package com.pcbsys.foundation.drivers.nio;

import com.pcbsys.foundation.drivers.configuration.fBaseDriverConfig;
import com.pcbsys.foundation.drivers.configuration.fBaseSSLConfig;
import com.pcbsys.foundation.drivers.fDriver;
import com.pcbsys.foundation.drivers.fNIOManager;
import com.pcbsys.foundation.drivers.handlers.fAcceptHandler;
import com.pcbsys.foundation.drivers.nio.io.SelectorThread;
import com.pcbsys.foundation.drivers.nio.ssl.SSLChannelFactory;
import com.pcbsys.foundation.drivers.nio.ssl.SSLSelectorThread;
import com.pcbsys.foundation.fConstants;
import com.pcbsys.foundation.io.fConnectionSettings;
import com.pcbsys.foundation.security.fDriverMonitorEntry;
import com.pcbsys.foundation.threads.fTask;
import com.pcbsys.foundation.threads.fThreadPool;
import java.io.IOException;
import java.nio.channels.SocketChannel;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:com/pcbsys/foundation/drivers/nio/fSSLServerChannelDriver.class */
public class fSSLServerChannelDriver extends fServerChannelDriver {
    boolean clientRequired;

    /* loaded from: input_file:com/pcbsys/foundation/drivers/nio/fSSLServerChannelDriver$HandshakeComplete.class */
    private class HandshakeComplete extends fDriverMonitorEntry implements HandshakeCompletedListener, fTask {
        fSSLChannelDriver myChannel;
        boolean handShakeEnded;

        public HandshakeComplete(fSSLChannelDriver fsslchanneldriver) throws IOException {
            super(fsslchanneldriver);
            this.handShakeEnded = false;
            this.myChannel = fsslchanneldriver;
            fSSLServerChannelDriver.this.myConnectionMonitor.add(this);
            validate();
        }

        private void validate() throws IOException {
            if (fConstants.logger.isDebugEnabled()) {
                fConstants.logger.debug("SSL handshake starting with remote host : " + this.myChannel.myChannel.socket().getInetAddress().getHostAddress());
            }
            this.myChannel.addHandshakeCompletedListener(this);
        }

        @Override // javax.net.ssl.HandshakeCompletedListener
        public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
            synchronized (this) {
                this.handShakeEnded = true;
            }
            fSSLServerChannelDriver.this.myConnectionMonitor.remove(this);
            this.myChannel.removeHandshakeCompletedListener(this);
            try {
                if (!this.handShakeEnded) {
                    fConstants.logger.error("SSL handshake time out failure with remote host : " + this.myChannel.myChannel.socket().getInetAddress().getHostAddress());
                    try {
                        this.myChannel.close();
                    } catch (Exception e) {
                    }
                    throw new IOException("Unable to complete SSL handshake within time frame");
                }
                if (fSSLServerChannelDriver.this.clientRequired) {
                    try {
                        for (X509Certificate x509Certificate : this.myChannel.getSSLSession().getPeerCertificateChain()) {
                            x509Certificate.checkValidity();
                        }
                    } catch (Exception e2) {
                        fConstants.logger.log("SSL Peer unverified. Reason: " + e2.getMessage());
                        throw new IOException("SSL Peer unverified", e2);
                    }
                }
                fThreadPool.getCommonThreadPool().addTask(this);
            } catch (Exception e3) {
                fConstants.logger.fatal(e3);
            }
        }

        @Override // com.pcbsys.foundation.threads.fTask
        public void execute() {
            try {
                this.myChannel.setTimeout(fSSLServerChannelDriver.this.myTimeout);
                fSSLServerChannelDriver.this.completeDriverConnection(this.myChannel);
                this.myChannel.setTimeout(fConnectionSettings.sIdleSessionTimeout);
            } catch (Exception e) {
                fConstants.logger.fatal("SSL Unable to complete client driver setup for connection from " + this.myChannel.getId() + " with subject=" + this.myChannel.getSubject() + " - " + e, e);
                if (e instanceof RuntimeException) {
                    fConstants.logger.fatal(e);
                }
                try {
                    this.myChannel.close();
                } catch (Throwable th) {
                }
            }
        }

        @Override // com.pcbsys.foundation.threads.fTask
        public boolean reQueue() {
            return false;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public fSSLServerChannelDriver(fBaseDriverConfig fbasedriverconfig, fAcceptHandler faccepthandler, String str) throws IOException {
        super(fbasedriverconfig, faccepthandler, str);
        this.clientRequired = false;
        this.clientRequired = ((fBaseSSLConfig) fbasedriverconfig).getCertRequired();
    }

    @Override // com.pcbsys.foundation.drivers.nio.fServerChannelDriver, com.pcbsys.foundation.drivers.fServerDriver
    public void close() throws IOException {
        super.close();
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.pcbsys.foundation.drivers.nio.fServerChannelDriver
    protected void setupSelectors(fBaseDriverConfig fbasedriverconfig) throws IOException {
        this.myMonitor = new SelectorThread[fbasedriverconfig.getSelectorPoolSize()];
        for (int i = 0; i < this.myMonitor.length; i++) {
            this.myMonitor[i] = new SSLSelectorThread(fbasedriverconfig.getName() + " NIO Selector thread:" + i);
        }
        this.myFactory = new SSLChannelFactory((fBaseSSLConfig) fbasedriverconfig);
        this.myBufferManager = fNIOManager.getBufferManager();
    }

    @Override // com.pcbsys.foundation.drivers.nio.fServerChannelDriver
    protected fDriver createDriver(SocketChannel socketChannel) throws Exception {
        fSSLChannelDriver fsslchanneldriver = new fSSLChannelDriver(socketChannel, this.myContext, this.myMonitor[this.mySelectorIdx], this.myBufferManager[this.myBufferIdx], this.myFactory);
        fsslchanneldriver.setRequireClientAuth(this.clientRequired);
        this.mySelectorIdx++;
        if (this.mySelectorIdx == this.myMonitor.length) {
            this.mySelectorIdx = 0;
        }
        this.myBufferIdx++;
        if (this.myBufferIdx == this.myBufferManager.length) {
            this.myBufferIdx = 0;
        }
        fsslchanneldriver.setProtocolId(this.myProtocolId);
        return fsslchanneldriver;
    }

    @Override // com.pcbsys.foundation.drivers.nio.fServerChannelDriver, com.pcbsys.foundation.drivers.fServerDriver
    public boolean validate(fDriver fdriver) throws IOException {
        new HandshakeComplete((fSSLChannelDriver) fdriver);
        return false;
    }
}
