package org.wildfly.security.ssl;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import org.wildfly.common.Assert;
import org.wildfly.security._private.ElytronMessages;

/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.2.4.Final.jar:org/wildfly/security/ssl/SSLConfiguratorImpl.class */
final class SSLConfiguratorImpl implements SSLConfigurator {
    private final ProtocolSelector protocolSelector;
    private final CipherSuiteSelector cipherSuiteSelector;
    private final boolean wantClientAuth;
    private final boolean needClientAuth;
    private final boolean useCipherSuitesOrder;
    private final boolean clientMode;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLConfiguratorImpl(ProtocolSelector protocolSelector, CipherSuiteSelector cipherSuiteSelector, boolean z, boolean z2, boolean z3) {
        this.protocolSelector = protocolSelector;
        this.cipherSuiteSelector = cipherSuiteSelector;
        this.useCipherSuitesOrder = z3;
        this.wantClientAuth = z;
        this.needClientAuth = z2;
        this.clientMode = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLConfiguratorImpl(ProtocolSelector protocolSelector, CipherSuiteSelector cipherSuiteSelector, boolean z) {
        this.protocolSelector = protocolSelector;
        this.cipherSuiteSelector = cipherSuiteSelector;
        this.useCipherSuitesOrder = z;
        this.wantClientAuth = false;
        this.needClientAuth = false;
        this.clientMode = true;
    }

    void configure(SSLParameters sSLParameters, String[] strArr, String[] strArr2) {
        Assert.checkNotNullParam("supportedProtocols", strArr);
        Assert.checkNotNullParam("supportedCipherSuites", strArr2);
        sSLParameters.setProtocols(this.protocolSelector.evaluate(strArr));
        sSLParameters.setCipherSuites(this.cipherSuiteSelector.evaluate(strArr2));
        sSLParameters.setUseCipherSuitesOrder(this.useCipherSuitesOrder);
        sSLParameters.setWantClientAuth(this.wantClientAuth);
        if (this.needClientAuth) {
            sSLParameters.setNeedClientAuth(this.needClientAuth);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void configure(SSLContext sSLContext, SSLServerSocket sSLServerSocket) {
        sSLServerSocket.setUseClientMode(this.clientMode);
        SSLParameters sSLParameters = sSLServerSocket.getSSLParameters();
        configure(sSLParameters, sSLServerSocket.getSupportedProtocols(), sSLServerSocket.getSupportedCipherSuites());
        sSLServerSocket.setSSLParameters(sSLParameters);
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void configure(SSLContext sSLContext, SSLSocket sSLSocket) {
        sSLSocket.setUseClientMode(this.clientMode);
        SSLParameters sSLParameters = sSLSocket.getSSLParameters();
        configure(sSLParameters, sSLSocket.getSupportedProtocols(), sSLSocket.getSupportedCipherSuites());
        sSLSocket.setSSLParameters(sSLParameters);
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void configure(SSLContext sSLContext, SSLEngine sSLEngine) {
        sSLEngine.setUseClientMode(this.clientMode);
        SSLParameters sSLParameters = sSLEngine.getSSLParameters();
        configure(sSLParameters, sSLEngine.getSupportedProtocols(), sSLEngine.getSupportedCipherSuites());
        sSLEngine.setSSLParameters(sSLParameters);
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public SSLParameters getDefaultSSLParameters(SSLContext sSLContext, SSLParameters sSLParameters) {
        SSLParameters supportedSSLParameters = sSLContext.getSupportedSSLParameters();
        configure(sSLParameters, supportedSSLParameters.getProtocols(), supportedSSLParameters.getCipherSuites());
        return sSLParameters;
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public SSLParameters getSupportedSSLParameters(SSLContext sSLContext, SSLParameters sSLParameters) {
        return getDefaultSSLParameters(sSLContext, sSLParameters);
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setWantClientAuth(SSLContext sSLContext, SSLSocket sSLSocket, boolean z) {
        if (z) {
            sSLSocket.setWantClientAuth(z);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setWantClientAuth(SSLContext sSLContext, SSLEngine sSLEngine, boolean z) {
        if (z) {
            sSLEngine.setWantClientAuth(z);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setWantClientAuth(SSLContext sSLContext, SSLServerSocket sSLServerSocket, boolean z) {
        if (z) {
            sSLServerSocket.setWantClientAuth(z);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setNeedClientAuth(SSLContext sSLContext, SSLSocket sSLSocket, boolean z) {
        if (z) {
            sSLSocket.setNeedClientAuth(z);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setNeedClientAuth(SSLContext sSLContext, SSLEngine sSLEngine, boolean z) {
        if (z) {
            sSLEngine.setNeedClientAuth(z);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setNeedClientAuth(SSLContext sSLContext, SSLServerSocket sSLServerSocket, boolean z) {
        if (z) {
            sSLServerSocket.setNeedClientAuth(z);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setEnabledCipherSuites(SSLContext sSLContext, SSLSocket sSLSocket, String[] strArr) {
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setEnabledCipherSuites(SSLContext sSLContext, SSLEngine sSLEngine, String[] strArr) {
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setEnabledCipherSuites(SSLContext sSLContext, SSLServerSocket sSLServerSocket, String[] strArr) {
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setEnabledProtocols(SSLContext sSLContext, SSLSocket sSLSocket, String[] strArr) {
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setEnabledProtocols(SSLContext sSLContext, SSLEngine sSLEngine, String[] strArr) {
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setEnabledProtocols(SSLContext sSLContext, SSLServerSocket sSLServerSocket, String[] strArr) {
    }

