package org.apache.nifi.web.client.ssl;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Objects;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:org/apache/nifi/web/client/ssl/StandardSSLContextProvider.class */
public class StandardSSLContextProvider implements SSLContextProvider {
    @Override // org.apache.nifi.web.client.ssl.SSLContextProvider
    public SSLContext getSslContext(TlsContext tlsContext) {
        Objects.requireNonNull(tlsContext, "TLS Context required");
        SSLContext sslContextConfigured = getSslContextConfigured(tlsContext);
        try {
            KeyManager[] keyManagerArr = (KeyManager[]) tlsContext.getKeyManager().map(x509KeyManager -> {
                return new KeyManager[]{x509KeyManager};
            }).orElse(null);
            X509TrustManager trustManager = tlsContext.getTrustManager();
            sslContextConfigured.init(keyManagerArr, trustManager == null ? null : new TrustManager[]{trustManager}, new SecureRandom());
            return sslContextConfigured;
        } catch (KeyManagementException e) {
            throw new IllegalArgumentException("SSLContext initialization failed", e);
        }
    }

    private SSLContext getSslContextConfigured(TlsContext tlsContext) {
        String str = (String) Objects.requireNonNull(tlsContext.getProtocol(), "TLS Protocol required");
        try {
            return SSLContext.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(String.format("SSLContext protocol [%s] not supported", str), e);
        }
    }
}
