package io.gatling.http.util;

import com.typesafe.scalalogging.Logger;
import com.typesafe.scalalogging.StrictLogging;
import io.gatling.core.config.HttpConfiguration;
import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.IdentityCipherSuiteFilter;
import io.netty.handler.ssl.JdkSslContext;
import io.netty.handler.ssl.OpenSsl;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Some;
import scala.collection.JavaConverters$;
import scala.collection.mutable.ArrayOps;
import scala.concurrent.duration.Duration$;
import scala.reflect.ClassTag$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;

/* compiled from: SslContexts.scala */
@ScalaSignature(bytes = "\u0006\u0001\u0005\u001dsA\u0002\f\u0018\u0011\u0003IrD\u0002\u0004\"/!\u0005\u0011D\t\u0005\u0006S\u0005!\ta\u000b\u0005\bY\u0005\u0011\r\u0011\"\u0003.\u0011\u00191\u0014\u0001)A\u0005]!9q'\u0001b\u0001\n\u0013A\u0004BB\"\u0002A\u0003%\u0011HB\u0003\"/\u0001YB\t\u0003\u0005P\u000f\t\u0005\t\u0015!\u0003Q\u0011\u0015Is\u0001\"\u0001Y\u0011\u001dYvA1A\u0005\nqCa\u0001Y\u0004!\u0002\u0013i\u0006bB1\b\u0005\u0004%IA\u0019\u0005\u0007c\u001e\u0001\u000b\u0011B2\t\u000fI<!\u0019!C\u0005g\"1\u0011p\u0002Q\u0001\nQDqA_\u0004C\u0002\u0013%1\u0010\u0003\u0004��\u000f\u0001\u0006I\u0001 \u0005\t\u0003\u00039!\u0019!C\u0005w\"9\u00111A\u0004!\u0002\u0013a\bbBA\u0003\u000f\u0011\u0005\u0011q\u0001\u0005\b\u0003_9A\u0011BA\u0019\u0003I\u00196\u000f\\\"p]R,\u0007\u0010^:GC\u000e$xN]=\u000b\u0005aI\u0012\u0001B;uS2T!AG\u000e\u0002\t!$H\u000f\u001d\u0006\u00039u\tqaZ1uY&twMC\u0001\u001f\u0003\tIw\u000e\u0005\u0002!\u00035\tqC\u0001\nTg2\u001cuN\u001c;fqR\u001ch)Y2u_JL8CA\u0001$!\t!s%D\u0001&\u0015\u00051\u0013!B:dC2\f\u0017B\u0001\u0015&\u0005\u0019\te.\u001f*fM\u00061A(\u001b8jiz\u001a\u0001\u0001F\u0001 \u0003Y!UMZ1vYR\u001c6\u000f\\*fGV\u0014XMU1oI>lW#\u0001\u0018\u0011\u0005=\"T\"\u0001\u0019\u000b\u0005E\u0012\u0014\u0001C:fGV\u0014\u0018\u000e^=\u000b\u0003M\nAA[1wC&\u0011Q\u0007\r\u0002\r'\u0016\u001cWO]3SC:$w.\\\u0001\u0018\t\u00164\u0017-\u001e7u'Nd7+Z2ve\u0016\u0014\u0016M\u001c3p[\u0002\n1!\u00119o+\u0005I\u0004C\u0001\u001eB\u001b\u0005Y$B\u0001\u001f>\u0003\r\u00198\u000f\u001c\u0006\u0003}}\nq\u0001[1oI2,'O\u0003\u0002A;\u0005)a.\u001a;us&\u0011!i\u000f\u0002\u001a\u0003B\u0004H.[2bi&|g\u000e\u0015:pi>\u001cw\u000e\\\"p]\u001aLw-\u0001\u0003Ba:\u00043cA\u0004$\u000bB\u0011a)T\u0007\u0002\u000f*\u0011\u0001*S\u0001\rg\u000e\fG.\u00197pO\u001eLgn\u001a\u0006\u0003\u0015.