package org.eclipse.californium.cli.tcp.netty;

import io.netty.handler.ssl.SslProtocols;
import java.security.GeneralSecurityException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import org.eclipse.californium.cli.CliConnectorFactory;
import org.eclipse.californium.cli.ClientBaseConfig;
import org.eclipse.californium.core.config.CoapConfig;
import org.eclipse.californium.elements.Connector;
import org.eclipse.californium.elements.config.Configuration;
import org.eclipse.californium.elements.config.TcpConfig;
import org.eclipse.californium.elements.tcp.netty.TlsClientConnector;
import org.eclipse.californium.elements.util.SslContextUtil;

/* loaded from: input_file:org/eclipse/californium/cli/tcp/netty/TlsConnectorFactory.class */
public class TlsConnectorFactory implements CliConnectorFactory {
    private static final String ALIAS = "client";

    public Connector create(ClientBaseConfig clientBaseConfig, ExecutorService executorService) {
        Configuration configuration = clientBaseConfig.configuration;
        int intValue = ((Integer) configuration.get(CoapConfig.MAX_ACTIVE_PEERS)).intValue();
        int timeAsInt = configuration.getTimeAsInt(TcpConfig.TLS_SESSION_TIMEOUT, TimeUnit.SECONDS);
        SSLContext sSLContext = null;
        try {
            KeyManager[] createAnonymousKeyManager = clientBaseConfig.authentication.anonymous ? SslContextUtil.createAnonymousKeyManager() : SslContextUtil.createKeyManager(ALIAS, clientBaseConfig.authentication.credentials.getPrivateKey(), clientBaseConfig.authentication.credentials.getCertificateChain());
            TrustManager[] createTrustAllManager = clientBaseConfig.trust.trustall ? SslContextUtil.createTrustAllManager() : SslContextUtil.createTrustManager(ALIAS, clientBaseConfig.trust.trusts);
            sSLContext = SSLContext.getInstance(SslProtocols.TLS_v1_2);
            sSLContext.init(createAnonymousKeyManager, createTrustAllManager, null);
            SSLSessionContext clientSessionContext = sSLContext.getClientSessionContext();
            if (clientSessionContext != null) {
                clientSessionContext.setSessionTimeout(timeAsInt);
                clientSessionContext.setSessionCacheSize(intValue);
            }
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
        }
        return new TlsClientConnector(sSLContext, clientBaseConfig.configuration);
    }
}
