package io.opentelemetry.exporter.internal;

import com.google.common.annotations.VisibleForTesting;
import io.opentelemetry.javaagent.bootstrap.PatchLogger;
import javax.annotation.Nullable;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:applicationinsights-agent-3.4.12.jar:inst/io/opentelemetry/exporter/internal/TlsConfigHelper.classdata */
public class TlsConfigHelper {
    private static final PatchLogger logger = PatchLogger.getLogger(TlsConfigHelper.class.getName());
    private final TlsUtility tlsUtil;

    @Nullable
    private X509KeyManager keyManager;

    @Nullable
    private X509TrustManager trustManager;

    @Nullable
    private SSLSocketFactory sslSocketFactory;

    /* loaded from: input_file:applicationinsights-agent-3.4.12.jar:inst/io/opentelemetry/exporter/internal/TlsConfigHelper$KeyManagerConfigurer.classdata */
    public interface KeyManagerConfigurer {
        void configure(X509TrustManager x509TrustManager, @Nullable X509KeyManager x509KeyManager) throws SSLException;
    }

    /* loaded from: input_file:applicationinsights-agent-3.4.12.jar:inst/io/opentelemetry/exporter/internal/TlsConfigHelper$SslSocketFactoryConfigurer.classdata */
    public interface SslSocketFactoryConfigurer {
        void configure(SSLSocketFactory sSLSocketFactory, X509TrustManager x509TrustManager) throws SSLException;
    }

    /* loaded from: input_file:applicationinsights-agent-3.4.12.jar:inst/io/opentelemetry/exporter/internal/TlsConfigHelper$TlsUtility.classdata */
    interface TlsUtility {
        default SSLSocketFactory sslSocketFactory(@Nullable X509KeyManager x509KeyManager, X509TrustManager x509TrustManager) throws SSLException {
            return TlsUtil.sslSocketFactory(x509KeyManager, x509TrustManager);
        }

        default X509TrustManager trustManager(byte[] bArr) throws SSLException {
            return TlsUtil.trustManager(bArr);
        }

        default X509KeyManager keyManager(byte[] bArr, byte[] bArr2) throws SSLException {
            return TlsUtil.keyManager(bArr, bArr2);
        }
    }

    public TlsConfigHelper() {
        this(new TlsUtility() { // from class: io.opentelemetry.exporter.internal.TlsConfigHelper.1
        });
    }

    @VisibleForTesting
    TlsConfigHelper(TlsUtility tlsUtility) {
        this.tlsUtil = tlsUtility;
    }

    public TlsConfigHelper setTrustManager(X509TrustManager x509TrustManager) {
        this.trustManager = x509TrustManager;
        return this;
    }

    public TlsConfigHelper createTrustManager(byte[] bArr) {
        try {
            this.trustManager = this.tlsUtil.trustManager(bArr);
            return this;
        } catch (SSLException e) {
            throw new IllegalStateException("Error creating X509TrustManager with provided certs. Are they valid X.509 in PEM format?", e);
        }
    }

    public TlsConfigHelper createKeyManager(byte[] bArr, byte[] bArr2) {
        try {
            if (this.keyManager != null) {
                logger.warning("Previous X509 Key manager is being replaced. This is probably an error and should only be set once.");
            }
            this.keyManager = this.tlsUtil.keyManager(bArr, bArr2);
            return this;
        } catch (SSLException e) {
            throw new IllegalStateException("Error creating X509KeyManager with provided certs. Are they valid X.509 in PEM format?", e);
        }
    }

    public TlsConfigHelper setKeyManager(X509KeyManager x509KeyManager) {
        if (this.keyManager != null) {
            logger.warning("Previous X509 Key manager is being replaced. This is probably an error and should only be set once.");
        }
        this.keyManager = x509KeyManager;
        return this;
    }

    public TlsConfigHelper setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
        return this;
    }

    public void configureWithKeyManager(KeyManagerConfigurer keyManagerConfigurer) {
        if (this.trustManager == null) {
            return;
        }
        try {
            keyManagerConfigurer.configure(this.trustManager, this.keyManager);
        } catch (SSLException e) {
            wrapException(e);
        }
    }

    public void configureWithSocketFactory(SslSocketFactoryConfigurer sslSocketFactoryConfigurer) {
        if (this.trustManager == null) {
            warnIfOtherComponentsConfigured();
            return;
        }
        try {
            SSLSocketFactory sSLSocketFactory = this.sslSocketFactory;
            if (sSLSocketFactory == null) {
                sSLSocketFactory = this.tlsUtil.sslSocketFactory(this.keyManager, this.trustManager);
            }
            sslSocketFactoryConfigurer.configure(sSLSocketFactory, this.trustManager);
        } catch (SSLException e) {
            wrapException(e);
        }
    }

    private static void wrapException(SSLException sSLException) {
        throw new IllegalStateException("Could not configure TLS connection, are certs in valid X.509 in PEM format?", sSLException);
    }

    private void warnIfOtherComponentsConfigured() {
        if (this.sslSocketFactory != null) {
            logger.warning("sslSocketFactory has been configured without an X509TrustManager.");
        } else if (this.keyManager != null) {
            logger.warning("An X509KeyManager has been configured without an X509TrustManager.");
        }
    }
}
