package io.grpc.alts.internal;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import com.google.protobuf.Any;
import io.grpc.Attributes;
import io.grpc.Channel;
import io.grpc.ChannelLogger;
import io.grpc.InternalChannelz;
import io.grpc.Status;
import io.grpc.alts.internal.AltsClientOptions;
import io.grpc.alts.internal.TsiHandshakeHandler;
import io.grpc.grpclb.GrpclbConstants;
import io.grpc.internal.ObjectPool;
import io.grpc.netty.shaded.io.grpc.netty.GrpcHttp2ConnectionHandler;
import io.grpc.netty.shaded.io.grpc.netty.InternalProtocolNegotiator;
import io.grpc.netty.shaded.io.grpc.netty.InternalProtocolNegotiators;
import io.grpc.netty.shaded.io.netty.channel.ChannelHandler;
import io.grpc.netty.shaded.io.netty.handler.ssl.SslContext;
import io.grpc.netty.shaded.io.netty.util.AsciiString;
import io.grpc.xds.InternalXdsAttributes;
import io.grpc.xds.internal.security.SslContextProviderSupplier;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.GeneralSecurityException;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nullable;

/* loaded from: classes4.dex */
public final class AltsProtocolNegotiator {

    /* renamed from: a, reason: collision with root package name */
    public static final Logger f9625a = Logger.getLogger(AltsProtocolNegotiator.class.getName());
    public static final AsyncSemaphore b = new AsyncSemaphore(32);
    public static final Attributes.Key<TsiPeer> c = Attributes.Key.a("internal:TSI_PEER");
    public static final Attributes.Key<Object> d = Attributes.Key.a("internal:AUTH_CONTEXT_KEY");
    public static final AsciiString e = AsciiString.J("https");

    /* loaded from: classes4.dex */
    public static final class AltsHandshakeValidator extends TsiHandshakeHandler.HandshakeValidator {
        public AltsHandshakeValidator() {
        }

        @Override // io.grpc.alts.internal.TsiHandshakeHandler.HandshakeValidator
        public TsiHandshakeHandler.HandshakeValidator.SecurityDetails a(Object obj) throws GeneralSecurityException {
            AltsInternalContext altsInternalContext = (AltsInternalContext) obj;
            if (RpcProtocolVersionsUtil.a(RpcProtocolVersionsUtil.b(), altsInternalContext.a()).a()) {
                return new TsiHandshakeHandler.HandshakeValidator.SecurityDetails(io.grpc.SecurityLevel.PRIVACY_AND_INTEGRITY, new InternalChannelz.Security(new InternalChannelz.OtherSecurity("alts", Any.B0(altsInternalContext.f9624a))));
            }
            throw Status.u.u("Local Rpc Protocol Versions " + RpcProtocolVersionsUtil.b() + " are not compatible with peer Rpc Protocol Versions " + altsInternalContext.a()).e();
        }
    }

    /* loaded from: classes4.dex */
    public static final class ClientAltsProtocolNegotiator implements InternalProtocolNegotiator.ProtocolNegotiator {

        /* renamed from: a, reason: collision with root package name */
        public final TsiHandshakerFactory f9627a;
        public final LazyChannel b;

        public ClientAltsProtocolNegotiator(ImmutableList<String> immutableList, ObjectPool<Channel> objectPool) {
            LazyChannel lazyChannel = new LazyChannel(objectPool);
            this.b = lazyChannel;
            this.f9627a = new ClientTsiHandshakerFactory(immutableList, lazyChannel);
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public AsciiString E() {
            return AltsProtocolNegotiator.e;
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.InternalProtocolNegotiator.ProtocolNegotiator, io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public ChannelHandler a(GrpcHttp2ConnectionHandler grpcHttp2ConnectionHandler) {
            ChannelLogger t2 = grpcHttp2ConnectionHandler.t2();
            return InternalProtocolNegotiators.e(new TsiHandshakeHandler(InternalProtocolNegotiators.b(grpcHttp2ConnectionHandler), new NettyTsiHandshaker(this.f9627a.a(grpcHttp2ConnectionHandler.q2(), t2)), new AltsHandshakeValidator(), AltsProtocolNegotiator.b, t2), t2);
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public void close() {
            this.b.a();
        }
    }

    /* loaded from: classes4.dex */
    public static final class ClientAltsProtocolNegotiatorFactory implements InternalProtocolNegotiator.ClientFactory {

