package com.couchbase.client.core.endpoint;

import com.couchbase.client.core.env.SecureEnvironment;
import com.couchbase.client.core.logging.CouchbaseLogger;
import com.couchbase.client.core.logging.CouchbaseLoggerFactory;
import java.io.FileInputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:com/couchbase/client/core/endpoint/SSLEngineFactory.class */
public class SSLEngineFactory {
    private static final CouchbaseLogger LOGGER = CouchbaseLoggerFactory.getInstance((Class<?>) SSLEngineFactory.class);
    private final SecureEnvironment env;

    public SSLEngineFactory(SecureEnvironment secureEnvironment) {
        this.env = secureEnvironment;
    }

    public SSLEngine get() {
        String sslTruststoreFile;
        String sslKeystoreFile;
        try {
            String sslKeystorePassword = this.env.sslKeystorePassword();
            char[] charArray = (sslKeystorePassword == null || sslKeystorePassword.isEmpty()) ? null : sslKeystorePassword.toCharArray();
            KeyStore sslKeystore = this.env.sslKeystore();
            if (sslKeystore == null && (sslKeystoreFile = this.env.sslKeystoreFile()) != null && !sslKeystoreFile.isEmpty()) {
                sslKeystore = KeyStore.getInstance(KeyStore.getDefaultType());
                sslKeystore.load(new FileInputStream(sslKeystoreFile), charArray);
            }
            KeyStore sslTruststore = this.env.sslTruststore();
            if (sslTruststore == null && (sslTruststoreFile = this.env.sslTruststoreFile()) != null && !sslTruststoreFile.isEmpty()) {
                String sslTruststorePassword = this.env.sslTruststorePassword();
                char[] charArray2 = (sslTruststorePassword == null || sslTruststorePassword.isEmpty()) ? null : sslTruststorePassword.toCharArray();
                sslTruststore = KeyStore.getInstance(KeyStore.getDefaultType());
                sslTruststore.load(new FileInputStream(sslTruststoreFile), charArray2);
            }
            if (sslKeystore == null && sslTruststore == null) {
                throw new IllegalStateException("Either a KeyStore or a TrustStore need to be provided (or both).");
            }
            if (sslKeystore == null) {
                sslKeystore = sslTruststore;
                LOGGER.debug("No KeyStore provided, using provided TrustStore to initialize both factories.");
            } else if (sslTruststore == null) {
                sslTruststore = sslKeystore;
                LOGGER.debug("No TrustStore provided, using provided KeyStore to initialize both factories.");
            }
            String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
            keyManagerFactory.init(sslKeystore, charArray);
            trustManagerFactory.init(sslTruststore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            SSLEngine createSSLEngine = sSLContext.createSSLEngine();
            createSSLEngine.setUseClientMode(true);
            return createSSLEngine;
        } catch (Exception e) {
            throw new SSLException("Could not create SSLEngine.", e);
        }
    }
}
