package eu.cec.digit.ecas.util.httpclient.protocol;

import eu.cec.digit.ecas.util.httpclient.protocol.bouncycastle.JsseCipherSuite;
import eu.cec.digit.ecas.util.httpclient.protocol.bouncycastle.JsseHashAlgorithm;
import eu.cec.digit.ecas.util.httpclient.protocol.bouncycastle.JsseNamedCurve;
import eu.cec.digit.ecas.util.httpclient.protocol.bouncycastle.JsseProtocolVersion;
import eu.cec.digit.ecas.util.httpclient.protocol.bouncycastle.JsseSignatureAlgorithm;
import eu.cec.digit.ecas.util.httpclient.protocol.bouncycastle.StandardNamesTlsSocketFactory;
import java.net.InetAddress;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:eu/cec/digit/ecas/util/httpclient/protocol/EmbeddedBouncyCastleTlsSocketFactory.class */
public final class EmbeddedBouncyCastleTlsSocketFactory {
    private final AbstractEmbeddedSSLSocketFactory embeddedSSLSocketFactory;
    private final SSLSocketFactoryWrapper sslSocketFactoryWrapper;

    public EmbeddedBouncyCastleTlsSocketFactory(AbstractEmbeddedSSLSocketFactory abstractEmbeddedSSLSocketFactory) {
        this(new JsseCipherSuite[]{JsseCipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, JsseCipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, JsseCipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, JsseCipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, JsseCipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, JsseCipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA}, new JsseProtocolVersion[]{JsseProtocolVersion.TLSv1_2, JsseProtocolVersion.TLSv1_1, JsseProtocolVersion.TLSv1}, new JsseNamedCurve[]{JsseNamedCurve.SECT571R1, JsseNamedCurve.SECT571K1, JsseNamedCurve.SECP521R1, JsseNamedCurve.SECT409R1, JsseNamedCurve.SECT409K1, JsseNamedCurve.SECP384R1, JsseNamedCurve.SECT283K1, JsseNamedCurve.SECT283R1, JsseNamedCurve.SECP256R1, JsseNamedCurve.SECP256K1}, false, abstractEmbeddedSSLSocketFactory);
    }

    public EmbeddedBouncyCastleTlsSocketFactory(JsseCipherSuite[] jsseCipherSuiteArr, JsseProtocolVersion[] jsseProtocolVersionArr, JsseNamedCurve[] jsseNamedCurveArr, boolean z, AbstractEmbeddedSSLSocketFactory abstractEmbeddedSSLSocketFactory) {
        X509KeyManager x509KeyManager;
        String[] clientAliases;
        this.embeddedSSLSocketFactory = abstractEmbeddedSSLSocketFactory;
        Set<X509Certificate> trustedCertificates = abstractEmbeddedSSLSocketFactory.getTrustedCertificates();
        PrivateKey privateKey = null;
        X509Certificate[] x509CertificateArr = null;
        KeyManager[] keyManagers = abstractEmbeddedSSLSocketFactory.getKeyManagers();
        if (null != keyManagers && keyManagers.length > 0 && (keyManagers[0] instanceof X509KeyManager) && null != (clientAliases = (x509KeyManager = (X509KeyManager) keyManagers[0]).getClientAliases("RSA", null)) && clientAliases.length > 0) {
            privateKey = x509KeyManager.getPrivateKey(clientAliases[0]);
            x509CertificateArr = x509KeyManager.getCertificateChain(clientAliases[0]);
        }
        StandardNamesTlsSocketFactory build = new StandardNamesTlsSocketFactory.Builder().trustedCertificates(trustedCertificates).identityCertificateChain(x509CertificateArr).identityPrivateKey(privateKey).enabledCipherSuites(jsseCipherSuiteArr).enabledProtocols(jsseProtocolVersionArr).enabledHashAlgorithms(JsseHashAlgorithm.SHA512, JsseHashAlgorithm.SHA384, JsseHashAlgorithm.SHA256).enabledSignatureAlgorithms(JsseSignatureAlgorithm.RSA, JsseSignatureAlgorithm.ECDSA, JsseSignatureAlgorithm.DSA).enabledNamedCurves(jsseNamedCurveArr).acceptInsecureRenegotiation(z).build();
        this.sslSocketFactoryWrapper = new SSLSocketFactoryWrapper(build, abstractEmbeddedSSLSocketFactory.getLocalAddress(), build.getSupportedCipherSuites(), build.getEnabledProtocolSet(), abstractEmbeddedSSLSocketFactory.getSSLSocketFactory());
    }

    public EmbeddedBouncyCastleTlsSocketFactory(String str, int i, List<X509Certificate> list) {
        this(new EmbeddedSSLSocketFactory(str, i, list));
    }

    public InetAddress getLocalAddress() {
        return this.embeddedSSLSocketFactory.getLocalAddress();
    }

    public SSLSocketFactoryWrapper getSSLSocketFactory() {
        return this.sslSocketFactoryWrapper;
    }

    public Map<String, ?> getServerDetails() {
        return this.embeddedSSLSocketFactory.getServerDetails();
    }
}
