package com.facebook.nifty.ssl;

import com.facebook.nifty.ssl.SslServerConfiguration;
import com.google.common.base.Throwables;
import com.google.common.collect.ImmutableList;
import java.io.File;
import java.util.Arrays;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import org.apache.tomcat.jni.SessionTicketKey;

/* loaded from: input_file:com/facebook/nifty/ssl/OpenSslServerConfiguration.class */
public class OpenSslServerConfiguration extends SslServerConfiguration {
    public final SessionTicketKey[] ticketKeys;
    public final byte[] sessionContext;
    public final long sessionTimeoutSeconds;
    public final long sessionCacheSize;
    public final boolean enableStatefulSessionCache;
    public final int maxSslBufferBytes;
    public final boolean preallocateSslBuffer;
    public final boolean threadLocalSslBuffer;
    public final SSLVersion sslVersion;
    public final Iterable<String> nextProtocols;
    public final File clientCAFile;
    public final SSLVerification sslVerification;

    /* loaded from: input_file:com/facebook/nifty/ssl/OpenSslServerConfiguration$Builder.class */
    public static class Builder extends SslServerConfiguration.BuilderBase<Builder> {
        public SessionTicketKey[] ticketKeys;
        public File clientCAFile;
        public String sessionContext = "thrift";
        public long sessionTimeoutSeconds = 86400;
        public long sessionCacheSize = 0;
        public boolean enableStatefulSessionCache = true;
        public int maxSslBufferBytes = 19267584;
        public boolean preallocateSslBuffer = true;
        public boolean threadLocalSslBuffer = false;
        public SSLVersion sslVersion = SSLVersion.TLS1_2;
        public Iterable<String> nextProtocols = ImmutableList.of("thrift");
        public SSLVerification sslVerification = SSLVerification.VERIFY_OPTIONAL;

        public Builder() {
            this.ciphers = SslDefaults.SERVER_DEFAULTS;
        }

        public Builder ticketKeys(SessionTicketKey[] sessionTicketKeyArr) {
            this.ticketKeys = sessionTicketKeyArr == null ? null : (SessionTicketKey[]) Arrays.copyOf(sessionTicketKeyArr, sessionTicketKeyArr.length);
            return this;
        }

        public Builder nextProtocols(Iterable<String> iterable) {
            this.nextProtocols = ImmutableList.copyOf(iterable);
            return this;
        }

        public Builder sessionContext(String str) {
            this.sessionContext = str;
            return this;
        }

        public Builder sessionTimeoutSeconds(long j) {
            this.sessionTimeoutSeconds = j;
            return this;
        }

        public Builder sessionCacheSize(long j) {
            this.sessionCacheSize = j;
            return this;
        }

        public Builder sslVersion(SSLVersion sSLVersion) {
            this.sslVersion = sSLVersion;
            return this;
        }

        public Builder enableStatefulSessionCache(boolean z) {
            this.enableStatefulSessionCache = z;
            return this;
        }

        public Builder maxSslBufferBytes(int i) {
            this.maxSslBufferBytes = i;
            return this;
        }

        public Builder preallocateSslBuffer(boolean z) {
            this.preallocateSslBuffer = z;
            return this;
        }

        public Builder threadLocalSslBuffer(boolean z) {
            this.threadLocalSslBuffer = z;
            return this;
        }

