package com.github.dreamhead.moco;

import com.github.dreamhead.moco.resource.ContentResource;
import com.google.common.base.Preconditions;
import com.google.common.io.Closeables;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.Security;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;

/* loaded from: input_file:com/github/dreamhead/moco/HttpsCertificate.class */
public final class HttpsCertificate {
    private static final String PROTOCOL = "TLS";
    private static final String DEFAULT_ALGORITHM = "SunX509";
    private final ContentResource resource;
    private final String keyStorePassword;
    private final String certPassword;

    private HttpsCertificate(ContentResource contentResource, String str, String str2) {
        this.resource = contentResource;
        this.keyStorePassword = str;
        this.certPassword = str2;
    }

    public SSLEngine createSSLEngine() {
        return createServerContext().createSSLEngine();
    }

    private SSLContext createServerContext() {
        InputStream keyStore = getKeyStore();
        try {
            try {
                KeyStore keyStore2 = KeyStore.getInstance("JKS");
                keyStore2.load(keyStore, getKeyStorePassword());
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(getAlgorithm());
                keyManagerFactory.init(keyStore2, getCertPassword());
                SSLContext sSLContext = SSLContext.getInstance(PROTOCOL);
                sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
                Closeables.closeQuietly(keyStore);
                return sSLContext;
            } catch (Exception e) {
                throw new MocoException("Failed to initialize the server-side SSLContext", e);
            }
        } catch (Throwable th) {
            Closeables.closeQuietly(keyStore);
            throw th;
        }
    }

    private static String getAlgorithm() {
        String property = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        return property == null ? DEFAULT_ALGORITHM : property;
    }

    private InputStream getKeyStore() {
        return this.resource.readFor(null).toInputStream();
    }

    private char[] getKeyStorePassword() {
        return this.keyStorePassword.toCharArray();
    }

    private char[] getCertPassword() {
        return this.certPassword.toCharArray();
    }

    public static HttpsCertificate certificate(ContentResource contentResource, String str, String str2) {
        return new HttpsCertificate((ContentResource) Preconditions.checkNotNull(contentResource), com.github.dreamhead.moco.util.Preconditions.checkNotNullOrEmpty(str, "Key store password should not be null"), com.github.dreamhead.moco.util.Preconditions.checkNotNullOrEmpty(str2, "Cert password should not be null"));
    }
}
