package org.jboss.as.domain.management.security;

import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.jboss.as.domain.management.DomainManagementMessages;
import org.jboss.as.domain.management.SSLIdentity;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;

/* loaded from: input_file:org/jboss/as/domain/management/security/SSLIdentityService.class */
class SSLIdentityService implements Service<SSLIdentity>, SSLIdentity {
    static final String SERVICE_SUFFIX = "ssl";
    private final String protocol;
    private final char[] keystorePassword;
    private final char[] keyPassword;
    private final InjectedValue<KeyStore> keystore = new InjectedValue<>();
    private final InjectedValue<KeyStore> truststore = new InjectedValue<>();
    private volatile SSLContext fullContext;
    private volatile SSLContext trustOnlyContext;

    public SSLIdentityService(String str, char[] cArr, char[] cArr2) {
        this.protocol = str;
        this.keystorePassword = cArr;
        this.keyPassword = cArr2;
    }

    public void start(StartContext startContext) throws StartException {
        try {
            KeyManager[] keyManagerArr = null;
            KeyStore keyStore = (KeyStore) this.keystore.getOptionalValue();
            if (keyStore != null) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, this.keyPassword == null ? this.keystorePassword : this.keyPassword);
                keyManagerArr = keyManagerFactory.getKeyManagers();
            }
            TrustManager[] trustManagerArr = null;
            KeyStore keyStore2 = (KeyStore) this.truststore.getOptionalValue();
            if (keyStore2 != null) {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore2);
                trustManagerArr = trustManagerFactory.getTrustManagers();
            }
            SSLContext sSLContext = SSLContext.getInstance(this.protocol);
            sSLContext.init(keyManagerArr, trustManagerArr, null);
            this.fullContext = sSLContext;
            if (keyManagerArr != null) {
                sSLContext = SSLContext.getInstance(this.protocol);
                sSLContext.init(null, trustManagerArr, null);
            }
            this.trustOnlyContext = sSLContext;
        } catch (KeyManagementException e) {
            throw DomainManagementMessages.MESSAGES.unableToStart(e);
        } catch (KeyStoreException e2) {
            throw DomainManagementMessages.MESSAGES.unableToStart(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw DomainManagementMessages.MESSAGES.unableToStart(e3);
        } catch (UnrecoverableKeyException e4) {
            throw DomainManagementMessages.MESSAGES.unableToStart(e4);
        }
    }

    public void stop(StopContext stopContext) {
    }

    /* renamed from: getValue, reason: merged with bridge method [inline-methods] */
    public SSLIdentityService m40getValue() throws IllegalStateException, IllegalArgumentException {
        return this;
    }

    public InjectedValue<KeyStore> getKeyStoreInjector() {
        return this.keystore;
    }

    public InjectedValue<KeyStore> getTrustStoreInjector() {
        return this.truststore;
    }

    @Override // org.jboss.as.domain.management.SSLIdentity
    public SSLContext getFullContext() {
        return this.fullContext;
    }

    @Override // org.jboss.as.domain.management.SSLIdentity
    public SSLContext getTrustOnlyContext() {
        return this.trustOnlyContext;
    }

    boolean hasTrustStore() {
        return this.truststore.getOptionalValue() != null;
    }
}