        /* renamed from: initFromConfiguration, reason: merged with bridge method [inline-methods] */
        public Builder m98initFromConfiguration(SslServerConfiguration sslServerConfiguration) {
            super.initFromConfiguration(sslServerConfiguration);
            if (!(sslServerConfiguration instanceof OpenSslServerConfiguration)) {
                throw new IllegalArgumentException("Provided configuration is not an OpenSslServerConfiguration");
            }
            OpenSslServerConfiguration openSslServerConfiguration = (OpenSslServerConfiguration) sslServerConfiguration;
            ticketKeys(openSslServerConfiguration.ticketKeys);
            sessionContext(new String(openSslServerConfiguration.sessionContext));
            sessionTimeoutSeconds(openSslServerConfiguration.sessionTimeoutSeconds);
            sessionCacheSize(openSslServerConfiguration.sessionCacheSize);
            enableStatefulSessionCache(openSslServerConfiguration.enableStatefulSessionCache);
            maxSslBufferBytes(openSslServerConfiguration.maxSslBufferBytes);
            preallocateSslBuffer(openSslServerConfiguration.preallocateSslBuffer);
            threadLocalSslBuffer(openSslServerConfiguration.threadLocalSslBuffer);
            sslVersion(openSslServerConfiguration.sslVersion);
            nextProtocols(openSslServerConfiguration.nextProtocols);
            clientCAFile(openSslServerConfiguration.clientCAFile);
            sslVerification(openSslServerConfiguration.sslVerification);
            return this;
        }

        public Builder clientCAFile(File file) {
            this.clientCAFile = file;
            return this;
        }

        public Builder sslVerification(SSLVerification sSLVerification) {
            this.sslVerification = sSLVerification;
            return this;
        }

        protected SslServerConfiguration createServerConfiguration() {
            OpenSslServerConfiguration openSslServerConfiguration = new OpenSslServerConfiguration(this);
            openSslServerConfiguration.initializeServerContext();
            return openSslServerConfiguration;
        }
    }

    /* loaded from: input_file:com/facebook/nifty/ssl/OpenSslServerConfiguration$SSLVerification.class */
    public enum SSLVerification {
        VERIFY_NONE(0),
        VERIFY_OPTIONAL(1),
        VERIFY_REQUIRE(2),
        VERIFY_OPTIONAL_NO_CA(3);

        private final int id;

        SSLVerification(int i) {
            this.id = i;
        }

        public int getValue() {
            return this.id;
        }
    }

    /* loaded from: input_file:com/facebook/nifty/ssl/OpenSslServerConfiguration$SSLVersion.class */
    public enum SSLVersion {
        TLS(30),
        TLS1_2(16);

        private final int id;

        SSLVersion(int i) {
            this.id = i;
        }

        public int getValue() {
            return this.id;
        }
    }

    private OpenSslServerConfiguration(Builder builder) {
        super(builder);
        this.ticketKeys = builder.ticketKeys;
        this.sessionContext = builder.sessionContext.getBytes();
        this.sessionTimeoutSeconds = builder.sessionTimeoutSeconds;
        this.sessionCacheSize = builder.sessionCacheSize;
        this.enableStatefulSessionCache = builder.enableStatefulSessionCache;
        this.maxSslBufferBytes = builder.maxSslBufferBytes;
        this.preallocateSslBuffer = builder.preallocateSslBuffer;
        this.threadLocalSslBuffer = builder.threadLocalSslBuffer;
        this.sslVersion = builder.sslVersion;
        this.nextProtocols = builder.nextProtocols;
        this.clientCAFile = builder.clientCAFile;
        this.sslVerification = builder.sslVerification;
    }

    public static Builder newBuilder() {
        return new Builder();
    }

    protected SslHandlerFactory createSslHandlerFactory() {
        NettyTcNativeLoader.ensureAvailable();
        try {
            NiftyOpenSslServerContext niftyOpenSslServerContext = new NiftyOpenSslServerContext(this);
            if (this.ticketKeys != null) {
                niftyOpenSslServerContext.setTicketKeys(this.ticketKeys);
            }
            niftyOpenSslServerContext.setSessionIdContext(this.sessionContext);
            niftyOpenSslServerContext.setSessionCacheTimeout(this.sessionTimeoutSeconds);
            return niftyOpenSslServerContext;
        } catch (Exception e) {
            throw Throwables.propagate(e);
        }
    }

    public SslSession getSession(SSLEngine sSLEngine) throws SSLException {
        return OpenSslSessionHelper.getSession(sSLEngine);
    }
}
