package org.opentcs.access.rmi.factories;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.Serializable;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Objects;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.opentcs.access.SslParameterSet;

/* loaded from: input_file:org/opentcs/access/rmi/factories/SecureSslContextFactory.class */
class SecureSslContextFactory implements Serializable {
    private static final String KEY_TRUST_MANAGEMENT_ALGORITHM = "SunX509";
    private static final String SSL_CONTEXT_PROTOCOL = "TLSv1.2";
    private final SslParameterSet sslParameterSet;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecureSslContextFactory(SslParameterSet sslParameterSet) {
        this.sslParameterSet = (SslParameterSet) Objects.requireNonNull(sslParameterSet, "sslParameterSet");
    }

    public SSLContext createClientContext() throws IllegalStateException {
        try {
            KeyStore keyStore = KeyStore.getInstance(this.sslParameterSet.getKeystoreType());
            keyStore.load(new FileInputStream(this.sslParameterSet.getTruststoreFile()), this.sslParameterSet.getTruststorePassword().toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KEY_TRUST_MANAGEMENT_ALGORITHM);
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance(SSL_CONTEXT_PROTOCOL);
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalStateException("Error creating the client's ssl context", e);
        }
    }

    public SSLContext createServerContext() throws IllegalStateException {
        try {
            KeyStore keyStore = KeyStore.getInstance(this.sslParameterSet.getKeystoreType());
            keyStore.load(new FileInputStream(this.sslParameterSet.getKeystoreFile()), this.sslParameterSet.getKeystorePassword().toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_TRUST_MANAGEMENT_ALGORITHM);
            keyManagerFactory.init(keyStore, this.sslParameterSet.getKeystorePassword().toCharArray());
            SSLContext sSLContext = SSLContext.getInstance(SSL_CONTEXT_PROTOCOL);
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            return sSLContext;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new IllegalStateException("Error creating the server's ssl context", e);
        }
    }
}
