fct.di.novasys.network.pipeline.MessageDecoder;
import pt.unl.fct.di.novasys.network.pipeline.MessageEncoder;
import pt.unl.fct.di.novasys.network.security.X509IKeyManager;
import pt.unl.fct.di.novasys.network.security.X509ITrustManager;
import pt.unl.fct.di.novasys.network.tls.TLSChannelHandlerFactory;
import pt.unl.fct.di.novasys.network.tls.userevents.PreTLSHandshakeCompleted;

/* loaded from: input_file:pt/unl/fct/di/novasys/network/tls/pipeline/InTLSConnectionHandler.class */
public class InTLSConnectionHandler<T> extends InConnectionHandler<T> {
    private static final Logger logger = LogManager.getLogger((Class<?>) InTLSConnectionHandler.class);
    private X509IKeyManager keyManager;
    private X509ITrustManager trustManager;

    public InTLSConnectionHandler(long j, InConnListener<T> inConnListener, MessageListener<T> messageListener, EventLoop eventLoop, Attributes attributes, MessageEncoder<T> messageEncoder, MessageDecoder<T> messageDecoder, X509IKeyManager x509IKeyManager, X509ITrustManager x509ITrustManager) {
        super(j, inConnListener, messageListener, eventLoop, attributes, messageEncoder, messageDecoder);
        this.keyManager = x509IKeyManager;
        this.trustManager = x509ITrustManager;
    }

    @Override // pt.unl.fct.di.novasys.network.pipeline.InConnectionHandler, pt.unl.fct.di.novasys.network.pipeline.ConnectionHandler
    public void internalUserEventTriggered(ChannelHandlerContext channelHandlerContext, Object obj) {
        if (!(obj instanceof PreTLSHandshakeCompleted)) {
            if (!logger.isWarnEnabled() || (obj instanceof SslHandshakeCompletionEvent)) {
                return;
            }
            logger.warn("Unknown user event caught: " + String.valueOf(obj));
            return;
        }
        PreTLSHandshakeCompleted preTLSHandshakeCompleted = (PreTLSHandshakeCompleted) obj;
        this.peerAttributes = preTLSHandshakeCompleted.getAttr();
        logger.debug("Pre TLS in handshake completed from: " + String.valueOf(this.peer));
        try {
            addAndWaitTLSHandler(channelHandlerContext, preTLSHandshakeCompleted.getSelectedId(), preTLSHandshakeCompleted.getPeerId());
        } catch (Exception e) {
            logger.error("SSLHandler creation in connection to {} failed with exception: {}", this.peer, e);
            exceptionCaught(channelHandlerContext, e);
        }
    }

    private void addAndWaitTLSHandler(ChannelHandlerContext channelHandlerContext, byte[] bArr, byte[] bArr2) throws Exception {
        SslHandler newHandler = SslContextBuilder.forServer(this.keyManager.getPrivateKey(bArr), this.keyManager.getCertificateChain(bArr)).trustManager(this.trustManager.singleTrustManager(bArr2)).clientAuth(ClientAuth.REQUIRE).sslContextProvider(new BouncyCastleJsseProvider()).startTls(true).build().newHandler(channelHandlerContext.alloc(), this.peer.getAddress().getHostAddress(), this.peer.getPort(), this.loop);
        newHandler.handshakeFuture().addListener2(future -> {
            this.loop.execute(() -> {
                if (!future.isSuccess()) {
                    exceptionCaught(channelHandlerContext, future.cause());
                } else {
                    this.outsideUp = true;
                    this.listener.inboundConnectionUp(this);
                }
            });
        });
        if (NetworkManager.IDLE_HANDLER_NAME.equals(channelHandlerContext.pipeline().names().getFirst())) {
            channelHandlerContext.pipeline().addAfter(NetworkManager.IDLE_HANDLER_NAME, TLSChannelHandlerFactory.TLS_HANDLER_NAME, newHandler);
        } else {
            channelHandlerContext.pipeline().addFirst(TLSChannelHandlerFactory.TLS_HANDLER_NAME, newHandler);
        }
    }

    @Override // pt.unl.fct.di.novasys.network.pipeline.InConnectionHandler
    public String toString() {
        return "InTLSConnectionHandler{peer=" + String.valueOf(this.peer) + ", attributes=" + String.valueOf(this.peerAttributes) + ", channel=" + String.valueOf(this.channel) + "}";
    }
}
