package io.prometheus.jmx.common.http.ssl;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:io/prometheus/jmx/common/http/ssl/SSLContextFactory.class */
public class SSLContextFactory {
    private static final String[] PROTOCOLS = {"TLSv1.3", "TLSv1.2", "TLSv1.1", "TLSv1"};

    private SSLContextFactory() {
    }

    public static SSLContext createSSLContext(String str, String str2, String str3) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            keyStore.load(fileInputStream, str2.toCharArray());
            HashSet hashSet = new HashSet();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (!nextElement.equals(str3)) {
                    hashSet.add(nextElement);
                }
            }
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                keyStore.deleteEntry((String) it.next());
            }
            if (!keyStore.containsAlias(str3)) {
                throw new GeneralSecurityException(String.format("certificate alias [%s] not found in keystore [%s]", str3, str));
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, str2.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext createSSLContext = createSSLContext();
            createSSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
            fileInputStream.close();
            return createSSLContext;
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static SSLContext createSSLContext() throws GeneralSecurityException {
        for (int i = 0; i < PROTOCOLS.length; i++) {
            try {
                return SSLContext.getInstance(PROTOCOLS[i]);
            } catch (Throwable th) {
            }
        }
        throw new GeneralSecurityException(String.format("No supported TLS protocols found", new Object[0]));
    }
}
