package de.captaingoldfish.scim.sdk.client.http;

import de.captaingoldfish.scim.sdk.client.exceptions.SslContextCreationFailedException;
import de.captaingoldfish.scim.sdk.client.keys.KeyStoreWrapper;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:de/captaingoldfish/scim/sdk/client/http/SSLContextHelper.class */
public final class SSLContextHelper {
    public static SSLContext getSslContext(KeyStoreWrapper keyStoreWrapper, KeyStoreWrapper keyStoreWrapper2) {
        if ((keyStoreWrapper == null || keyStoreWrapper.getKeyStore() == null) && (keyStoreWrapper2 == null || keyStoreWrapper2.getKeyStore() == null)) {
            try {
                return SSLContext.getDefault();
            } catch (NoSuchAlgorithmException e) {
                throw new IllegalStateException("problem with default SSLContext. Has probably been tampered with.", e);
            }
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            try {
                sSLContext.init(getKeyManagers(keyStoreWrapper), getTrustmanager(keyStoreWrapper2), null);
                return sSLContext;
            } catch (KeyManagementException e2) {
                throw new SslContextCreationFailedException(e2);
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new SslContextCreationFailedException(e3);
        }
    }

    private static TrustManager[] getTrustmanager(KeyStoreWrapper keyStoreWrapper) {
        if (keyStoreWrapper == null || keyStoreWrapper.getKeyStore() == null) {
            return null;
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStoreWrapper.getKeyStore());
            return trustManagerFactory.getTrustManagers();
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new IllegalStateException(e.getMessage(), e);
        }
    }

    private static KeyManager[] getKeyManagers(KeyStoreWrapper keyStoreWrapper) {
        if (keyStoreWrapper == null || keyStoreWrapper.getKeyStore() == null) {
            return null;
        }
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            try {
                keyManagerFactory.init(keyStoreWrapper.getKeyStore(), keyStoreWrapper.getKeystorePassword().toCharArray());
                return keyManagerFactory.getKeyManagers();
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new SslContextCreationFailedException("keystore could not be accessed", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new SslContextCreationFailedException(e2);
        }
    }

    private SSLContextHelper() {
    }
}
