package akka.stream.scaladsl;

import akka.NotUsed;
import akka.actor.ActorSystem;
import akka.stream.Attributes$;
import akka.stream.Client$;
import akka.stream.ConnectionException;
import akka.stream.IgnoreComplete$;
import akka.stream.TLSClosing;
import akka.stream.TLSProtocol;
import akka.stream.TLSRole;
import akka.stream.impl.io.TlsModule$;
import akka.stream.impl.io.TlsUtils$;
import akka.util.ByteString;
import com.typesafe.sslconfig.akka.AkkaSSLConfig;
import com.typesafe.sslconfig.akka.AkkaSSLConfig$;
import java.util.Collections;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import scala.Function0;
import scala.Function1;
import scala.Function2;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Some;
import scala.Tuple2;
import scala.runtime.BoxedUnit;
import scala.util.Failure;
import scala.util.Success;
import scala.util.Try;

/* compiled from: TLS.scala */
/* loaded from: input_file:BOOT-INF/lib/akka-stream_2.13-2.6.12.jar:akka/stream/scaladsl/TLS$.class */
public final class TLS$ {
    public static final TLS$ MODULE$ = new TLS$();

    public BidiFlow<TLSProtocol.SslTlsOutbound, ByteString, ByteString, TLSProtocol.SslTlsInbound, NotUsed> apply(SSLContext sSLContext, Option<AkkaSSLConfig> option, TLSProtocol.NegotiateNewSession negotiateNewSession, TLSRole tLSRole, TLSClosing tLSClosing, Option<Tuple2<String, Object>> option2) {
        return BidiFlow$.MODULE$.fromGraph(TlsModule$.MODULE$.apply(Attributes$.MODULE$.none(), actorSystem -> {
            SSLEngine createSSLEngine;
            TLSProtocol.NegotiateNewSession negotiateNewSession2;
            TLSProtocol.NegotiateNewSession negotiateNewSession3;
            TLSProtocol.NegotiateNewSession negotiateNewSession4;
            Tuple2 tuple2;
            AkkaSSLConfig theSslConfig$1 = theSslConfig$1(actorSystem, option);
            if ((option2 instanceof Some) && (tuple2 = (Tuple2) ((Some) option2).value()) != null) {
                String str = (String) tuple2.mo15132_1();
                int _2$mcI$sp = tuple2._2$mcI$sp();
                if (!theSslConfig$1.config().loose().disableSNI()) {
                    createSSLEngine = sSLContext.createSSLEngine(str, _2$mcI$sp);
                    SSLEngine sSLEngine = createSSLEngine;
                    theSslConfig$1.sslEngineConfigurator().configure(sSLEngine, sSLContext);
                    Client$ client$ = Client$.MODULE$;
                    sSLEngine.setUseClientMode(tLSRole == null ? tLSRole.equals(client$) : client$ == null);
                    if (negotiateNewSession.sslParameters().isDefined() || !option2.isDefined() || theSslConfig$1.config().loose().disableSNI()) {
                        negotiateNewSession2 = negotiateNewSession;
                    } else {
                        SSLParameters cloneParameters = TlsUtils$.MODULE$.cloneParameters(negotiateNewSession.sslParameters().get());
                        cloneParameters.setServerNames(Collections.singletonList(new SNIHostName((String) ((Tuple2) option2.get()).mo15132_1())));
                        negotiateNewSession2 = negotiateNewSession.copy(negotiateNewSession.copy$default$1(), negotiateNewSession.copy$default$2(), negotiateNewSession.copy$default$3(), new Some(cloneParameters));
                    }
                    negotiateNewSession3 = negotiateNewSession2;
                    if (option2.isDefined() || !theSslConfig$1.useJvmHostnameVerification()) {
                        negotiateNewSession4 = negotiateNewSession3;
                    } else {
                        SSLParameters sSLParameters = (SSLParameters) negotiateNewSession3.sslParameters().map(sSLParameters2 -> {
                            return TlsUtils$.MODULE$.cloneParameters(sSLParameters2);
                        }).getOrElse(() -> {
                            return new SSLParameters();
                        });
                        sSLParameters.setEndpointIdentificationAlgorithm("HTTPS");
                        negotiateNewSession4 = negotiateNewSession3.copy(negotiateNewSession3.copy$default$1(), negotiateNewSession3.copy$default$2(), negotiateNewSession3.copy$default$3(), new Some(sSLParameters));
                    }
                    TlsUtils$.MODULE$.applySessionParameters(sSLEngine, negotiateNewSession4);
                    return sSLEngine;
                }
            }
            createSSLEngine = sSLContext.createSSLEngine();
            SSLEngine sSLEngine2 = createSSLEngine;
            theSslConfig$1.sslEngineConfigurator().configure(sSLEngine2, sSLContext);
            Client$ client$2 = Client$.MODULE$;
            sSLEngine2.setUseClientMode(tLSRole == null ? tLSRole.equals(client$2) : client$2 == null);
            if (negotiateNewSession.sslParameters().isDefined()) {
            }
            negotiateNewSession2 = negotiateNewSession;
            negotiateNewSession3 = negotiateNewSession2;
            if (option2.isDefined()) {
            }
            negotiateNewSession4 = negotiateNewSession3;
            TlsUtils$.MODULE$.applySessionParameters(sSLEngine2, negotiateNewSession4);
            return sSLEngine2;
        }, verifySession$1(option2, option), tLSClosing));
    }