    private SSLParameters redefine(SSLParameters sSLParameters, String[] strArr, String[] strArr2) {
        SSLParameters sSLParameters2 = new SSLParameters();
        configure(sSLParameters2, this.protocolSelector.evaluate(strArr2), this.cipherSuiteSelector.evaluate(strArr));
        sSLParameters2.setServerNames(sSLParameters.getServerNames());
        sSLParameters2.setSNIMatchers(sSLParameters.getSNIMatchers());
        sSLParameters2.setAlgorithmConstraints(sSLParameters.getAlgorithmConstraints());
        sSLParameters2.setEndpointIdentificationAlgorithm(sSLParameters.getEndpointIdentificationAlgorithm());
        return sSLParameters2;
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setSSLParameters(SSLContext sSLContext, SSLSocket sSLSocket, SSLParameters sSLParameters) {
        sSLSocket.setSSLParameters(redefine(sSLParameters, sSLSocket.getSupportedCipherSuites(), sSLSocket.getSupportedProtocols()));
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setSSLParameters(SSLContext sSLContext, SSLEngine sSLEngine, SSLParameters sSLParameters) {
        sSLEngine.setSSLParameters(redefine(sSLParameters, sSLEngine.getSupportedCipherSuites(), sSLEngine.getSupportedProtocols()));
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setSSLParameters(SSLContext sSLContext, SSLServerSocket sSLServerSocket, SSLParameters sSLParameters) {
        sSLServerSocket.setSSLParameters(redefine(sSLParameters, sSLServerSocket.getSupportedCipherSuites(), sSLServerSocket.getSupportedProtocols()));
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setUseClientMode(SSLContext sSLContext, SSLSocket sSLSocket, boolean z) {
        if (z != this.clientMode) {
            throw ElytronMessages.log.invalidClientMode(this.clientMode, z);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setUseClientMode(SSLContext sSLContext, SSLEngine sSLEngine, boolean z) {
        if (z != this.clientMode) {
            throw ElytronMessages.log.invalidClientMode(this.clientMode, z);
        }
    }

    @Override // org.wildfly.security.ssl.SSLConfigurator
    public void setUseClientMode(SSLContext sSLContext, SSLServerSocket sSLServerSocket, boolean z) {
        if (z != this.clientMode) {
            throw ElytronMessages.log.invalidClientMode(this.clientMode, z);
        }
    }
}