        /* renamed from: a, reason: collision with root package name */
        public final ImmutableList<String> f9628a;
        public final ObjectPool<Channel> b;

        public ClientAltsProtocolNegotiatorFactory(List<String> list, ObjectPool<Channel> objectPool) {
            this.f9628a = ImmutableList.A(list);
            this.b = (ObjectPool) Preconditions.u(objectPool, "handshakerChannelPool");
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.InternalProtocolNegotiator.ClientFactory, io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator.ClientFactory
        public InternalProtocolNegotiator.ProtocolNegotiator a() {
            return new ClientAltsProtocolNegotiator(this.f9628a, this.b);
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator.ClientFactory
        public int b() {
            return 443;
        }
    }

    /* loaded from: classes4.dex */
    public static final class ClientTsiHandshakerFactory implements TsiHandshakerFactory {

        /* renamed from: a, reason: collision with root package name */
        public final ImmutableList<String> f9629a;
        public final LazyChannel b;

        public ClientTsiHandshakerFactory(ImmutableList<String> immutableList, LazyChannel lazyChannel) {
            this.f9629a = (ImmutableList) Preconditions.u(immutableList, "targetServiceAccounts");
            this.b = (LazyChannel) Preconditions.u(lazyChannel, "lazyHandshakerChannel");
        }

        @Override // io.grpc.alts.internal.TsiHandshakerFactory
        public TsiHandshaker a(@Nullable String str, ChannelLogger channelLogger) {
            return AltsTsiHandshaker.h(HandshakerServiceGrpc.b(this.b.b()), new AltsClientOptions.Builder().e(RpcProtocolVersionsUtil.b()).g(this.f9629a).f(str).d(), channelLogger);
        }
    }

    /* loaded from: classes4.dex */
    public static final class GoogleDefaultProtocolNegotiator implements InternalProtocolNegotiator.ProtocolNegotiator {

        /* renamed from: a, reason: collision with root package name */
        public final TsiHandshakerFactory f9630a;
        public final LazyChannel b;
        public final SslContext c;

        @Nullable
        public final Attributes.Key<String> d;

        public GoogleDefaultProtocolNegotiator(ImmutableList<String> immutableList, ObjectPool<Channel> objectPool, SslContext sslContext, @Nullable Attributes.Key<String> key) {
            LazyChannel lazyChannel = new LazyChannel(objectPool);
            this.b = lazyChannel;
            this.f9630a = new ClientTsiHandshakerFactory(immutableList, lazyChannel);
            this.c = (SslContext) Preconditions.u(sslContext, "checkNotNull");
            this.d = key;
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public AsciiString E() {
            return AltsProtocolNegotiator.e;
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.InternalProtocolNegotiator.ProtocolNegotiator, io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public ChannelHandler a(GrpcHttp2ConnectionHandler grpcHttp2ConnectionHandler) {
            ChannelHandler b = InternalProtocolNegotiators.b(grpcHttp2ConnectionHandler);
            ChannelLogger t2 = grpcHttp2ConnectionHandler.t2();
            return InternalProtocolNegotiators.e((grpcHttp2ConnectionHandler.s2().b(GrpclbConstants.d) == null && grpcHttp2ConnectionHandler.s2().b(GrpclbConstants.e) == null && !(this.d != null ? b((String) grpcHttp2ConnectionHandler.s2().b(this.d)) : false)) ? InternalProtocolNegotiators.a(b, this.c, grpcHttp2ConnectionHandler.q2(), t2) : new TsiHandshakeHandler(b, new NettyTsiHandshaker(this.f9630a.a(grpcHttp2ConnectionHandler.q2(), t2)), new AltsHandshakeValidator(), AltsProtocolNegotiator.b, t2), t2);
        }

        public final boolean b(String str) {
            if (str == null || str.startsWith("google_cfe_")) {
                return false;
            }
            if (!str.startsWith("xdstp:")) {
                return true;
            }
            try {
                URI uri = new URI(str);
                if ("traffic-director-c2p.xds.googleapis.com".equals(uri.getHost())) {
                    if (uri.getPath().startsWith("/envoy.config.cluster.v3.Cluster/google_cfe_")) {
                        return false;
                    }
                }
                return true;
            } catch (URISyntaxException unused) {
                return true;
            }
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public void close() {
            AltsProtocolNegotiator.f9625a.finest("ALTS Server ProtocolNegotiator Closed");
            this.b.a();
        }
    }

    /* loaded from: classes4.dex */
    public static final class GoogleDefaultProtocolNegotiatorFactory implements InternalProtocolNegotiator.ClientFactory {

        @VisibleForTesting
        @Nullable
        public static Attributes.Key<String> d = c();

        /* renamed from: a, reason: collision with root package name */
        public final ImmutableList<String> f9631a;
        public final ObjectPool<Channel> b;
        public final SslContext c;

        public GoogleDefaultProtocolNegotiatorFactory(List<String> list, ObjectPool<Channel> objectPool, SslContext sslContext) {
            this.f9631a = ImmutableList.A(list);
            this.b = (ObjectPool) Preconditions.u(objectPool, "handshakerChannelPool");
            this.c = (SslContext) Preconditions.u(sslContext, "sslContext");
        }

