package io.grpc.xds.internal.security;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import io.grpc.xds.Bootstrapper;
import io.grpc.xds.EnvoyServerProtoData;
import io.grpc.xds.TlsContextManager;
import io.grpc.xds.internal.security.ReferenceCountingMap;

/* loaded from: input_file:META-INF/bundled-dependencies/grpc-xds-1.56.0.jar:io/grpc/xds/internal/security/TlsContextManagerImpl.class */
public final class TlsContextManagerImpl implements TlsContextManager {
    private final ReferenceCountingMap<EnvoyServerProtoData.UpstreamTlsContext, SslContextProvider> mapForClients;
    private final ReferenceCountingMap<EnvoyServerProtoData.DownstreamTlsContext, SslContextProvider> mapForServers;

    @VisibleForTesting
    public TlsContextManagerImpl(Bootstrapper.BootstrapInfo bootstrapInfo) {
        this(new ClientSslContextProviderFactory(bootstrapInfo), new ServerSslContextProviderFactory(bootstrapInfo));
    }

    @VisibleForTesting
    TlsContextManagerImpl(ReferenceCountingMap.ValueFactory<EnvoyServerProtoData.UpstreamTlsContext, SslContextProvider> valueFactory, ReferenceCountingMap.ValueFactory<EnvoyServerProtoData.DownstreamTlsContext, SslContextProvider> valueFactory2) {
        Preconditions.checkNotNull(valueFactory, "clientFactory");
        Preconditions.checkNotNull(valueFactory2, "serverFactory");
        this.mapForClients = new ReferenceCountingMap<>(valueFactory);
        this.mapForServers = new ReferenceCountingMap<>(valueFactory2);
    }

    @Override // io.grpc.xds.TlsContextManager
    public SslContextProvider findOrCreateServerSslContextProvider(EnvoyServerProtoData.DownstreamTlsContext downstreamTlsContext) {
        Preconditions.checkNotNull(downstreamTlsContext, "downstreamTlsContext");
        return this.mapForServers.get(new EnvoyServerProtoData.DownstreamTlsContext(downstreamTlsContext.getCommonTlsContext().toBuilder().build(), downstreamTlsContext.isRequireClientCertificate()));
    }

    @Override // io.grpc.xds.TlsContextManager
    public SslContextProvider findOrCreateClientSslContextProvider(EnvoyServerProtoData.UpstreamTlsContext upstreamTlsContext) {
        Preconditions.checkNotNull(upstreamTlsContext, "upstreamTlsContext");
        return this.mapForClients.get(new EnvoyServerProtoData.UpstreamTlsContext(upstreamTlsContext.getCommonTlsContext().toBuilder().build()));
    }

    @Override // io.grpc.xds.TlsContextManager
    public SslContextProvider releaseClientSslContextProvider(SslContextProvider sslContextProvider) {
        Preconditions.checkNotNull(sslContextProvider, "clientSslContextProvider");
        return this.mapForClients.release(sslContextProvider.getUpstreamTlsContext(), sslContextProvider);
    }

    @Override // io.grpc.xds.TlsContextManager
    public SslContextProvider releaseServerSslContextProvider(SslContextProvider sslContextProvider) {
        Preconditions.checkNotNull(sslContextProvider, "serverSslContextProvider");
        return this.mapForServers.release(sslContextProvider.getDownstreamTlsContext(), sslContextProvider);
    }
}
