package org.eclipse.californium.elements.tcp;

import io.netty.channel.Channel;
import io.netty.handler.ssl.SslHandler;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import org.eclipse.californium.core.coap.CoAP;

/* loaded from: input_file:org/eclipse/californium/elements/tcp/TlsServerConnector.class */
public class TlsServerConnector extends TcpServerConnector {
    private static final int DEFAULT_HANDSHAKE_TIMEOUT_MILLIS = 10000;
    private final ClientAuthMode clientAuthMode;
    private final SSLContext sslContext;
    private final long handshakeTimeoutMillis;

    /* loaded from: input_file:org/eclipse/californium/elements/tcp/TlsServerConnector$ClientAuthMode.class */
    public enum ClientAuthMode {
        NONE,
        WANTED,
        NEEDED
    }

    public TlsServerConnector(SSLContext sSLContext, ClientAuthMode clientAuthMode, InetSocketAddress inetSocketAddress, int i, int i2, int i3) {
        super(inetSocketAddress, i, i3, new TlsContextUtil(clientAuthMode == ClientAuthMode.NEEDED));
        this.sslContext = sSLContext;
        this.clientAuthMode = clientAuthMode;
        this.handshakeTimeoutMillis = i2;
    }

    public TlsServerConnector(SSLContext sSLContext, ClientAuthMode clientAuthMode, InetSocketAddress inetSocketAddress, int i, int i2) {
        this(sSLContext, clientAuthMode, inetSocketAddress, i, 10000, i2);
    }

    public TlsServerConnector(SSLContext sSLContext, InetSocketAddress inetSocketAddress, int i, int i2) {
        this(sSLContext, ClientAuthMode.NONE, inetSocketAddress, i, 10000, i2);
    }

    @Override // org.eclipse.californium.elements.tcp.TcpServerConnector
    protected void onNewChannelCreated(Channel channel) {
        SSLEngine createSllEngineForChannel = createSllEngineForChannel(channel);
        switch (this.clientAuthMode) {
            case WANTED:
                createSllEngineForChannel.setWantClientAuth(true);
                break;
            case NEEDED:
                createSllEngineForChannel.setNeedClientAuth(true);
                break;
        }
        createSllEngineForChannel.setUseClientMode(false);
        SslHandler sslHandler = new SslHandler(createSllEngineForChannel);
        sslHandler.setHandshakeTimeoutMillis(this.handshakeTimeoutMillis);
        channel.pipeline().addFirst(sslHandler);
    }

    @Override // org.eclipse.californium.elements.tcp.TcpServerConnector, org.eclipse.californium.elements.Connector
    public String getProtocol() {
        return CoAP.PROTOCOL_TLS;
    }

    private SSLEngine createSllEngineForChannel(Channel channel) {
        SocketAddress remoteAddress = channel.remoteAddress();
        if (!(remoteAddress instanceof InetSocketAddress)) {
            this.LOGGER.info("Connection from {}", remoteAddress);
            return this.sslContext.createSSLEngine();
        }
        InetSocketAddress inetSocketAddress = (InetSocketAddress) remoteAddress;
        this.LOGGER.info("Connection from inet {}", inetSocketAddress);
        return this.sslContext.createSSLEngine(inetSocketAddress.getAddress().getHostAddress(), inetSocketAddress.getPort());
    }
}
