package org.wildfly.security.ssl.test.util;

import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import org.wildfly.security.ssl.test.util.CAGenerationTool;
import org.wildfly.security.x500.cert.X509CertificateExtension;

/* loaded from: input_file:org/wildfly/security/ssl/test/util/DefinedCAIdentity.class */
public class DefinedCAIdentity extends DefinedIdentity {
    private final PrivateKey privateKey;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DefinedCAIdentity(CAGenerationTool cAGenerationTool, CAGenerationTool.Identity identity, X509Certificate x509Certificate, PrivateKey privateKey) {
        super(cAGenerationTool, identity, x509Certificate);
        this.privateKey = privateKey;
    }

    public CustomIdentity createIdentity(String str, X500Principal x500Principal, String str2, X509CertificateExtension... x509CertificateExtensionArr) {
        this.caGenerationTool.assertNotClosed();
        return this.caGenerationTool.createCustomIdentity(str, x500Principal, str2, this.identity, x509CertificateExtensionArr);
    }

    public PrivateKey getPrivateKey() {
        this.caGenerationTool.assertNotClosed();
        return this.privateKey;
    }

    public X509TrustManager createTrustManager() {
        this.caGenerationTool.assertNotClosed();
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
            trustManagerFactory.init(this.caGenerationTool.loadKeyStore(this.identity));
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
            throw new IllegalStateException("Unable to obtain X509TrustManager.");
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new IllegalStateException("Unable to obtain X509TrustManager.", e);
        }
    }
}