\u000b\u0001\u0002^=qKN\fg-\u001a\u0006\u0002\u0019\u0006\u00191m\\7\n\u00059;%!D*ue&\u001cG\u000fT8hO&tw-\u0001\u0006iiR\u00048i\u001c8gS\u001e\u0004\"!\u0015,\u000e\u0003IS!a\u0015+\u0002\r\r|gNZ5h\u0015\t)6$\u0001\u0003d_J,\u0017BA,S\u0005EAE\u000f\u001e9D_:4\u0017nZ;sCRLwN\u001c\u000b\u00033j\u0003\"\u0001I\u0004\t\u000b=K\u0001\u0019\u0001)\u00021M\u001cHnU3tg&|g\u000eV5nK>,HoU3d_:$7/F\u0001^!\t!c,\u0003\u0002`K\t!Aj\u001c8h\u0003e\u00198\u000f\\*fgNLwN\u001c+j[\u0016|W\u000f^*fG>tGm\u001d\u0011\u0002!\u0015t\u0017M\u00197fIB\u0013x\u000e^8d_2\u001cX#A2\u0011\u0007\u0011\"g-\u0003\u0002fK\t)\u0011I\u001d:bsB\u0011qM\u001c\b\u0003Q2\u0004\"![\u0013\u000e\u0003)T!a\u001b\u0016\u0002\rq\u0012xn\u001c;?\u0013\tiW%\u0001\u0004Qe\u0016$WMZ\u0005\u0003_B\u0014aa\u0015;sS:<'BA7&\u0003E)g.\u00192mK\u0012\u0004&o\u001c;pG>d7\u000fI\u0001\u0014K:\f'\r\\3e\u0007&\u0004\b.\u001a:Tk&$Xm]\u000b\u0002iB\u0019Qo\u001e4\u000e\u0003YT!\u0001\u0007\u001a\n\u0005a4(\u0001\u0002'jgR\fA#\u001a8bE2,GmQ5qQ\u0016\u00148+^5uKN\u0004\u0013AC;tK>\u0003XM\\*tYV\tA\u0010\u0005\u0002%{&\u0011a0\n\u0002\b\u0005>|G.Z1o\u0003-)8/Z(qK:\u001c6\u000f\u001c\u0011\u0002)U\u001cXm\u00149f]N\u001bHNR5oC2L'0\u001a:t\u0003U)8/Z(qK:\u001c6\u000f\u001c$j]\u0006d\u0017N_3sg\u0002\naB\\3x'Nd7i\u001c8uKb$8\u000f\u0006\u0004\u0002\n\u0005=\u00111\u0003\t\u0004A\u0005-\u0011bAA\u0007/\tY1k\u001d7D_:$X\r\u001f;t\u0011\u0019\t\t\u0002\u0006a\u0001y\u0006a\u0001\u000e\u001e;qe\u0015s\u0017M\u00197fI\"9\u0011Q\u0003\u000bA\u0002\u0005]\u0011\u0001\u00079feV\u001bXM]&fs6\u000bg.Y4fe\u001a\u000b7\r^8ssB)A%!\u0007\u0002\u001e%\u0019\u00111D\u0013\u0003\r=\u0003H/[8o!\u0011\ty\"a\u000b\u000e\u0005\u0005\u0005\"b\u0001\u001f\u0002$)!\u0011QEA\u0014\u0003\rqW\r\u001e\u0006\u0003\u0003S\tQA[1wCbLA!!\f\u0002\"\t\t2*Z=NC:\fw-\u001a:GC\u000e$xN]=\u0002!9,wO\u00133l'Nd7i\u001c8uKb$HCBA\u001a\u0003s\t\u0019\u0005E\u0002;\u0003kI1!a\u000e<\u0005)\u00196\u000f\\\"p]R,\u0007\u0010\u001e\u0005\b\u0003w)\u0002\u0019AA\u001f\u00035QGm[*tY\u000e{g\u000e^3yiB!\u0011qDA \u0013\u0011\t\t%!\t\u0003\u0015M\u001bFjQ8oi\u0016DH\u000f\u0003\u0004\u0002FU\u0001\r!O\u0001\u0004CBt\u0007")
/* loaded from: input_file:io/gatling/http/util/SslContextsFactory.class */
public class SslContextsFactory implements StrictLogging {
    private final HttpConfiguration httpConfig;
    private final long sslSessionTimeoutSeconds;
    private final String[] enabledProtocols;
    private final List<String> enabledCipherSuites;
    private final boolean useOpenSsl;
    private final boolean useOpenSslFinalizers;
    private final Logger logger;

