package org.wildfly.extension.elytron;

import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertificateEncodingException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.function.BiConsumer;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleOperationDefinition;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.descriptions.ResourceDescriptionResolver;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.wildfly.common.iteration.ByteIterator;
import org.wildfly.extension.elytron.SSLDefinitions;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;

/* loaded from: input_file:org/wildfly/extension/elytron/SSLSessionDefinition.class */
class SSLSessionDefinition extends SimpleResourceDefinition {
    private static final SimpleAttributeDefinition APPLICATION_BUFFER_SIZE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.APPLICATION_BUFFER_SIZE, ModelType.INT).setStorageRuntime().build();
    private static final SimpleAttributeDefinition CIPHER_SUITE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.CIPHER_SUITE, ModelType.STRING).setStorageRuntime().build();
    private static final SimpleAttributeDefinition CREATION_TIME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.CREATION_TIME, ModelType.STRING).setStorageRuntime().build();
    private static final SimpleAttributeDefinition LAST_ACCESSED_TIME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.LAST_ACCESSED_TIME, ModelType.STRING).setStorageRuntime().build();
    private static final SimpleAttributeDefinition LOCAL_PRINCIPAL = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.LOCAL_PRINCIPAL, ModelType.STRING).setStorageRuntime().build();
    private static final SimpleAttributeDefinition PACKET_BUFFER_SIZE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PACKET_BUFFER_SIZE, ModelType.INT).setStorageRuntime().build();
    private static final SimpleAttributeDefinition PEER_HOST = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PEER_HOST, ModelType.STRING).setStorageRuntime().build();
    private static final SimpleAttributeDefinition PEER_PORT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PEER_PORT, ModelType.INT).setStorageRuntime().build();
    private static final SimpleAttributeDefinition PEER_PRINCIPAL = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PEER_PRINCIPAL, ModelType.STRING).setStorageRuntime().build();
    private static final SimpleAttributeDefinition PROTOCOL = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PROTOCOL, ModelType.STRING).setStorageRuntime().build();
    private static final SimpleAttributeDefinition VALID = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.VALID, ModelType.BOOLEAN).setStorageRuntime().build();
    private static final ResourceDescriptionResolver RESOURCE_DESCRIPTION_RESOLVER = ElytronExtension.getResourceDescriptionResolver(ElytronDescriptionConstants.SERVER_SSL_CONTEXT, ElytronDescriptionConstants.SSL_SESSION);
    private static final SimpleOperationDefinition INVALIDATE = new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.INVALIDATE, RESOURCE_DESCRIPTION_RESOLVER).build();
    private boolean server;

    /* loaded from: input_file:org/wildfly/extension/elytron/SSLSessionDefinition$SSLSessionRuntimeHandler.class */
    class SSLSessionRuntimeHandler extends SSLDefinitions.SSLContextRuntimeHandler {
        private final BiConsumer<ModelNode, SSLSession> biConsumer;

        SSLSessionRuntimeHandler(BiConsumer<ModelNode, SSLSession> biConsumer) {
            this.biConsumer = biConsumer;
        }

        @Override // org.wildfly.extension.elytron.SSLDefinitions.SSLContextRuntimeHandler
        protected void performRuntime(ModelNode modelNode, ModelNode modelNode2, SSLContext sSLContext) throws OperationFailedException {
            SSLSession session = (SSLSessionDefinition.this.server ? sSLContext.getServerSessionContext() : sSLContext.getClientSessionContext()).getSession(SSLSessionDefinition.sessionId(modelNode2));
            if (session != null) {
                performRuntime(modelNode, modelNode2, session);
            }
        }

        protected void performRuntime(ModelNode modelNode, ModelNode modelNode2, SSLSession sSLSession) throws OperationFailedException {
            this.biConsumer.accept(modelNode, sSLSession);
        }

