package io.spiffe.provider;

import io.spiffe.exception.SocketEndpointAddressException;
import io.spiffe.exception.X509SourceException;
import io.spiffe.provider.exception.SpiffeProviderException;
import io.spiffe.svid.x509svid.X509SvidSource;
import io.spiffe.workloadapi.X509Source;
import java.security.KeyStore;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactorySpi;
import javax.net.ssl.ManagerFactoryParameters;
import lombok.NonNull;

/* loaded from: input_file:io/spiffe/provider/SpiffeKeyManagerFactory.class */
public final class SpiffeKeyManagerFactory extends KeyManagerFactorySpi {
    @Override // javax.net.ssl.KeyManagerFactorySpi
    protected KeyManager[] engineGetKeyManagers() {
        return new KeyManager[]{new SpiffeKeyManager(getX509Source())};
    }

    public KeyManager[] engineGetKeyManagers(@NonNull X509SvidSource x509SvidSource) {
        if (x509SvidSource == null) {
            throw new NullPointerException("x509SvidSource is marked non-null but is null");
        }
        return new KeyManager[]{new SpiffeKeyManager(x509SvidSource)};
    }

    @Override // javax.net.ssl.KeyManagerFactorySpi
    protected void engineInit(KeyStore keyStore, char[] cArr) {
    }

    @Override // javax.net.ssl.KeyManagerFactorySpi
    protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
    }

    private X509Source getX509Source() {
        try {
            return X509SourceManager.getX509Source();
        } catch (SocketEndpointAddressException e) {
            throw new SpiffeProviderException("The Workload API Socket endpoint address configured is not valid", e);
        } catch (X509SourceException e2) {
            throw new SpiffeProviderException("The X.509 source could not be created", e2);
        }
    }
}
