package dev.eidentification.bankid.internal.ssl;

import dev.eidentification.bankid.internal.annotations.Internal;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Objects;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

@Internal
/* loaded from: input_file:dev/eidentification/bankid/internal/ssl/SslUtils.class */
public final class SslUtils {
    private SslUtils() {
    }

    public static SSLContext tryCreateSSLContext(KeyManagerFactory keyManagerFactory, TrustManagerFactory trustManagerFactory) throws GeneralSecurityException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    public static KeyManagerFactory tryCreateKeyManager(InputStream inputStream, String str) throws GeneralSecurityException, IOException {
        Objects.requireNonNull(inputStream);
        Objects.requireNonNull(str);
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(inputStream, str.toCharArray());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, str.toCharArray());
        return keyManagerFactory;
    }

    public static TrustManagerFactory tryCreateTrustManager(InputStream inputStream) throws GeneralSecurityException, IOException {
        Objects.requireNonNull(inputStream);
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        keyStore.setCertificateEntry("caCert", x509Certificate);
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }
}