        @Override // org.wildfly.extension.elytron.SSLDefinitions.SSLContextRuntimeHandler
        protected ServiceUtil<SSLContext> getSSLContextServiceUtil() {
            return SSLSessionDefinition.this.server ? SSLDefinitions.SERVER_SERVICE_UTIL : SSLDefinitions.CLIENT_SERVICE_UTIL;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSessionDefinition(boolean z) {
        super(new SimpleResourceDefinition.Parameters(PathElement.pathElement(ElytronDescriptionConstants.SSL_SESSION), RESOURCE_DESCRIPTION_RESOLVER).setAddRestartLevel(OperationEntry.Flag.RESTART_NONE).setRemoveRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES).setRuntime());
        this.server = z;
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        managementResourceRegistration.registerReadOnlyAttribute(APPLICATION_BUFFER_SIZE, new SSLSessionRuntimeHandler((modelNode, sSLSession) -> {
            modelNode.set(sSLSession.getApplicationBufferSize());
        }));
        managementResourceRegistration.registerReadOnlyAttribute(CIPHER_SUITE, new SSLSessionRuntimeHandler((modelNode2, sSLSession2) -> {
            modelNode2.set(sSLSession2.getCipherSuite());
        }));
        managementResourceRegistration.registerReadOnlyAttribute(CREATION_TIME, new SSLSessionRuntimeHandler((modelNode3, sSLSession3) -> {
            modelNode3.set(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ").format(new Date(sSLSession3.getCreationTime())));
        }));
        managementResourceRegistration.registerReadOnlyAttribute(LAST_ACCESSED_TIME, new SSLSessionRuntimeHandler((modelNode4, sSLSession4) -> {
            modelNode4.set(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ").format(new Date(sSLSession4.getLastAccessedTime())));
        }));
        managementResourceRegistration.registerReadOnlyAttribute(CertificateChainAttributeDefinitions.getNamedCertificateList(ElytronDescriptionConstants.LOCAL_CERTIFICATES), new SSLSessionRuntimeHandler((modelNode5, sSLSession5) -> {
            try {
                CertificateChainAttributeDefinitions.writeCertificates(modelNode5, sSLSession5.getLocalCertificates());
            } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
            }
        }));
        managementResourceRegistration.registerReadOnlyAttribute(LOCAL_PRINCIPAL, new SSLSessionRuntimeHandler((modelNode6, sSLSession6) -> {
            Principal localPrincipal = sSLSession6.getLocalPrincipal();
            if (localPrincipal != null) {
                modelNode6.set(localPrincipal.toString());
            }
        }));
        managementResourceRegistration.registerReadOnlyAttribute(PACKET_BUFFER_SIZE, new SSLSessionRuntimeHandler((modelNode7, sSLSession7) -> {
            modelNode7.set(sSLSession7.getPacketBufferSize());
        }));
        managementResourceRegistration.registerReadOnlyAttribute(CertificateChainAttributeDefinitions.getNamedCertificateList(ElytronDescriptionConstants.PEER_CERTIFICATES), new SSLSessionRuntimeHandler((modelNode8, sSLSession8) -> {
            try {
                CertificateChainAttributeDefinitions.writeCertificates(modelNode8, sSLSession8.getPeerCertificates());
            } catch (NoSuchAlgorithmException | CertificateEncodingException | SSLPeerUnverifiedException e) {
            }
        }));
        managementResourceRegistration.registerReadOnlyAttribute(PEER_HOST, new SSLSessionRuntimeHandler((modelNode9, sSLSession9) -> {
            modelNode9.set(sSLSession9.getPeerHost());
        }));
        managementResourceRegistration.registerReadOnlyAttribute(PEER_PORT, new SSLSessionRuntimeHandler((modelNode10, sSLSession10) -> {
            modelNode10.set(sSLSession10.getPeerPort());
        }));
        managementResourceRegistration.registerReadOnlyAttribute(PEER_PRINCIPAL, new SSLSessionRuntimeHandler((modelNode11, sSLSession11) -> {
            try {
                Principal peerPrincipal = sSLSession11.getPeerPrincipal();
                if (peerPrincipal != null) {
                    modelNode11.set(peerPrincipal.toString());
                }
            } catch (SSLPeerUnverifiedException e) {
            }
        }));
        managementResourceRegistration.registerReadOnlyAttribute(PROTOCOL, new SSLSessionRuntimeHandler((modelNode12, sSLSession12) -> {
            modelNode12.set(sSLSession12.getProtocol());
        }));
        managementResourceRegistration.registerReadOnlyAttribute(VALID, new SSLSessionRuntimeHandler((modelNode13, sSLSession13) -> {
            modelNode13.set(sSLSession13.isValid());
        }));
    }

    public void registerOperations(ManagementResourceRegistration managementResourceRegistration) {
        super.registerOperations(managementResourceRegistration);
        managementResourceRegistration.registerOperationHandler(INVALIDATE, new SSLSessionRuntimeHandler((modelNode, sSLSession) -> {
            sSLSession.invalidate();
        }));
    }

    private static byte[] sessionId(ModelNode modelNode) {
        PathAddress pathAddress = PathAddress.pathAddress(modelNode.require("address"));
        for (int size = pathAddress.size() - 1; size > 0; size--) {
            PathElement element = pathAddress.getElement(size);
            if (ElytronDescriptionConstants.SSL_SESSION.equals(element.getKey())) {
                return ByteIterator.ofBytes(element.getValue().getBytes(StandardCharsets.UTF_8)).asUtf8String().hexDecode().drain();
            }
        }
        throw ElytronSubsystemMessages.ROOT_LOGGER.operationAddressMissingKey(ElytronDescriptionConstants.SSL_SESSION);
    }
}
