package com.tangosol.internal.net.ssl;

import com.oracle.coherence.common.base.Exceptions;
import com.oracle.coherence.common.base.Logger;
import com.oracle.coherence.common.net.SSLSocketProvider;
import com.tangosol.coherence.http.AbstractGenericHttpServer;
import com.tangosol.net.ssl.RefreshPolicy;
import com.tangosol.util.Base;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicLong;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManager;

/* loaded from: input_file:com/tangosol/internal/net/ssl/SSLContextDependencies.class */
public class SSLContextDependencies {
    private volatile SecureRandom m_secureRandom;
    private volatile KeyManager[] m_aKeyManager;
    private volatile TrustManager[] m_aTrustManagers;
    private volatile KeyManagersBuilder m_keyManagersBuilder;
    private volatile TrustManagersBuilder m_trustManagersBuilder;
    private SSLSocketProvider.Dependencies m_deps;
    private ManagerDependencies m_depsIdMgr;
    private ManagerDependencies m_depsTrustMgr;
    private String m_sProtocol;
    private Provider m_provider;
    private String m_sProviderName;
    private SSLSocketProvider.ClientAuthMode m_clientAuthMode;
    private boolean m_fClientAuthModeUnset;
    private long m_nRefreshPeriodMillis;
    private static final AtomicLong INSTANCE_COUNT = new AtomicLong(0);
    private final Listener m_listener;

    /* loaded from: input_file:com/tangosol/internal/net/ssl/SSLContextDependencies$Listener.class */
    public interface Listener {
        void onUpdate(SSLContextDependencies sSLContextDependencies) throws GeneralSecurityException;

        void onError(SSLContextDependencies sSLContextDependencies, Throwable th) throws KeyManagementException;
    }

    public SSLContextDependencies(Listener listener) {
        this.m_listener = listener;
    }

    public SSLContextDependencies(SSLContextDependencies sSLContextDependencies, Listener listener) {
        this(listener);
        if (sSLContextDependencies != null) {
            this.m_secureRandom = sSLContextDependencies.m_secureRandom;
            this.m_aKeyManager = sSLContextDependencies.m_aKeyManager;
            this.m_aTrustManagers = sSLContextDependencies.m_aTrustManagers;
            this.m_keyManagersBuilder = sSLContextDependencies.m_keyManagersBuilder;
            this.m_trustManagersBuilder = sSLContextDependencies.m_trustManagersBuilder;
            this.m_deps = sSLContextDependencies.m_deps;
            this.m_depsIdMgr = sSLContextDependencies.m_depsIdMgr;
            this.m_depsTrustMgr = sSLContextDependencies.m_depsTrustMgr;
            this.m_sProtocol = sSLContextDependencies.m_sProtocol;
            this.m_provider = sSLContextDependencies.m_provider;
            this.m_sProviderName = sSLContextDependencies.m_sProviderName;
            this.m_clientAuthMode = sSLContextDependencies.m_clientAuthMode;
            this.m_fClientAuthModeUnset = sSLContextDependencies.m_clientAuthMode == null;
            this.m_nRefreshPeriodMillis = sSLContextDependencies.m_nRefreshPeriodMillis;
        }
    }

    public void init() {
        init(this.m_aKeyManager, this.m_aTrustManagers, this.m_secureRandom);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void init(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, SecureRandom secureRandom) {
        this.m_aKeyManager = keyManagerArr;
        this.m_aTrustManagers = trustManagerArr;
        this.m_secureRandom = secureRandom;
        try {
            update();
            if (this.m_nRefreshPeriodMillis > 0) {
                Executors.newSingleThreadScheduledExecutor(SSLContextDependencies::makeRefreshThread).scheduleAtFixedRate(this::onScheduledUpdate, this.m_nRefreshPeriodMillis, this.m_nRefreshPeriodMillis, TimeUnit.MILLISECONDS);
            }
        } catch (Exception e) {
            throw Exceptions.ensureRuntimeException(e);
        }
    }

    public void setDependencies(SSLSocketProvider.Dependencies dependencies, ManagerDependencies managerDependencies, ManagerDependencies managerDependencies2) {
        this.m_deps = dependencies;
        this.m_depsIdMgr = managerDependencies;
        this.m_depsTrustMgr = managerDependencies2;
    }

    public SecureRandom getSecureRandom() {
        return this.m_secureRandom;
    }

    public void setSecureRandom(SecureRandom secureRandom) {
        this.m_secureRandom = secureRandom;
    }

    public KeyManager[] getKeyManagers() {
        return this.m_aKeyManager;
    }

    public TrustManager[] getTrustManagers() {
        return this.m_aTrustManagers;
    }

    public HostnameVerifier getHostnameVerifier() {
        return this.m_deps.getHostnameVerifier();
    }

    public void setClientAuth(SSLSocketProvider.ClientAuthMode clientAuthMode) {
        this.m_fClientAuthModeUnset = clientAuthMode == null;
        this.m_clientAuthMode = clientAuthMode;
    }

    public SSLSocketProvider.ClientAuthMode getClientAuth() {
        return this.m_clientAuthMode;
    }

