package org.shaded.jboss.as.domain.management.security;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManager;
import org.shaded.jboss.as.domain.management.logging.DomainManagementLogger;
import org.shaded.jboss.msc.inject.Injector;
import org.shaded.jboss.msc.service.Service;
import org.shaded.jboss.msc.service.ServiceBuilder;
import org.shaded.jboss.msc.service.ServiceName;
import org.shaded.jboss.msc.service.StartContext;
import org.shaded.jboss.msc.service.StartException;
import org.shaded.jboss.msc.service.StopContext;
import org.shaded.jboss.msc.value.InjectedValue;

/* loaded from: input_file:org/shaded/jboss/as/domain/management/security/SSLContextService.class */
public class SSLContextService implements Service<SSLContext> {
    private InjectedValue<KeyManager[]> injectedKeyManagers = new InjectedValue<>();
    private InjectedValue<TrustManager[]> injectedtrustManagers = new InjectedValue<>();
    private volatile String protocol;
    private volatile Set<String> enabledCipherSuites;
    private volatile Set<String> enabledProtocols;
    private volatile SSLContext theSSLContext;

    /* loaded from: input_file:org/shaded/jboss/as/domain/management/security/SSLContextService$ServiceUtil.class */
    public static final class ServiceUtil {
        private static final String SERVICE_SUFFIX = "ssl-context";
        private static final String TRUST_ONLY_SERVICE_SUFFIX = "ssl-context-trust-only";

        public static ServiceName createServiceName(ServiceName serviceName, boolean z) {
            String[] strArr = new String[1];
            strArr[0] = z ? TRUST_ONLY_SERVICE_SUFFIX : SERVICE_SUFFIX;
            return serviceName.append(strArr);
        }

        /* JADX WARN: Multi-variable type inference failed */
        public static ServiceBuilder<?> addDependency(ServiceBuilder<?> serviceBuilder, Injector<SSLContext> injector, ServiceName serviceName, boolean z) {
            serviceBuilder.addDependency(createServiceName(serviceName, z), SSLContext.class, injector);
            return serviceBuilder;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLContextService(String str, Set<String> set, Set<String> set2) {
        this.protocol = str;
        this.enabledCipherSuites = set;
        this.enabledProtocols = set2;
    }

    public String getProtocol() {
        return this.protocol;
    }

    public void setProtocol(String str) {
        this.protocol = str;
    }

    @Override // org.shaded.jboss.msc.service.Service
    public void start(StartContext startContext) throws StartException {
        String[] calculateCommon;
        String[] calculateCommon2;
        KeyManager[] optionalValue = this.injectedKeyManagers.getOptionalValue();
        TrustManager[] optionalValue2 = this.injectedtrustManagers.getOptionalValue();
        try {
            SSLContext sSLContext = SSLContext.getInstance(this.protocol);
            sSLContext.init(optionalValue, optionalValue2, null);
            if (!this.enabledCipherSuites.isEmpty() || !this.enabledProtocols.isEmpty()) {
                SSLParameters supportedSSLParameters = sSLContext.getSupportedSSLParameters();
                if (this.enabledCipherSuites.isEmpty()) {
                    calculateCommon = new String[0];
                } else {
                    calculateCommon = calculateCommon(supportedSSLParameters.getCipherSuites(), this.enabledCipherSuites);
                    if (calculateCommon.length == 0) {
                        throw DomainManagementLogger.ROOT_LOGGER.noCipherSuitesInCommon(Arrays.asList(supportedSSLParameters.getCipherSuites()).toString(), this.enabledCipherSuites.toString());
                    }
                }
                if (this.enabledProtocols.isEmpty()) {
                    calculateCommon2 = new String[0];
                } else {
                    calculateCommon2 = calculateCommon(supportedSSLParameters.getProtocols(), this.enabledProtocols);
                    if (calculateCommon2.length == 0) {
                        throw DomainManagementLogger.ROOT_LOGGER.noProtocolsInCommon(Arrays.asList(supportedSSLParameters.getProtocols()).toString(), this.enabledProtocols.toString());
                    }
                }
                sSLContext = new WrapperSSLContext(sSLContext, calculateCommon, calculateCommon2);
            }
            this.theSSLContext = sSLContext;
        } catch (KeyManagementException e) {
            throw DomainManagementLogger.ROOT_LOGGER.unableToStart(e);
        } catch (NoSuchAlgorithmException e2) {
            throw DomainManagementLogger.ROOT_LOGGER.unableToStart(e2);
        }
    }

    private String[] calculateCommon(String[] strArr, Set<String> set) {
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            if (set.contains(str)) {
                arrayList.add(str);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    @Override // org.shaded.jboss.msc.service.Service
    public void stop(StopContext stopContext) {
        this.theSSLContext = null;
    }

    @Override // org.shaded.jboss.msc.value.Value
    public SSLContext getValue() throws IllegalStateException, IllegalArgumentException {
        return this.theSSLContext;
    }

    public InjectedValue<KeyManager[]> getKeyManagerInjector() {
        return this.injectedKeyManagers;
    }

    public InjectedValue<TrustManager[]> getTrustManagerInjector() {
        return this.injectedtrustManagers;
    }
}
