package eu.emi.security.authn.x509.impl;

import eu.emi.security.authn.x509.X509CertChainValidator;
import eu.emi.security.authn.x509.X509Credential;
import eu.emi.security.authn.x509.helpers.ssl.SSLTrustManagerWithHostnameChecking;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:eu/emi/security/authn/x509/impl/SocketFactoryCreator2.class */
public class SocketFactoryCreator2 {
    private final X509Credential credential;
    private final X509CertChainValidator validator;
    private final SecureRandom rnd;
    private final HostnameMismatchCallback2 hostnameMismatchCallback;
    private final String protocol;

    public SocketFactoryCreator2(X509Credential x509Credential, X509CertChainValidator x509CertChainValidator, HostnameMismatchCallback2 hostnameMismatchCallback2, SecureRandom secureRandom, String str) {
        this.credential = x509Credential;
        this.validator = x509CertChainValidator;
        this.rnd = secureRandom;
        this.hostnameMismatchCallback = hostnameMismatchCallback2;
        this.protocol = str;
    }

    public SocketFactoryCreator2(X509Credential x509Credential, X509CertChainValidator x509CertChainValidator, HostnameMismatchCallback2 hostnameMismatchCallback2) {
        this(x509Credential, x509CertChainValidator, hostnameMismatchCallback2, new SecureRandom(), "TLS");
    }

    public SocketFactoryCreator2(X509CertChainValidator x509CertChainValidator, HostnameMismatchCallback2 hostnameMismatchCallback2, SecureRandom secureRandom, String str) {
        this(null, x509CertChainValidator, hostnameMismatchCallback2, secureRandom, str);
    }

    public SocketFactoryCreator2(X509CertChainValidator x509CertChainValidator, HostnameMismatchCallback2 hostnameMismatchCallback2) {
        this(null, x509CertChainValidator, hostnameMismatchCallback2, new SecureRandom(), "TLS");
    }

    public X509TrustManager getSSLTrustManager() {
        return new SSLTrustManagerWithHostnameChecking(this.validator, this.hostnameMismatchCallback);
    }

    public SSLContext getSSLContext() {
        KeyManager[] keyManagerArr = this.credential == null ? null : new KeyManager[]{this.credential.getKeyManager()};
        SSLTrustManagerWithHostnameChecking sSLTrustManagerWithHostnameChecking = new SSLTrustManagerWithHostnameChecking(this.validator, this.hostnameMismatchCallback);
        try {
            SSLContext sSLContext = SSLContext.getInstance(this.protocol);
            try {
                sSLContext.init(keyManagerArr, new TrustManager[]{sSLTrustManagerWithHostnameChecking}, this.rnd);
                return sSLContext;
            } catch (KeyManagementException e) {
                throw new RuntimeException("Shouldn't happen - SSLContext can't be initiated?", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("The TLS protocol is unsupported by the JDK, a serious installation problem?", e2);
        }
    }

    public SSLServerSocketFactory getServerSocketFactory() {
        return getSSLContext().getServerSocketFactory();
    }

    public SSLSocketFactory getSocketFactory() {
        return getSSLContext().getSocketFactory();
    }

    static {
        CertificateUtils.configureSecProvider();
    }
}
