package com.xdja.pki.gmssl.tomcat.plugin;

import com.xdja.pki.gmssl.GMSSLContext;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.net.SSLContext;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.SSLUtil;
import org.apache.tomcat.util.res.StringManager;

/* loaded from: input_file:com/xdja/pki/gmssl/tomcat/plugin/XDJAJSSEUtil.class */
public class XDJAJSSEUtil implements SSLUtil {
    private static final Log log = LogFactory.getLog(XDJAJSSEUtil.class);
    private static final StringManager sm = StringManager.getManager(XDJAJSSEUtil.class);
    private final SSLHostConfigCertificate certificate;
    private final SSLHostConfig sslHostConfig;

    public XDJAJSSEUtil(SSLHostConfigCertificate sSLHostConfigCertificate) {
        this.certificate = sSLHostConfigCertificate;
        this.sslHostConfig = sSLHostConfigCertificate.getSSLHostConfig();
    }

    public SSLContext createSSLContext(List<String> list) throws NoSuchAlgorithmException, NoSuchProviderException {
        return new XDJAJSSEGMSSLContext(this.sslHostConfig.getSslProtocol());
    }

    public KeyManager[] getKeyManagers() throws Exception {
        String certificateKeystorePassword = this.certificate.getCertificateKeystorePassword();
        KeyStore keystore = GMSSLContext.getKeystore(this.certificate.getCertificateKeystoreFile(), this.certificate.getCertificateKeystoreType(), this.certificate.getCertificateKeystoreProvider(), certificateKeystorePassword);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", "XDJAJSSE");
        keyManagerFactory.init(keystore, certificateKeystorePassword.toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    public TrustManager[] getTrustManagers() throws Exception {
        KeyStore trustStore = GMSSLContext.getTrustStore(this.sslHostConfig.getTruststoreFile(), this.sslHostConfig.getTruststoreType(), this.sslHostConfig.getTruststoreProvider(), this.sslHostConfig.getTruststorePassword());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", "XDJAJSSE");
        trustManagerFactory.init(trustStore);
        return trustManagerFactory.getTrustManagers();
    }

    public void configureSessionContext(SSLSessionContext sSLSessionContext) {
        sSLSessionContext.setSessionCacheSize(this.sslHostConfig.getSessionCacheSize());
        sSLSessionContext.setSessionTimeout(this.sslHostConfig.getSessionTimeout());
    }

    public String[] getEnabledProtocols() throws IllegalArgumentException {
        return new String[]{"GMSSLv1.1"};
    }

    public String[] getEnabledCiphers() throws IllegalArgumentException {
        return new String[]{"GMSSL_ECC_SM4_SM3"};
    }
}