    public BidiFlow<TLSProtocol.SslTlsOutbound, ByteString, ByteString, TLSProtocol.SslTlsInbound, NotUsed> apply(SSLContext sSLContext, TLSProtocol.NegotiateNewSession negotiateNewSession, TLSRole tLSRole, TLSClosing tLSClosing, Option<Tuple2<String, Object>> option) {
        return apply(sSLContext, None$.MODULE$, negotiateNewSession, tLSRole, tLSClosing, option);
    }

    public BidiFlow<TLSProtocol.SslTlsOutbound, ByteString, ByteString, TLSProtocol.SslTlsInbound, NotUsed> apply(SSLContext sSLContext, TLSProtocol.NegotiateNewSession negotiateNewSession, TLSRole tLSRole) {
        return apply(sSLContext, None$.MODULE$, negotiateNewSession, tLSRole, IgnoreComplete$.MODULE$, None$.MODULE$);
    }

    public BidiFlow<TLSProtocol.SslTlsOutbound, ByteString, ByteString, TLSProtocol.SslTlsInbound, NotUsed> apply(Function0<SSLEngine> function0, Function1<SSLSession, Try<BoxedUnit>> function1, TLSClosing tLSClosing) {
        return BidiFlow$.MODULE$.fromGraph(TlsModule$.MODULE$.apply(Attributes$.MODULE$.none(), actorSystem -> {
            return (SSLEngine) function0.mo229apply();
        }, (actorSystem2, sSLSession) -> {
            return (Try) function1.mo16apply(sSLSession);
        }, tLSClosing));
    }

    public BidiFlow<TLSProtocol.SslTlsOutbound, ByteString, ByteString, TLSProtocol.SslTlsInbound, NotUsed> apply(Function0<SSLEngine> function0, TLSClosing tLSClosing) {
        return apply(function0, sSLSession -> {
            return new Success(BoxedUnit.UNIT);
        }, tLSClosing);
    }

    public TLSClosing apply$default$5() {
        return IgnoreComplete$.MODULE$;
    }

    public Option<Tuple2<String, Object>> apply$default$6() {
        return None$.MODULE$;
    }

    private static final AkkaSSLConfig theSslConfig$1(ActorSystem actorSystem, Option option) {
        return (AkkaSSLConfig) option.getOrElse(() -> {
            return (AkkaSSLConfig) AkkaSSLConfig$.MODULE$.apply(actorSystem);
        });
    }

    private static final Function2 verifySession$1(Option option, Option option2) {
        Function2 function2;
        Tuple2 tuple2;
        if ((option instanceof Some) && (tuple2 = (Tuple2) ((Some) option).value()) != null) {
            String str = (String) tuple2.mo15132_1();
            function2 = (actorSystem, sSLSession) -> {
                AkkaSSLConfig theSslConfig$1 = theSslConfig$1(actorSystem, option2);
                return (theSslConfig$1.useJvmHostnameVerification() || theSslConfig$1.hostnameVerifier().verify(str, sSLSession)) ? new Success(BoxedUnit.UNIT) : new Failure(new ConnectionException(new StringBuilder(57).append("Hostname verification failed! Expected session to be for ").append(str).toString()));
            };
        } else {
            if (!None$.MODULE$.equals(option)) {
                throw new MatchError(option);
            }
            function2 = (actorSystem2, sSLSession2) -> {
                return new Success(BoxedUnit.UNIT);
            };
        }
        return function2;
    }

    private TLS$() {
    }
}
