package fs2.io.tls;

import cats.Applicative$;
import cats.effect.Resource;
import cats.effect.Resource$;
import cats.effect.Resource$Bracket$;
import cats.effect.kernel.Async;
import cats.effect.kernel.Sync;
import cats.effect.package$;
import cats.syntax.package$all$;
import fs2.Chunk;
import fs2.io.tcp.Socket;
import fs2.io.tls.TLSEngine;
import fs2.io.udp.Packet;
import java.io.FileInputStream;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import scala.Array$;
import scala.Function1;
import scala.None$;
import scala.Option;
import scala.Some;
import scala.collection.immutable.Nil$;
import scala.concurrent.duration.FiniteDuration;
import scala.reflect.ClassTag$;

/* compiled from: TLSContext.scala */
/* loaded from: input_file:fs2/io/tls/TLSContext$.class */
public final class TLSContext$ {
    public static TLSContext$ MODULE$;

    static {
        new TLSContext$();
    }

    public TLSContext fromSSLContext(final SSLContext sSLContext) {
        return new TLSContext(sSLContext) { // from class: fs2.io.tls.TLSContext$$anon$1
            private final SSLContext ctx$1;

            @Override // fs2.io.tls.TLSContext
            public <F> TLSParameters client$default$2() {
                TLSParameters client$default$2;
                client$default$2 = client$default$2();
                return client$default$2;
            }

            @Override // fs2.io.tls.TLSContext
            public <F> None$ client$default$3() {
                None$ client$default$3;
                client$default$3 = client$default$3();
                return client$default$3;
            }

            @Override // fs2.io.tls.TLSContext
            public <F> TLSParameters server$default$2() {
                TLSParameters server$default$2;
                server$default$2 = server$default$2();
                return server$default$2;
            }

            @Override // fs2.io.tls.TLSContext
            public <F> None$ server$default$3() {
                None$ server$default$3;
                server$default$3 = server$default$3();
                return server$default$3;
            }

            @Override // fs2.io.tls.TLSContext
            public <F> TLSParameters dtlsClient$default$3() {
                TLSParameters dtlsClient$default$3;
                dtlsClient$default$3 = dtlsClient$default$3();
                return dtlsClient$default$3;
            }

            @Override // fs2.io.tls.TLSContext
            public <F> None$ dtlsClient$default$4() {
                None$ dtlsClient$default$4;
                dtlsClient$default$4 = dtlsClient$default$4();
                return dtlsClient$default$4;
            }

            @Override // fs2.io.tls.TLSContext
            public <F> TLSParameters dtlsServer$default$3() {
                TLSParameters dtlsServer$default$3;
                dtlsServer$default$3 = dtlsServer$default$3();
                return dtlsServer$default$3;
            }

            @Override // fs2.io.tls.TLSContext
            public <F> None$ dtlsServer$default$4() {
                None$ dtlsServer$default$4;
                dtlsServer$default$4 = dtlsServer$default$4();
                return dtlsServer$default$4;
            }

            @Override // fs2.io.tls.TLSContext
            public <F> Resource<F, TLSSocket<F>> client(Socket<F> socket, TLSParameters tLSParameters, Option<Function1<String, F>> option, Async<F> async) {
                return mkSocket(socket, true, tLSParameters, option, async);
            }

            @Override // fs2.io.tls.TLSContext
            public <F> Resource<F, TLSSocket<F>> server(Socket<F> socket, TLSParameters tLSParameters, Option<Function1<String, F>> option, Async<F> async) {
                return mkSocket(socket, false, tLSParameters, option, async);
            }

            private <F> Resource<F, TLSSocket<F>> mkSocket(final Socket<F> socket, boolean z, TLSParameters tLSParameters, Option<Function1<String, F>> option, Async<F> async) {
                final TLSContext$$anon$1 tLSContext$$anon$1 = null;
                return Resource$.MODULE$.liftF(engine(new TLSEngine.Binding<F>(tLSContext$$anon$1, socket) { // from class: fs2.io.tls.TLSContext$$anon$1$$anon$2
                    private final Socket socket$1;

                    @Override // fs2.io.tls.TLSEngine.Binding
                    public F write(Chunk<Object> chunk, Option<FiniteDuration> option2) {
                        return (F) this.socket$1.write(chunk, option2);
                    }

                    @Override // fs2.io.tls.TLSEngine.Binding
                    public F read(int i, Option<FiniteDuration> option2) {
                        return (F) this.socket$1.read(i, option2);
                    }

                    {
                        this.socket$1 = socket;
                    }
                }, z, tLSParameters, option, async), async).flatMap(tLSEngine -> {
                    return TLSSocket$.MODULE$.apply(socket, tLSEngine, async);
                });
            }

            @Override // fs2.io.tls.TLSContext
            public <F> Resource<F, DTLSSocket<F>> dtlsClient(fs2.io.udp.Socket<F> socket, InetSocketAddress inetSocketAddress, TLSParameters tLSParameters, Option<Function1<String, F>> option, Async<F> async) {
                return mkDtlsSocket(socket, inetSocketAddress, true, tLSParameters, option, async);
            }

