package com.github.autermann.sockets.ssl;

import com.google.common.base.Preconditions;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/github/autermann/sockets/ssl/SSLFactory.class */
public class SSLFactory {
    private final SSLConfiguration options;
    private X509TrustManager trustManager;
    private X509KeyManager keyManager;
    private SSLContext context;

    public SSLFactory(SSLConfiguration sSLConfiguration) {
        this.options = (SSLConfiguration) Preconditions.checkNotNull(sSLConfiguration);
    }

    public SSLServerSocket createServerSocket(int i) throws GeneralSecurityException, IOException {
        SSLServerSocket sSLServerSocket = (SSLServerSocket) getContext().getServerSocketFactory().createServerSocket(i);
        if (getOptions().isRequireClientAuth()) {
            sSLServerSocket.setNeedClientAuth(true);
        }
        sSLServerSocket.setEnabledProtocols(new String[]{SSLConstants.PROTOCOL_TLS_V1});
        return sSLServerSocket;
    }

    public SSLSocket createSocket(InetSocketAddress inetSocketAddress, int i) throws GeneralSecurityException, IOException {
        SSLSocket sSLSocket = (SSLSocket) getContext().getSocketFactory().createSocket();
        sSLSocket.connect(inetSocketAddress, i);
        return sSLSocket;
    }

    protected SSLConfiguration getOptions() {
        return this.options;
    }

    public X509TrustManager getTrustManager() throws GeneralSecurityException, IOException {
        if (this.trustManager == null) {
            this.trustManager = createTrustManager();
        }
        return this.trustManager;
    }

    public X509KeyManager getKeyManager() throws GeneralSecurityException, IOException {
        if (this.keyManager == null) {
            this.keyManager = createKeyManager();
        }
        return this.keyManager;
    }

    public SSLContext getContext() throws GeneralSecurityException, IOException {
        if (this.context == null) {
            this.context = createSSLContext();
        }
        return this.context;
    }

    private X509KeyManager createKeyManager() throws GeneralSecurityException, IOException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(SSLConstants.KEY_MANAGER_ALGORITHM_SUN_X509, SSLConstants.KEY_MANAGER_PROVIDER_SUN_JSSE);
        keyManagerFactory.init(getOptions().getKeyStore(), getOptions().getKeyStorePass());
        for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
            if (keyManager instanceof X509KeyManager) {
                return (X509KeyManager) keyManager;
            }
        }
        throw new NoSuchAlgorithmException("No X509KeyManager in KeyManagerFactory");
    }

    private X509TrustManager createTrustManager() throws GeneralSecurityException, IOException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(SSLConstants.TRUST_MANAGER_ALGORITHM_PKIX);
        trustManagerFactory.init(getOptions().getTrustStore());
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        throw new NoSuchAlgorithmException("No X509TrustManager in TrustManagerFactory");
    }

    private SSLContext createSSLContext() throws GeneralSecurityException, IOException {
        SSLContext sSLContext = SSLContext.getInstance(SSLConstants.PROTOCOL_TLS_V1);
        sSLContext.init(new KeyManager[]{getKeyManager()}, new TrustManager[]{getTrustManager()}, null);
        return sSLContext;
    }
}
