package io.shaka.http;

import io.shaka.http.Https;
import java.io.FileInputStream;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import scala.MatchError;

/* compiled from: Https.scala */
/* loaded from: input_file:io/shaka/http/Https$.class */
public final class Https$ {
    public static final Https$ MODULE$ = null;
    private final String io$shaka$http$Https$$defaultProtocol;

    static {
        new Https$();
    }

    public String io$shaka$http$Https$$defaultProtocol() {
        return this.io$shaka$http$Https$$defaultProtocol;
    }

    public SSLSocketFactory sslFactory(Https.HttpsConfig httpsConfig) {
        SSLContext sSLContext = SSLContext.getInstance(httpsConfig.protocol());
        sSLContext.init(keyManagers(httpsConfig.keyStoreConfig()), trustManagers(httpsConfig.trustStoreConfig()), new SecureRandom());
        return sSLContext.getSocketFactory();
    }

    public HostnameVerifier hostNameVerifier(Https.TrustStoreConfig trustStoreConfig) {
        HostnameVerifier allHostsValid;
        if (trustStoreConfig instanceof Https.TrustServersByTrustStore) {
            allHostsValid = HttpsURLConnection.getDefaultHostnameVerifier();
        } else {
            if (!Https$TrustAnyServer$.MODULE$.equals(trustStoreConfig)) {
                throw new MatchError(trustStoreConfig);
            }
            allHostsValid = Https$TrustAllSslCertificates$.MODULE$.allHostsValid();
        }
        return allHostsValid;
    }

    private TrustManager[] trustManagers(Https.TrustStoreConfig trustStoreConfig) {
        TrustManager[] trustAllCerts;
        if (trustStoreConfig instanceof Https.TrustServersByTrustStore) {
            Https.TrustServersByTrustStore trustServersByTrustStore = (Https.TrustServersByTrustStore) trustStoreConfig;
            String path = trustServersByTrustStore.path();
            String password = trustServersByTrustStore.password();
            FileInputStream fileInputStream = new FileInputStream(path);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(fileInputStream, password.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            trustAllCerts = trustManagerFactory.getTrustManagers();
        } else {
            if (!Https$TrustAnyServer$.MODULE$.equals(trustStoreConfig)) {
                throw new MatchError(trustStoreConfig);
            }
            trustAllCerts = Https$TrustAllSslCertificates$.MODULE$.trustAllCerts();
        }
        return trustAllCerts;
    }

    private KeyManager[] keyManagers(Https.KeyStoreConfig keyStoreConfig) {
        KeyManager[] keyManagerArr;
        if (keyStoreConfig instanceof Https.UseKeyStore) {
            Https.UseKeyStore useKeyStore = (Https.UseKeyStore) keyStoreConfig;
            String path = useKeyStore.path();
            String password = useKeyStore.password();
            InputStream fileInputStream = Files.exists(Paths.get(path, new String[0]), new LinkOption[0]) ? new FileInputStream(path) : getClass().getResourceAsStream(path);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(fileInputStream, password.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, password.toCharArray());
            keyManagerArr = keyManagerFactory.getKeyManagers();
        } else {
            if (!Https$DoNotUseKeyStore$.MODULE$.equals(keyStoreConfig)) {
                throw new MatchError(keyStoreConfig);
            }
            keyManagerArr = null;
        }
        return keyManagerArr;
    }

    private Https$() {
        MODULE$ = this;
        this.io$shaka$http$Https$$defaultProtocol = "TLS";
    }
}
