package com.oracle.coherence.grpc.proxy;

import com.oracle.coherence.common.base.Logger;
import com.oracle.coherence.common.net.SSLSocketProvider;
import com.tangosol.internal.net.ssl.SSLContextDependencies;
import io.grpc.netty.GrpcSslContexts;
import io.netty.buffer.ByteBufAllocator;
import io.netty.handler.ssl.ApplicationProtocolNegotiator;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;

/* loaded from: input_file:com/oracle/coherence/grpc/proxy/RefreshableSslContext.class */
public class RefreshableSslContext extends SslContext implements SSLContextDependencies.Listener {
    private final SSLContextDependencies m_deps;
    private final boolean m_fServer;
    private volatile SslContext m_delegate;

    /* renamed from: com.oracle.coherence.grpc.proxy.RefreshableSslContext$1, reason: invalid class name */
    /* loaded from: input_file:com/oracle/coherence/grpc/proxy/RefreshableSslContext$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$oracle$coherence$common$net$SSLSocketProvider$ClientAuthMode = new int[SSLSocketProvider.ClientAuthMode.values().length];

        static {
            try {
                $SwitchMap$com$oracle$coherence$common$net$SSLSocketProvider$ClientAuthMode[SSLSocketProvider.ClientAuthMode.wanted.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$oracle$coherence$common$net$SSLSocketProvider$ClientAuthMode[SSLSocketProvider.ClientAuthMode.required.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$oracle$coherence$common$net$SSLSocketProvider$ClientAuthMode[SSLSocketProvider.ClientAuthMode.none.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public RefreshableSslContext(SSLContextDependencies sSLContextDependencies, boolean z) {
        this.m_deps = new SSLContextDependencies(sSLContextDependencies, this);
        this.m_fServer = z;
        this.m_deps.init();
    }

    public void onUpdate(SSLContextDependencies sSLContextDependencies) throws GeneralSecurityException {
        ClientAuth clientAuth;
        try {
            SslContextBuilder forServer = this.m_fServer ? SslContextBuilder.forServer(sSLContextDependencies.getKeyManagers()[0]) : SslContextBuilder.forClient().keyManager(sSLContextDependencies.getKeyManagers()[0]);
            TrustManager[] trustManagers = sSLContextDependencies.getTrustManagers();
            SSLSocketProvider.ClientAuthMode clientAuth2 = sSLContextDependencies.getClientAuth();
            if (clientAuth2 == null && trustManagers.length > 0) {
                clientAuth2 = SSLSocketProvider.ClientAuthMode.required;
            }
            switch (AnonymousClass1.$SwitchMap$com$oracle$coherence$common$net$SSLSocketProvider$ClientAuthMode[clientAuth2.ordinal()]) {
                case 1:
                    clientAuth = ClientAuth.OPTIONAL;
                    break;
                case 2:
                    clientAuth = ClientAuth.REQUIRE;
                    break;
                case 3:
                default:
                    clientAuth = ClientAuth.NONE;
                    break;
            }
            String[] enabledCipherSuites = sSLContextDependencies.getEnabledCipherSuites();
            if (enabledCipherSuites != null && enabledCipherSuites.length > 0) {
                forServer.ciphers(Arrays.asList(enabledCipherSuites));
            }
            if (trustManagers.length > 0) {
                forServer.trustManager(trustManagers[0]);
            }
            forServer.clientAuth(clientAuth).sslContextProvider(sSLContextDependencies.getProvider()).startTls(false);
            this.m_delegate = GrpcSslContexts.configure(forServer).build();
        } catch (SSLException e) {
            throw new GeneralSecurityException(e);
        }
    }

    public void onError(SSLContextDependencies sSLContextDependencies, Throwable th) throws KeyManagementException {
        if (this.m_delegate == null) {
            throw new KeyManagementException("Could not create first SSLContext. Expect communication errors.", th);
        }
        Logger.err("Could not properly instantiate SSLContext. The existing SSLContext will be used", th);
    }

    public boolean isClient() {
        return this.m_delegate.isClient();
    }

    public List<String> cipherSuites() {
        return this.m_delegate.cipherSuites();
    }

    public ApplicationProtocolNegotiator applicationProtocolNegotiator() {
        return this.m_delegate.applicationProtocolNegotiator();
    }

    public SSLEngine newEngine(ByteBufAllocator byteBufAllocator) {
        return this.m_delegate.newEngine(byteBufAllocator);
    }

    public SSLEngine newEngine(ByteBufAllocator byteBufAllocator, String str, int i) {
        return this.m_delegate.newEngine(byteBufAllocator, str, i);
    }

    public SSLSessionContext sessionContext() {
        return this.m_delegate.sessionContext();
    }
}