            @Override // fs2.io.tls.TLSContext
            public <F> Resource<F, DTLSSocket<F>> dtlsServer(fs2.io.udp.Socket<F> socket, InetSocketAddress inetSocketAddress, TLSParameters tLSParameters, Option<Function1<String, F>> option, Async<F> async) {
                return mkDtlsSocket(socket, inetSocketAddress, false, tLSParameters, option, async);
            }

            private <F> Resource<F, DTLSSocket<F>> mkDtlsSocket(final fs2.io.udp.Socket<F> socket, final InetSocketAddress inetSocketAddress, boolean z, TLSParameters tLSParameters, Option<Function1<String, F>> option, final Async<F> async) {
                final TLSContext$$anon$1 tLSContext$$anon$1 = null;
                return Resource$.MODULE$.liftF(engine(new TLSEngine.Binding<F>(tLSContext$$anon$1, async, socket, inetSocketAddress) { // from class: fs2.io.tls.TLSContext$$anon$1$$anon$3
                    private final Async F$2;
                    private final fs2.io.udp.Socket socket$2;
                    private final InetSocketAddress remoteAddress$1;

                    @Override // fs2.io.tls.TLSEngine.Binding
                    public F write(Chunk<Object> chunk, Option<FiniteDuration> option2) {
                        return chunk.isEmpty() ? (F) Applicative$.MODULE$.apply(this.F$2).unit() : (F) this.socket$2.write(new Packet(this.remoteAddress$1, chunk), option2);
                    }

                    @Override // fs2.io.tls.TLSEngine.Binding
                    public F read(int i, Option<FiniteDuration> option2) {
                        return (F) package$all$.MODULE$.toFunctorOps(this.socket$2.read(option2), this.F$2).map(packet -> {
                            return new Some(packet.bytes());
                        });
                    }

                    {
                        this.F$2 = async;
                        this.socket$2 = socket;
                        this.remoteAddress$1 = inetSocketAddress;
                    }
                }, z, tLSParameters, option, async), async).flatMap(tLSEngine -> {
                    return DTLSSocket$.MODULE$.apply(socket, inetSocketAddress, tLSEngine, async);
                });
            }

            private <F> F engine(TLSEngine.Binding<F> binding, boolean z, TLSParameters tLSParameters, Option<Function1<String, F>> option, Async<F> async) {
                return (F) package$all$.MODULE$.toFlatMapOps(package$.MODULE$.Sync().apply(async).blocking(() -> {
                    SSLEngine createSSLEngine = this.ctx$1.createSSLEngine();
                    createSSLEngine.setUseClientMode(z);
                    createSSLEngine.setSSLParameters(tLSParameters.toSSLParameters());
                    return createSSLEngine;
                }), async).flatMap(sSLEngine -> {
                    return TLSEngine$.MODULE$.apply(sSLEngine, binding, option, async);
                });
            }

            {
                this.ctx$1 = sSLContext;
            }
        };
    }

    public <F> F insecure(Sync<F> sync) {
        return (F) package$all$.MODULE$.toFunctorOps(package$.MODULE$.Sync().apply(sync).blocking(() -> {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: fs2.io.tls.TLSContext$$anon$4
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return (X509Certificate[]) Array$.MODULE$.apply(Nil$.MODULE$, ClassTag$.MODULE$.apply(X509Certificate.class));
                }
            }}, null);
            return sSLContext;
        }), sync).map(sSLContext -> {
            return MODULE$.fromSSLContext(sSLContext);
        });
    }

    public <F> F system(Sync<F> sync) {
        return (F) package$all$.MODULE$.toFunctorOps(package$.MODULE$.Sync().apply(sync).blocking(() -> {
            return SSLContext.getDefault();
        }), sync).map(sSLContext -> {
            return MODULE$.fromSSLContext(sSLContext);
        });
    }

    public <F> F fromKeyStoreFile(Path path, char[] cArr, char[] cArr2, Async<F> async) {
        return (F) fromKeyStoreStream(Resource$.MODULE$.make(package$.MODULE$.Sync().apply(async).blocking(() -> {
            return new FileInputStream(path.toFile());
        }), inputStream -> {
            return package$.MODULE$.Sync().apply(async).blocking(() -> {
                inputStream.close();
            });
        }, async), cArr, cArr2, async);
    }

    public <F> F fromKeyStoreResource(String str, char[] cArr, char[] cArr2, Async<F> async) {
        return (F) fromKeyStoreStream(Resource$.MODULE$.make(package$.MODULE$.Sync().apply(async).blocking(() -> {
            return MODULE$.getClass().getClassLoader().getResourceAsStream(str);
        }), inputStream -> {
            return package$.MODULE$.Sync().apply(async).blocking(() -> {
                inputStream.close();
            });
        }, async), cArr, cArr2, async);
    }

    private <F> F fromKeyStoreStream(Resource<F, InputStream> resource, char[] cArr, char[] cArr2, Async<F> async) {
        return (F) resource.use(inputStream -> {
            return package$all$.MODULE$.toFlatMapOps(package$.MODULE$.Sync().apply(async).blocking(() -> {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(inputStream, cArr);
                return keyStore;
            }), async).flatMap(keyStore -> {
                return MODULE$.fromKeyStore(keyStore, cArr2, async);
            });
        }, Resource$Bracket$.MODULE$.bracketMonadCancel(async));
    }

    public <F> F fromKeyStore(KeyStore keyStore, char[] cArr, Sync<F> sync) {
        return (F) package$all$.MODULE$.toFunctorOps(package$.MODULE$.Sync().apply(sync).blocking(() -> {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, cArr);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        }), sync).map(sSLContext -> {
            return MODULE$.fromSSLContext(sSLContext);
        });
    }

    private TLSContext$() {
        MODULE$ = this;
    }
}