        @Nullable
        public static Attributes.Key<String> c() {
            try {
                Attributes.Key<SslContextProviderSupplier> key = InternalXdsAttributes.f11707a;
                return (Attributes.Key) InternalXdsAttributes.class.getField("ATTR_CLUSTER_NAME").get(null);
            } catch (ClassNotFoundException e) {
                AltsProtocolNegotiator.f9625a.log(Level.FINE, "Unable to load xDS endpoint cluster name key, this may be expected", (Throwable) e);
                return null;
            } catch (IllegalAccessException e2) {
                AltsProtocolNegotiator.f9625a.log(Level.FINE, "Unable to load xDS endpoint cluster name key, this may be expected", (Throwable) e2);
                return null;
            } catch (NoSuchFieldException e3) {
                AltsProtocolNegotiator.f9625a.log(Level.FINE, "Unable to load xDS endpoint cluster name key, this may be expected", (Throwable) e3);
                return null;
            }
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.InternalProtocolNegotiator.ClientFactory, io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator.ClientFactory
        public InternalProtocolNegotiator.ProtocolNegotiator a() {
            return new GoogleDefaultProtocolNegotiator(this.f9631a, this.b, this.c, d);
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator.ClientFactory
        public int b() {
            return 443;
        }
    }

    @VisibleForTesting
    /* loaded from: classes4.dex */
    public static final class LazyChannel {

        /* renamed from: a, reason: collision with root package name */
        public final ObjectPool<Channel> f9632a;
        public Channel b;

        @VisibleForTesting
        public LazyChannel(ObjectPool<Channel> objectPool) {
            this.f9632a = (ObjectPool) Preconditions.u(objectPool, "channelPool");
        }

        public synchronized void a() {
            Channel channel = this.b;
            if (channel != null) {
                this.b = this.f9632a.b(channel);
            }
        }

        public synchronized Channel b() {
            if (this.b == null) {
                this.b = this.f9632a.a();
            }
            return this.b;
        }
    }

    @VisibleForTesting
    /* loaded from: classes4.dex */
    public static final class ServerAltsProtocolNegotiator implements InternalProtocolNegotiator.ProtocolNegotiator {

        /* renamed from: a, reason: collision with root package name */
        public final TsiHandshakerFactory f9633a;
        public final LazyChannel b;

        @VisibleForTesting
        public ServerAltsProtocolNegotiator(TsiHandshakerFactory tsiHandshakerFactory, LazyChannel lazyChannel) {
            this.f9633a = (TsiHandshakerFactory) Preconditions.u(tsiHandshakerFactory, "handshakerFactory");
            this.b = (LazyChannel) Preconditions.u(lazyChannel, "lazyHandshakerChannel");
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public AsciiString E() {
            return AltsProtocolNegotiator.e;
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.InternalProtocolNegotiator.ProtocolNegotiator, io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public ChannelHandler a(GrpcHttp2ConnectionHandler grpcHttp2ConnectionHandler) {
            ChannelLogger t2 = grpcHttp2ConnectionHandler.t2();
            return InternalProtocolNegotiators.e(new TsiHandshakeHandler(InternalProtocolNegotiators.b(grpcHttp2ConnectionHandler), new NettyTsiHandshaker(this.f9633a.a(null, t2)), new AltsHandshakeValidator(), AltsProtocolNegotiator.b, t2), t2);
        }

        @Override // io.grpc.netty.shaded.io.grpc.netty.ProtocolNegotiator
        public void close() {
            AltsProtocolNegotiator.f9625a.finest("ALTS Server ProtocolNegotiator Closed");
            this.b.a();
        }
    }

    public static InternalProtocolNegotiator.ProtocolNegotiator d(ObjectPool<Channel> objectPool) {
        final LazyChannel lazyChannel = new LazyChannel(objectPool);
        return new ServerAltsProtocolNegotiator(new TsiHandshakerFactory() { // from class: io.grpc.alts.internal.AltsProtocolNegotiator.1ServerTsiHandshakerFactory
            @Override // io.grpc.alts.internal.TsiHandshakerFactory
            public TsiHandshaker a(@Nullable String str, ChannelLogger channelLogger) {
                return AltsTsiHandshaker.i(HandshakerServiceGrpc.b(LazyChannel.this.b()), new AltsHandshakerOptions(RpcProtocolVersionsUtil.b()), channelLogger);
            }
        }, lazyChannel);
    }
}
