package org.neo4j.bolt.testing.client.tls;

import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.neo4j.bolt.testing.client.SocketConnection;
import org.neo4j.bolt.testing.client.TransportConnection;
import org.neo4j.internal.helpers.HostnamePort;

/* loaded from: input_file:org/neo4j/bolt/testing/client/tls/SecureSocketConnection.class */
public class SecureSocketConnection extends SocketConnection {
    private static final Factory factory = new Factory();
    private final Set<X509Certificate> serverCertificatesSeen;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/neo4j/bolt/testing/client/tls/SecureSocketConnection$Factory.class */
    public static class Factory implements TransportConnection.Factory {
        private Factory() {
        }

        @Override // org.neo4j.bolt.testing.client.TransportConnection.Factory
        public TransportConnection create(HostnamePort hostnamePort) {
            return new SecureSocketConnection(hostnamePort);
        }

        public String toString() {
            return "TLS Socket";
        }
    }

    public static TransportConnection.Factory factory() {
        return factory;
    }

    public SecureSocketConnection(HostnamePort hostnamePort) {
        super(hostnamePort);
        this.serverCertificatesSeen = new HashSet();
    }

    @Override // org.neo4j.bolt.testing.client.SocketConnection
    protected Socket createSocket() {
        try {
            return createSslContext().getSocketFactory().createSocket();
        } catch (IOException e) {
            throw new IllegalStateException("Failed to create socket", e);
        } catch (KeyManagementException | NoSuchAlgorithmException e2) {
            throw new UnsupportedOperationException("Failed to configure SSL context", e2);
        } catch (KeyStoreException | UnrecoverableKeyException | CertificateException e3) {
            throw new IllegalStateException("Failed to configure SSL context", e3);
        }
    }

    protected SSLContext createSslContext() throws IOException, NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, CertificateException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        Set<X509Certificate> set = this.serverCertificatesSeen;
        Objects.requireNonNull(set);
        sSLContext.init(new KeyManager[0], new TrustManager[]{new NaiveTrustManager((v1) -> {
            r7.add(v1);
        })}, new SecureRandom());
        return sSLContext;
    }

    public Set<X509Certificate> getServerCertificatesSeen() {
        return this.serverCertificatesSeen;
    }
}
