package org.neo4j.driver.internal.connector.socket;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.neo4j.driver.internal.spi.Logger;
import org.neo4j.driver.internal.util.CertificateTool;
import org.neo4j.driver.v1.Config;
import org.neo4j.driver.v1.exceptions.ClientException;

/* loaded from: input_file:neo4j-java-driver-1.0.0.jar:org/neo4j/driver/internal/connector/socket/SSLContextFactory.class */
class SSLContextFactory {
    private final String host;
    private final int port;
    private final Config.TrustStrategy authConfig;
    private final Logger logger;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLContextFactory(String str, int i, Config.TrustStrategy trustStrategy, Logger logger) {
        this.host = str;
        this.port = i;
        this.authConfig = trustStrategy;
        this.logger = logger;
    }

    public SSLContext create() throws GeneralSecurityException, IOException {
        TrustManager[] trustManagerArr;
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        switch (this.authConfig.strategy()) {
            case TRUST_SIGNED_CERTIFICATES:
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null, null);
                CertificateTool.loadX509Cert(this.authConfig.certFile(), keyStore);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore);
                trustManagerArr = trustManagerFactory.getTrustManagers();
                break;
            case TRUST_ON_FIRST_USE:
                trustManagerArr = new TrustManager[]{new TrustOnFirstUseTrustManager(this.host, this.port, this.authConfig.certFile(), this.logger)};
                break;
            default:
                throw new ClientException("Unknown TLS authentication strategy: " + this.authConfig.strategy().name());
        }
        sSLContext.init(new KeyManager[0], trustManagerArr, null);
        return sSLContext;
    }
}
