package org.wildfly.security.ssl;

import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import org.wildfly.common.Assert;
import org.wildfly.security.auth.callback.ChannelBindingCallback;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wildfly-elytron-1.15.5.Final.jar:org/wildfly/security/ssl/SSLConnection.class
 */
/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-auth-server-1.15.5.Final.jar:org/wildfly/security/ssl/SSLConnection.class */
public abstract class SSLConnection {
    SSLConnection() {
    }

    public abstract SSLSession getSession();

    public abstract boolean isClientMode();

    public byte[] getChannelBinding(String str) {
        Certificate[] certificateArr;
        X509Certificate x509Certificate;
        boolean isClientMode = isClientMode();
        boolean z = -1;
        switch (str.hashCode()) {
            case -393562458:
                if (str.equals(TLSServerEndPointChannelBinding.TLS_SERVER_ENDPOINT)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                SSLSession session = getSession();
                if (session == null) {
                    return null;
                }
                if (isClientMode) {
                    try {
                        certificateArr = session.getPeerCertificates();
                    } catch (SSLPeerUnverifiedException e) {
                        certificateArr = null;
                    }
                    x509Certificate = (certificateArr == null || certificateArr.length <= 0) ? null : (X509Certificate) certificateArr[0];
                } else {
                    Certificate[] localCertificates = session.getLocalCertificates();
                    x509Certificate = (localCertificates == null || localCertificates.length <= 0) ? null : (X509Certificate) localCertificates[0];
                }
                try {
                    return TLSServerEndPointChannelBinding.getChannelBindingData(x509Certificate);
                } catch (NoSuchAlgorithmException | CertificateEncodingException e2) {
                    return null;
                }
            default:
                return null;
        }
    }

    public void handleChannelBindingCallback(ChannelBindingCallback channelBindingCallback) {
        Assert.checkNotNullParam("callback", channelBindingCallback);
        byte[] channelBinding = getChannelBinding("tls-unique");
        if (channelBinding != null) {
            channelBindingCallback.setBindingType("tls-unique");
            channelBindingCallback.setBindingData(channelBinding);
            return;
        }
        byte[] channelBinding2 = getChannelBinding(TLSServerEndPointChannelBinding.TLS_SERVER_ENDPOINT);
        if (channelBinding2 != null) {
            channelBindingCallback.setBindingType(TLSServerEndPointChannelBinding.TLS_SERVER_ENDPOINT);
            channelBindingCallback.setBindingData(channelBinding2);
        }
    }

    public static SSLConnection forEngine(final SSLEngine sSLEngine) {
        Assert.checkNotNullParam("engine", sSLEngine);
        return new SSLConnection() { // from class: org.wildfly.security.ssl.SSLConnection.1
            @Override // org.wildfly.security.ssl.SSLConnection
            public SSLSession getSession() {
                return sSLEngine.getSession();
            }

            @Override // org.wildfly.security.ssl.SSLConnection
            public boolean isClientMode() {
                return sSLEngine.getUseClientMode();
            }
        };
    }

    public static SSLConnection forSocket(final SSLSocket sSLSocket) {
        Assert.checkNotNullParam("socket", sSLSocket);
        return new SSLConnection() { // from class: org.wildfly.security.ssl.SSLConnection.2
            @Override // org.wildfly.security.ssl.SSLConnection
            public SSLSession getSession() {
                return sSLSocket.getSession();
            }

            @Override // org.wildfly.security.ssl.SSLConnection
            public boolean isClientMode() {
                return sSLSocket.getUseClientMode();
            }
        };
    }

    public static SSLConnection forSession(final SSLSession sSLSession, final boolean z) {
        Assert.checkNotNullParam("session", sSLSession);
        return new SSLConnection() { // from class: org.wildfly.security.ssl.SSLConnection.3
            @Override // org.wildfly.security.ssl.SSLConnection
            public SSLSession getSession() {
                return sSLSession;
            }

            @Override // org.wildfly.security.ssl.SSLConnection
            public boolean isClientMode() {
                return z;
            }
        };
    }
}