    public Logger logger() {
        return this.logger;
    }

    public void com$typesafe$scalalogging$StrictLogging$_setter_$logger_$eq(Logger logger) {
        this.logger = logger;
    }

    private long sslSessionTimeoutSeconds() {
        return this.sslSessionTimeoutSeconds;
    }

    private String[] enabledProtocols() {
        return this.enabledProtocols;
    }

    private List<String> enabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    private boolean useOpenSsl() {
        return this.useOpenSsl;
    }

    private boolean useOpenSslFinalizers() {
        return this.useOpenSslFinalizers;
    }

    public SslContexts newSslContexts(boolean z, Option<KeyManagerFactory> option) {
        Option orElse = option.orElse(() -> {
            return this.httpConfig.ssl().keyManagerFactory();
        });
        Option orElse2 = this.httpConfig.ssl().trustManagerFactory().orElse(() -> {
            return this.httpConfig.advanced().useInsecureTrustManager() ? new Some(InsecureTrustManagerFactory.INSTANCE) : None$.MODULE$;
        });
        if (!useOpenSsl()) {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init((KeyManager[]) orElse.map(keyManagerFactory -> {
                return keyManagerFactory.getKeyManagers();
            }).orNull(Predef$.MODULE$.$conforms()), (TrustManager[]) orElse2.map(trustManagerFactory -> {
                return trustManagerFactory.getTrustManagers();
            }).orNull(Predef$.MODULE$.$conforms()), SslContextsFactory$.MODULE$.io$gatling$http$util$SslContextsFactory$$DefaultSslSecureRandom());
            return new SslContexts(newJdkSslContext(sSLContext, null), z ? new Some(newJdkSslContext(sSLContext, SslContextsFactory$.MODULE$.io$gatling$http$util$SslContextsFactory$$Apn())) : None$.MODULE$);
        }
        SslContextBuilder sslProvider = SslContextBuilder.forClient().sslProvider(useOpenSslFinalizers() ? SslProvider.OPENSSL : SslProvider.OPENSSL_REFCNT);
        if (this.httpConfig.advanced().sslSessionCacheSize() > 0) {
            sslProvider.sessionCacheSize(this.httpConfig.advanced().sslSessionCacheSize());
        } else {
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        }
        if (this.httpConfig.advanced().sslSessionTimeout().$greater(Duration$.MODULE$.Zero())) {
            sslProvider.sessionTimeout(sslSessionTimeoutSeconds());
        } else {
            BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
        }
        if (new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(enabledProtocols())).nonEmpty()) {
            sslProvider.protocols(enabledProtocols());
        } else {
            BoxedUnit boxedUnit3 = BoxedUnit.UNIT;
        }
        if (this.httpConfig.advanced().sslEnabledCipherSuites().nonEmpty()) {
            sslProvider.ciphers(enabledCipherSuites());
        } else {
            sslProvider.ciphers((Iterable) null, IdentityCipherSuiteFilter.INSTANCE_DEFAULTING_TO_SUPPORTED_CIPHERS);
        }
        orElse.foreach(keyManagerFactory2 -> {
            return sslProvider.keyManager(keyManagerFactory2);
        });
        orElse2.foreach(trustManagerFactory2 -> {
            return sslProvider.trustManager(trustManagerFactory2);
        });
        return new SslContexts(sslProvider.build(), z ? new Some(sslProvider.applicationProtocolConfig(SslContextsFactory$.MODULE$.io$gatling$http$util$SslContextsFactory$$Apn()).build()) : None$.MODULE$);
    }

    private SslContext newJdkSslContext(SSLContext sSLContext, ApplicationProtocolConfig applicationProtocolConfig) {
        return new JdkSslContext(sSLContext, true, enabledCipherSuites().isEmpty() ? null : enabledCipherSuites(), IdentityCipherSuiteFilter.INSTANCE_DEFAULTING_TO_SUPPORTED_CIPHERS, applicationProtocolConfig, ClientAuth.NONE, new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(enabledProtocols())).nonEmpty() ? enabledProtocols() : null, false);
    }

    public SslContextsFactory(HttpConfiguration httpConfiguration) {
        boolean z;
        this.httpConfig = httpConfiguration;
        StrictLogging.$init$(this);
        this.sslSessionTimeoutSeconds = httpConfiguration.advanced().sslSessionTimeout().toSeconds();
        this.enabledProtocols = (String[]) httpConfiguration.advanced().sslEnabledProtocols().toArray(ClassTag$.MODULE$.apply(String.class));
        this.enabledCipherSuites = (List) JavaConverters$.MODULE$.seqAsJavaListConverter(httpConfiguration.advanced().sslEnabledCipherSuites()).asJava();
        if (httpConfiguration.advanced().useOpenSsl()) {
            boolean isAvailable = OpenSsl.isAvailable();
            if (isAvailable) {
                BoxedUnit boxedUnit = BoxedUnit.UNIT;
            } else if (logger().underlying().isErrorEnabled()) {
                logger().underlying().error("OpenSSL is enabled in the Gatling configuration but it's not available on your architecture.");
                BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
            } else {
                BoxedUnit boxedUnit3 = BoxedUnit.UNIT;
            }
            z = isAvailable;
        } else {
            z = false;
        }
        this.useOpenSsl = z;
        this.useOpenSslFinalizers = httpConfiguration.advanced().useOpenSslFinalizers();
    }
}
