package io.helidon.common.socket;

import java.security.Principal;
import java.security.cert.Certificate;
import java.util.Arrays;
import java.util.Optional;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;

/* loaded from: input_file:io/helidon/common/socket/TlsSocket.class */
public final class TlsSocket extends PlainSocket {
    private final SSLSocket sslSocket;
    private volatile PeerInfo localPeer;
    private volatile PeerInfo remotePeer;
    private volatile byte[] lastSslSessionId;

    private TlsSocket(SSLSocket sSLSocket, String str, String str2) {
        super(sSLSocket, str, str2);
        this.sslSocket = sSLSocket;
        this.lastSslSessionId = sSLSocket.getSession().getId();
    }

    public static TlsSocket server(SSLSocket sSLSocket, String str, String str2) {
        return new TlsSocket(sSLSocket, str, str2);
    }

    public static TlsSocket client(SSLSocket sSLSocket, String str) {
        return new TlsSocket(sSLSocket, str, "client");
    }

    @Override // io.helidon.common.socket.PlainSocket, io.helidon.common.socket.SocketContext
    public PeerInfo remotePeer() {
        if (renegotiated()) {
            this.remotePeer = null;
            this.localPeer = null;
        }
        if (this.remotePeer == null) {
            this.remotePeer = PeerInfoImpl.createRemote(this);
        }
        return this.remotePeer;
    }

    @Override // io.helidon.common.socket.PlainSocket, io.helidon.common.socket.SocketContext
    public PeerInfo localPeer() {
        if (renegotiated()) {
            this.remotePeer = null;
            this.localPeer = null;
        }
        if (this.localPeer == null) {
            this.localPeer = PeerInfoImpl.createLocal(this);
        }
        return this.localPeer;
    }

    @Override // io.helidon.common.socket.PlainSocket, io.helidon.common.socket.SocketContext
    public boolean isSecure() {
        return true;
    }

    @Override // io.helidon.common.socket.HelidonSocket
    public boolean protocolNegotiated() {
        String applicationProtocol = this.sslSocket.getApplicationProtocol();
        return (applicationProtocol == null || applicationProtocol.isBlank()) ? false : true;
    }

    @Override // io.helidon.common.socket.HelidonSocket
    public String protocol() {
        return this.sslSocket.getApplicationProtocol();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Optional<Principal> tlsPeerPrincipal() {
        try {
            return Optional.of(this.sslSocket.getSession().getPeerPrincipal());
        } catch (SSLPeerUnverifiedException e) {
            return Optional.empty();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Optional<Certificate[]> tlsPeerCertificates() {
        try {
            return Optional.of(this.sslSocket.getSession().getPeerCertificates());
        } catch (SSLPeerUnverifiedException e) {
            return Optional.empty();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Optional<Principal> tlsPrincipal() {
        return Optional.of(this.sslSocket.getSession().getLocalPrincipal());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Optional<Certificate[]> tlsCertificates() {
        return Optional.of(this.sslSocket.getSession().getLocalCertificates());
    }

    boolean renegotiated() {
        byte[] id = this.sslSocket.getSession().getId();
        if (Arrays.equals(id, this.lastSslSessionId)) {
            return false;
        }
        this.lastSslSessionId = id;
        return true;
    }
}
