package eventstore.akka;

import akka.actor.ActorSystem;
import com.typesafe.config.Config;
import com.typesafe.sslconfig.akka.util.AkkaLoggerFactory;
import com.typesafe.sslconfig.ssl.AlgorithmChecker;
import com.typesafe.sslconfig.ssl.AlgorithmConstraintsParser$;
import com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder;
import com.typesafe.sslconfig.ssl.DefaultKeyManagerFactoryWrapper;
import com.typesafe.sslconfig.ssl.DefaultTrustManagerFactoryWrapper;
import com.typesafe.sslconfig.ssl.SSLConfigFactory$;
import com.typesafe.sslconfig.ssl.SSLConfigSettings;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.X509TrustManager;
import scala.Tuple2;
import scala.collection.IterableOnceOps;
import scala.runtime.BoxesRunTime;

/* compiled from: Tls.scala */
/* loaded from: input_file:eventstore/akka/Tls$.class */
public final class Tls$ {
    public static final Tls$ MODULE$ = new Tls$();

    public SSLContext createSSLContext(ActorSystem actorSystem) {
        return (SSLContext) mkSslContextAndTM(actorSystem)._1();
    }

    public Tuple2<SSLContext, X509TrustManager> createSSLContextAndTrustManager(ActorSystem actorSystem) {
        return mkSslContextAndTM(actorSystem);
    }

    private Tuple2<SSLContext, X509TrustManager> mkSslContextAndTM(ActorSystem actorSystem) {
        AkkaLoggerFactory akkaLoggerFactory = new AkkaLoggerFactory(actorSystem);
        SSLConfigSettings sslConfigSettings = sslConfigSettings(actorSystem.settings().config());
        AlgorithmChecker algorithmChecker = new AlgorithmChecker(akkaLoggerFactory, ((IterableOnceOps) sslConfigSettings.disabledSignatureAlgorithms().map(str -> {
            return AlgorithmConstraintsParser$.MODULE$.apply(str);
        })).toSet(), ((IterableOnceOps) sslConfigSettings.disabledKeyAlgorithms().map(str2 -> {
            return AlgorithmConstraintsParser$.MODULE$.apply(str2);
        })).toSet());
        ConfigSSLContextBuilder configSSLContextBuilder = new ConfigSSLContextBuilder(akkaLoggerFactory, sslConfigSettings, new DefaultKeyManagerFactoryWrapper(sslConfigSettings.keyManagerConfig().algorithm()), new DefaultTrustManagerFactoryWrapper(sslConfigSettings.trustManagerConfig().algorithm()));
        return new Tuple2<>(configSSLContextBuilder.build(), configSSLContextBuilder.buildCompositeTrustManager(sslConfigSettings.trustManagerConfig(), BoxesRunTime.unboxToBoolean(sslConfigSettings.checkRevocation().getOrElse(() -> {
            return false;
        })), configSSLContextBuilder.certificateRevocationList(sslConfigSettings), algorithmChecker, sslConfigSettings.debug()));
    }

    public SSLEngine createSSLEngine(String str, int i, SSLContext sSLContext) {
        SSLEngine createSSLEngine = sSLContext.createSSLEngine(str, i);
        createSSLEngine.setUseClientMode(true);
        SSLParameters sSLParameters = createSSLEngine.getSSLParameters();
        sSLParameters.setEndpointIdentificationAlgorithm("https");
        createSSLEngine.setSSLParameters(sSLParameters);
        return createSSLEngine;
    }

    public SSLConfigSettings sslConfigSettings(Config config) {
        return SSLConfigFactory$.MODULE$.parse(config.getConfig("eventstore.ssl-config").withFallback(config.getConfig("ssl-config")));
    }

    private Tls$() {
    }
}