    public void setProvider(Provider provider, String str) {
        this.m_provider = provider;
        this.m_sProviderName = str;
    }

    public Provider getProvider() {
        return this.m_provider;
    }

    public String getProviderName() {
        return this.m_sProviderName;
    }

    public void setRefreshPeriodInMillis(long j) {
        this.m_nRefreshPeriodMillis = j;
    }

    public long getRefreshPeriodMillis() {
        return this.m_nRefreshPeriodMillis;
    }

    public String[] getEnabledCipherSuites() {
        return this.m_deps.getEnabledCipherSuites();
    }

    public void setProtocol(String str) {
        this.m_sProtocol = str;
    }

    public String getProtocol() {
        return (this.m_sProtocol == null || this.m_sProtocol.isEmpty()) ? "TLS" : this.m_sProtocol;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v17, types: [com.tangosol.internal.net.ssl.KeyManagersBuilder] */
    protected KeyManagersBuilder ensureKeyManagersBuilder() {
        if (this.m_keyManagersBuilder == null) {
            synchronized (this) {
                if (this.m_keyManagersBuilder == null) {
                    this.m_keyManagersBuilder = this.m_provider instanceof KeyManagersBuilder ? (KeyManagersBuilder) this.m_provider : new DefaultKeyManagerBuilder();
                }
            }
        }
        return this.m_keyManagersBuilder;
    }

    protected void setKeyManagersBuilder(KeyManagersBuilder keyManagersBuilder) {
        this.m_keyManagersBuilder = keyManagersBuilder;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v17, types: [com.tangosol.internal.net.ssl.TrustManagersBuilder] */
    protected TrustManagersBuilder ensureTrustManagersBuilder() {
        if (this.m_trustManagersBuilder == null) {
            synchronized (this) {
                if (this.m_trustManagersBuilder == null) {
                    this.m_trustManagersBuilder = this.m_provider instanceof TrustManagersBuilder ? (TrustManagersBuilder) this.m_provider : new DefaultTrustManagerBuilder();
                }
            }
        }
        return this.m_trustManagersBuilder;
    }

    protected void setTrustManagersBuilder(TrustManagersBuilder trustManagersBuilder) {
        this.m_trustManagersBuilder = trustManagersBuilder;
    }

    protected static Thread makeRefreshThread(Runnable runnable) {
        return Base.makeThread(null, runnable, "SSLContextRefreshThread:" + INSTANCE_COUNT.incrementAndGet());
    }

    protected void onScheduledUpdate() {
        try {
            RefreshPolicy refreshPolicy = this.m_deps.getRefreshPolicy();
            if (refreshPolicy == null || refreshPolicy.shouldRefresh(this.m_deps, this.m_depsIdMgr, this.m_depsTrustMgr)) {
                update();
            }
        } catch (Throwable th) {
            Logger.err("Failed to update keystores", th);
        }
    }

    protected synchronized void update() throws KeyManagementException {
        try {
            StringBuilder sb = new StringBuilder();
            KeyManagersBuilder ensureKeyManagersBuilder = ensureKeyManagersBuilder();
            TrustManagersBuilder ensureTrustManagersBuilder = ensureTrustManagersBuilder();
            if (ensureKeyManagersBuilder.isRefreshable(this.m_depsIdMgr) || ensureTrustManagersBuilder.isRefreshable(this.m_depsTrustMgr)) {
                this.m_aKeyManager = ensureKeyManagersBuilder.buildKeyManagers(this.m_depsIdMgr, sb);
                this.m_aTrustManagers = ensureTrustManagersBuilder.buildTrustManagers(this.m_depsTrustMgr, sb.append(", "));
                if (this.m_fClientAuthModeUnset) {
                    this.m_clientAuthMode = (this.m_aTrustManagers == null || this.m_aTrustManagers.length == 0) ? SSLSocketProvider.ClientAuthMode.none : SSLSocketProvider.ClientAuthMode.required;
                }
                this.m_deps.setClientAuth(this.m_clientAuthMode);
                if (this.m_listener != null) {
                    this.m_listener.onUpdate(this);
                }
                logDescription(sb);
            }
        } catch (Throwable th) {
            if (this.m_listener == null) {
                throw new KeyManagementException("Could not create SSLContext dependencies", th);
            }
            this.m_listener.onError(this, th);
        }
    }

    protected void logDescription(StringBuilder sb) {
        if (this.m_deps.getHostnameVerifier() != null) {
            sb.append(", hostname-verifier=custom");
        }
        sb.insert(0, "SSLSocketProvider(auth=" + ((this.m_aKeyManager == null && this.m_aTrustManagers == null) ? AbstractGenericHttpServer.AUTH_NONE : this.m_aKeyManager == null ? "one-way client" : this.m_aTrustManagers == null ? "one-way server" : this.m_clientAuthMode == SSLSocketProvider.ClientAuthMode.none ? "one-way" : "two-way") + ", ").append(", clientAuth=").append(this.m_clientAuthMode).append(')');
        this.m_deps.setDescription(sb.toString());
        Logger.fine("instantiated SSLSocketProviderDependencies: " + String.valueOf(sb));
    }
}
