package xworker.netty.handlers.ssl;

import io.netty.channel.Channel;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslProvider;
import java.io.File;
import java.security.cert.CertificateException;
import java.util.List;
import javax.net.ssl.SSLException;
import org.xmeta.ActionContext;
import org.xmeta.Thing;

/* loaded from: input_file:xworker/netty/handlers/ssl/NettySSLHandler.class */
public class NettySSLHandler {
    public static Object createClientHandler(ActionContext actionContext) throws SSLException {
        return createHandler(false, actionContext);
    }

    public static Object createServerHandler(ActionContext actionContext) throws SSLException, CertificateException {
        return createHandler(true, actionContext);
    }

    public static SslHandler createHandler(boolean z, ActionContext actionContext) throws SSLException {
        SslContextBuilder forClient;
        Thing thing = (Thing) actionContext.getObject("self");
        SslContext sslContext = (SslContext) thing.getCachedData("__sslCTX__");
        if (sslContext == null) {
            File file = (File) thing.doAction("getKeyCertChainFile", actionContext);
            File file2 = (File) thing.doAction("getKeyFile", actionContext);
            String str = (String) thing.doAction("getKeyPassword", actionContext);
            if (z) {
                forClient = (str == null || "".equals(str)) ? SslContextBuilder.forServer(file, file2) : SslContextBuilder.forServer(file, file2, str);
            } else {
                forClient = SslContextBuilder.forClient();
                if (file != null && file2 != null) {
                    if (str == null || "".equals(str)) {
                        forClient.keyManager(file, file2);
                    } else {
                        forClient.keyManager(file, file2, str);
                    }
                }
            }
            String[] strArr = (String[]) thing.doAction("getProtocols", actionContext);
            if (strArr != null) {
                forClient.protocols(strArr);
            }
            List list = (List) thing.doAction("getCiphers", actionContext);
            if (list != null && list.size() > 0) {
                forClient.ciphers(list);
            }
            String str2 = (String) thing.doAction("getClientAuth", actionContext);
            if ("NONE".equals(str2)) {
                forClient.clientAuth(ClientAuth.NONE);
            } else if ("OPTIONAL".equals(str2)) {
                forClient.clientAuth(ClientAuth.OPTIONAL);
            } else if ("REQUIRE".equals(str2)) {
                forClient.clientAuth(ClientAuth.REQUIRE);
            }
            Boolean bool = (Boolean) thing.doAction("getEnableOcsp", actionContext);
            if (bool != null) {
                forClient.enableOcsp(bool.booleanValue());
            }
            long longValue = ((Long) thing.doAction("getSessionCacheSize", actionContext)).longValue();
            if (longValue > 0) {
                forClient.sessionCacheSize(longValue);
            }
            long longValue2 = ((Long) thing.doAction("getSessionTimeout", actionContext)).longValue();
            if (longValue2 > 0) {
                forClient.sessionTimeout(longValue2);
            }
            String str3 = (String) thing.doAction("getSslProvider", actionContext);
            if ("JDK".equals(str3)) {
                forClient.sslProvider(SslProvider.JDK);
            } else if ("OPENSSL".equals(str3)) {
                forClient.sslProvider(SslProvider.OPENSSL);
            } else if ("OPENSSL_REFCNT".equals(str3)) {
                forClient.sslProvider(SslProvider.OPENSSL_REFCNT);
            }
            File file3 = (File) thing.doAction("getTrustCertCollectionFile", actionContext);
            if (file3 != null) {
                forClient.trustManager(file3);
            }
            thing.doAction("init", actionContext, new Object[]{"builder", forClient});
            sslContext = forClient.build();
            thing.setCachedData("__sslCTX__", sslContext);
        }
        Channel channel = (Channel) actionContext.getObject("channel");
        if (z) {
            return sslContext.newHandler(channel.alloc());
        }
        String str4 = (String) thing.doAction("getHost", actionContext);
        int intValue = ((Integer) thing.doAction("getPort", actionContext)).intValue();
        return (str4 == null || intValue <= 0) ? sslContext.newHandler(channel.alloc()) : sslContext.newHandler(channel.alloc(), str4, intValue);
    }
}
