package org.zowe.apiml;

import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:org/zowe/apiml/VerifierSSLContext.class */
public class VerifierSSLContext {
    private final Stores stores;
    private SSLContext sslContext;
    private SSLContext sslContextWithKeystore;

    private VerifierSSLContext(Stores stores) {
        this.stores = stores;
    }

    public Stores getStores() {
        return this.stores;
    }

    public SSLContext getSslContext() {
        return this.sslContext;
    }

    public SSLContext getSslContextWithKeystore() {
        return this.sslContextWithKeystore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static VerifierSSLContext initSSLContextWithKeystore(final Stores stores) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, KeyManagementException {
        VerifierSSLContext verifierSSLContext = new VerifierSSLContext(stores);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(stores.getTrustStore());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(stores.getKeyStore(), stores.getConf().getKeyPasswd().toCharArray());
        verifierSSLContext.sslContextWithKeystore = SSLContext.getInstance("TLSv1.2");
        final X509KeyManager x509KeyManager = (X509KeyManager) keyManagerFactory.getKeyManagers()[0];
        verifierSSLContext.sslContextWithKeystore.init(new KeyManager[]{new X509KeyManager() { // from class: org.zowe.apiml.VerifierSSLContext.1
            @Override // javax.net.ssl.X509KeyManager
            public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
                return Stores.this.getConf().getKeyAlias() == null ? x509KeyManager.chooseClientAlias(strArr, principalArr, socket) : Stores.this.getConf().getKeyAlias();
            }

            @Override // javax.net.ssl.X509KeyManager
            public X509Certificate[] getCertificateChain(String str) {
                return x509KeyManager.getCertificateChain(str);
            }

            @Override // javax.net.ssl.X509KeyManager
            public String[] getClientAliases(String str, Principal[] principalArr) {
                return x509KeyManager.getClientAliases(str, principalArr);
            }

            @Override // javax.net.ssl.X509KeyManager
            public String[] getServerAliases(String str, Principal[] principalArr) {
                return x509KeyManager.getServerAliases(str, principalArr);
            }

            @Override // javax.net.ssl.X509KeyManager
            public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
                return Stores.this.getConf().getKeyAlias() == null ? x509KeyManager.chooseServerAlias(str, principalArr, socket) : Stores.this.getConf().getKeyAlias();
            }

            @Override // javax.net.ssl.X509KeyManager
            public PrivateKey getPrivateKey(String str) {
                return x509KeyManager.getPrivateKey(str);
            }
        }}, trustManagerFactory.getTrustManagers(), new SecureRandom());
        return verifierSSLContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static VerifierSSLContext initSSLContextWithoutKeystore(Stores stores) throws CertificateException, IOException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, KeyManagementException {
        VerifierSSLContext verifierSSLContext = new VerifierSSLContext(stores);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(stores.getTrustStore());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyManagerFactory.init(keyStore, null);
        verifierSSLContext.sslContext = SSLContext.getInstance("TLSv1.2");
        verifierSSLContext.sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        return verifierSSLContext;
    }
}
