package dev.monosoul.jooq.shadow.org.testcontainers.shaded.com.github.dockerjava.core;

import dev.monosoul.jooq.shadow.com.github.dockerjava.api.exception.DockerClientException;
import dev.monosoul.jooq.shadow.org.testcontainers.shaded.com.github.dockerjava.core.util.CertificateUtils;
import dev.monosoul.jooq.shadow.org.testcontainers.shaded.org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.io.File;
import java.io.Serializable;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.Security;
import java.util.Objects;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:dev/monosoul/jooq/shadow/org/testcontainers/shaded/com/github/dockerjava/core/LocalDirectorySSLConfig.class */
public class LocalDirectorySSLConfig implements SSLConfig, Serializable {
    private static final long serialVersionUID = -4736328026418377358L;
    private final String dockerCertPath;

    public LocalDirectorySSLConfig(String str) {
        this.dockerCertPath = (String) Objects.requireNonNull(str);
    }

    public String getDockerCertPath() {
        return this.dockerCertPath;
    }

    @Override // dev.monosoul.jooq.shadow.com.github.dockerjava.transport.SSLConfig
    public SSLContext getSSLContext() {
        if (!CertificateUtils.verifyCertificatesExist(this.dockerCertPath)) {
            return null;
        }
        try {
            Security.addProvider(new BouncyCastleProvider());
            String str = this.dockerCertPath + File.separator + "ca.pem";
            String str2 = this.dockerCertPath + File.separator + "key.pem";
            String str3 = this.dockerCertPath + File.separator + "cert.pem";
            String str4 = new String(Files.readAllBytes(Paths.get(str2, new String[0])));
            String str5 = new String(Files.readAllBytes(Paths.get(str3, new String[0])));
            String str6 = new String(Files.readAllBytes(Paths.get(str, new String[0])));
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance((String) AccessController.doPrivileged(getSystemProperty("ssl.keyManagerFactory.algorithm", KeyManagerFactory.getDefaultAlgorithm())));
            keyManagerFactory.init(CertificateUtils.createKeyStore(str4, str5), "docker".toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance((String) AccessController.doPrivileged(getSystemProperty("ssl.trustManagerFactory.algorithm", TrustManagerFactory.getDefaultAlgorithm())));
            trustManagerFactory.init(CertificateUtils.createTrustStore(str6));
            SSLContext sSLContext = SSLContext.getInstance((String) AccessController.doPrivileged(getSystemProperty("ssl.protocol", "TLSv1.2")));
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (Exception e) {
            throw new DockerClientException(e.getMessage(), e);
        }
    }

    private PrivilegedAction<String> getSystemProperty(String str, String str2) {
        return () -> {
            return System.getProperty(str, str2);
        };
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        return obj != null && getClass() == obj.getClass() && this.dockerCertPath.equals(((LocalDirectorySSLConfig) obj).dockerCertPath);
    }

    public int hashCode() {
        return this.dockerCertPath.hashCode();
    }

    public String toString() {
        return getClass().getSimpleName() + "{dockerCertPath=" + this.dockerCertPath + "}";
    }
}
