package io.quarkus.tls.runtime.config;

import io.quarkus.runtime.util.ClassPathUtils;
import io.quarkus.tls.TlsConfiguration;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.http.HttpClientOptions;
import io.vertx.core.http.WebSocketClientOptions;
import io.vertx.core.net.ClientOptionsBase;
import io.vertx.core.net.NetClientOptions;
import io.vertx.core.net.SSLOptions;
import io.vertx.core.net.TCPSSLOptions;
import java.io.IOException;
import java.io.InputStream;
import java.io.UncheckedIOException;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.util.Iterator;

/* loaded from: input_file:io/quarkus/tls/runtime/config/TlsConfigUtils.class */
public class TlsConfigUtils {
    private TlsConfigUtils() {
    }

    public static byte[] read(Path path) {
        byte[] readAllBytes;
        try {
            InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(ClassPathUtils.toResourceName(path));
            if (resourceAsStream != null) {
                try {
                    readAllBytes = resourceAsStream.readAllBytes();
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                } finally {
                }
            } else {
                InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
                try {
                    readAllBytes = newInputStream.readAllBytes();
                    if (newInputStream != null) {
                        newInputStream.close();
                    }
                } finally {
                }
            }
            return readAllBytes;
        } catch (IOException e) {
            throw new UncheckedIOException("Unable to read file " + path, e);
        }
    }

    public static void configure(TCPSSLOptions tCPSSLOptions, TlsConfiguration tlsConfiguration) {
        tCPSSLOptions.setSsl(true);
        if (tlsConfiguration.getTrustStoreOptions() != null) {
            tCPSSLOptions.setTrustOptions(tlsConfiguration.getTrustStoreOptions());
        }
        if (tlsConfiguration.getKeyStoreOptions() != null) {
            tCPSSLOptions.setKeyCertOptions(tlsConfiguration.getKeyStoreOptions());
        }
        SSLOptions sSLOptions = tlsConfiguration.getSSLOptions();
        if (sSLOptions != null) {
            tCPSSLOptions.setSslHandshakeTimeout(sSLOptions.getSslHandshakeTimeout());
            tCPSSLOptions.setSslHandshakeTimeoutUnit(sSLOptions.getSslHandshakeTimeoutUnit());
            Iterator it = sSLOptions.getEnabledCipherSuites().iterator();
            while (it.hasNext()) {
                tCPSSLOptions.addEnabledCipherSuite((String) it.next());
            }
            Iterator it2 = sSLOptions.getCrlValues().iterator();
            while (it2.hasNext()) {
                tCPSSLOptions.addCrlValue((Buffer) it2.next());
            }
            tCPSSLOptions.setEnabledSecureTransportProtocols(sSLOptions.getEnabledSecureTransportProtocols());
            tCPSSLOptions.setUseAlpn(sSLOptions.isUseAlpn());
        }
    }

    public static void configure(ClientOptionsBase clientOptionsBase, TlsConfiguration tlsConfiguration) {
        configure((TCPSSLOptions) clientOptionsBase, tlsConfiguration);
        if (tlsConfiguration.isTrustAll()) {
            clientOptionsBase.setTrustAll(true);
        }
    }

    public static void configure(NetClientOptions netClientOptions, TlsConfiguration tlsConfiguration) {
        configure((ClientOptionsBase) netClientOptions, tlsConfiguration);
        if (tlsConfiguration.getHostnameVerificationAlgorithm().isPresent()) {
            netClientOptions.setHostnameVerificationAlgorithm(tlsConfiguration.getHostnameVerificationAlgorithm().get());
        }
    }

    public static void configure(HttpClientOptions httpClientOptions, TlsConfiguration tlsConfiguration) {
        configure((ClientOptionsBase) httpClientOptions, tlsConfiguration);
        httpClientOptions.setForceSni(tlsConfiguration.usesSni());
        if (tlsConfiguration.getHostnameVerificationAlgorithm().isPresent() && tlsConfiguration.getHostnameVerificationAlgorithm().get().equals("NONE")) {
            httpClientOptions.setVerifyHost(false);
        }
    }

    public static void configure(WebSocketClientOptions webSocketClientOptions, TlsConfiguration tlsConfiguration) {
        configure((ClientOptionsBase) webSocketClientOptions, tlsConfiguration);
        if (tlsConfiguration.getHostnameVerificationAlgorithm().isPresent() && tlsConfiguration.getHostnameVerificationAlgorithm().get().equals("NONE")) {
            webSocketClientOptions.setVerifyHost(false);
        }
    }
}
