package com.github.netty.protocol.servlet.ssl;

import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;

/* loaded from: input_file:com/github/netty/protocol/servlet/ssl/SslContextBuilders.class */
public class SslContextBuilders {
    public static SslContextBuilder newSslContextBuilderJks(File file, File file2) throws IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, CertificateException {
        return newSslContextBuilderJks(file, file2 == null ? null : new String(Files.readAllBytes(file2.toPath())));
    }

    public static SslContextBuilder newSslContextBuilderJks(File file, String str) throws IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, CertificateException {
        char[] charArray = str == null ? null : str.toCharArray();
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(new FileInputStream(file), charArray);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, charArray);
        return SslContextBuilder.forServer(keyManagerFactory);
    }

    public static SslContextBuilder newSslContextBuilderPem(File file, File file2) {
        return SslContextBuilder.forServer(file, file2);
    }

    public static SslContext newSslContext(SslContextBuilder sslContextBuilder, boolean z) throws SSLException {
        return sslContextBuilder.sslProvider(SslProvider.isAlpnSupported(SslProvider.OPENSSL) ? SslProvider.OPENSSL : SslProvider.JDK).applicationProtocolConfig(new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, z ? new String[]{"h2", "http/1.1"} : new String[]{"http/1.1"})).build();
    }
}
