package org.springframework.integration.ip.tcp.connection;

import java.io.IOException;
import java.io.InputStream;
import java.io.PushbackInputStream;
import java.nio.channels.SocketChannel;
import java.security.GeneralSecurityException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.util.Assert;

/* loaded from: input_file:org/springframework/integration/ip/tcp/connection/DefaultTcpNioSSLConnectionSupport.class */
public class DefaultTcpNioSSLConnectionSupport extends AbstractTcpConnectionSupport implements TcpNioConnectionSupport {
    private final SSLContext sslContext;
    private final boolean sslVerifyHost;

    /* loaded from: input_file:org/springframework/integration/ip/tcp/connection/DefaultTcpNioSSLConnectionSupport$PushBackTcpNioSSLConnection.class */
    private static final class PushBackTcpNioSSLConnection extends TcpNioSSLConnection {
        private final int pushbackBufferSize;
        private final String connectionId;
        private volatile PushbackInputStream pushbackStream;
        private volatile InputStream wrapped;

        PushBackTcpNioSSLConnection(SocketChannel socketChannel, boolean z, boolean z2, ApplicationEventPublisher applicationEventPublisher, String str, SSLEngine sSLEngine, int i) {
            super(socketChannel, z, z2, applicationEventPublisher, str, sSLEngine);
            this.pushbackBufferSize = i;
            this.connectionId = "pushback:" + super.getConnectionId();
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.springframework.integration.ip.tcp.connection.TcpNioConnection
        public InputStream inputStream() {
            InputStream inputStream = super.inputStream();
            if (this.pushbackStream == null || !inputStream.equals(this.wrapped)) {
                this.pushbackStream = new PushbackInputStream(inputStream, this.pushbackBufferSize);
                this.wrapped = inputStream;
            }
            return this.pushbackStream;
        }

        @Override // org.springframework.integration.ip.tcp.connection.TcpConnectionSupport, org.springframework.integration.ip.tcp.connection.TcpConnection
        public String getConnectionId() {
            return this.connectionId;
        }
    }

    public DefaultTcpNioSSLConnectionSupport(TcpSSLContextSupport tcpSSLContextSupport) {
        this(tcpSSLContextSupport, true);
    }

    public DefaultTcpNioSSLConnectionSupport(TcpSSLContextSupport tcpSSLContextSupport, boolean z) {
        Assert.notNull(tcpSSLContextSupport, "TcpSSLContextSupport must not be null");
        try {
            this.sslContext = tcpSSLContextSupport.getSSLContext();
            Assert.notNull(this.sslContext, "SSLContext retrieved from context support must not be null");
            this.sslVerifyHost = z;
        } catch (IOException | GeneralSecurityException e) {
            throw new IllegalArgumentException("Invalid TcpSSLContextSupport - it failed to provide an SSLContext", e);
        }
    }

    @Override // org.springframework.integration.ip.tcp.connection.TcpNioConnectionSupport
    public TcpNioConnection createNewConnection(SocketChannel socketChannel, boolean z, boolean z2, ApplicationEventPublisher applicationEventPublisher, String str) {
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine();
        postProcessSSLEngine(createSSLEngine);
        if (this.sslVerifyHost) {
            SSLParameters sSLParameters = createSSLEngine.getSSLParameters();
            sSLParameters.setEndpointIdentificationAlgorithm("HTTPS");
            createSSLEngine.setSSLParameters(sSLParameters);
        }
        TcpNioSSLConnection pushBackTcpNioSSLConnection = isPushbackCapable() ? new PushBackTcpNioSSLConnection(socketChannel, z, z2, applicationEventPublisher, str, createSSLEngine, getPushbackBufferSize()) : new TcpNioSSLConnection(socketChannel, z, z2, applicationEventPublisher, str, createSSLEngine);
        pushBackTcpNioSSLConnection.init();
        return pushBackTcpNioSSLConnection;
    }

    protected void postProcessSSLEngine(SSLEngine sSLEngine) {
    }
}
