package com.aphyr.riemann.client;

import ch.qos.logback.core.joran.action.Action;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Scanner;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import javax.xml.bind.DatatypeConverter;

/* loaded from: input_file:com/aphyr/riemann/client/SSL.class */
public class SSL {
    public static char[] keyStorePassword = "GheesBetDyPhuvwotNolofamLydMues9".toCharArray();

    public static CertificateFactory X509CertFactory() throws CertificateException {
        return CertificateFactory.getInstance("X.509");
    }

    public static KeyFactory RSAKeyFactory() throws NoSuchAlgorithmException {
        return KeyFactory.getInstance("RSA");
    }

    public static byte[] base64toBinary(String str) {
        return DatatypeConverter.parseBase64Binary(str);
    }

    public static FileInputStream inputStream(String str) throws FileNotFoundException {
        return new FileInputStream(new File(str));
    }

    public static String slurp(String str) throws FileNotFoundException {
        return new Scanner(new File(str)).useDelimiter("\\Z").next();
    }

    public static X509Certificate loadCertificate(String str) throws IOException, CertificateException {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = inputStream(str);
            X509Certificate x509Certificate = (X509Certificate) X509CertFactory().generateCertificate(fileInputStream);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return x509Certificate;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    public static PublicKey publicKey(String str) throws IOException, CertificateException {
        return loadCertificate(str).getPublicKey();
    }

    public static PrivateKey privateKey(String str) throws FileNotFoundException, NoSuchAlgorithmException, InvalidKeySpecException {
        Matcher matcher = Pattern.compile("^-----BEGIN ?.*? PRIVATE KEY-----$(.+)^-----END ?.*? PRIVATE KEY-----$", 40).matcher(slurp(str));
        matcher.find();
        return RSAKeyFactory().generatePrivate(new PKCS8EncodedKeySpec(base64toBinary(matcher.group(1))));
    }

    public static KeyStore keyStore(String str, String str2, String str3) throws FileNotFoundException, IOException, KeyStoreException, NoSuchAlgorithmException, InvalidKeySpecException, CertificateException {
        PrivateKey privateKey = privateKey(str);
        X509Certificate loadCertificate = loadCertificate(str2);
        loadCertificate(str3);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setKeyEntry(Action.KEY_ATTRIBUTE, privateKey, keyStorePassword, new Certificate[]{loadCertificate});
        return keyStore;
    }

    public static KeyStore trustStore(String str) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(ch.qos.logback.core.net.ssl.SSL.DEFAULT_KEYSTORE_TYPE);
        keyStore.load(null, null);
        keyStore.setCertificateEntry("cacert", loadCertificate(str));
        return keyStore;
    }

    public static TrustManager trustManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
        synchronized (trustManagerFactory) {
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return trustManager;
                }
            }
            return null;
        }
    }

    public static KeyManager keyManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableKeyException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
        synchronized (keyManagerFactory) {
            keyManagerFactory.init(keyStore, keyStorePassword);
            for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
                if (keyManager instanceof X509KeyManager) {
                    return keyManager;
                }
            }
            return null;
        }
    }

    public static SSLContext sslContext(String str, String str2, String str3) throws KeyManagementException, NoSuchAlgorithmException, FileNotFoundException, KeyStoreException, IOException, InvalidKeySpecException, CertificateException, NoSuchProviderException, UnrecoverableKeyException {
        KeyManager keyManager = keyManager(keyStore(str, str2, str3));
        TrustManager trustManager = trustManager(trustStore(str3));
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(new KeyManager[]{keyManager}, new TrustManager[]{trustManager}, null);
        return sSLContext;
    }

    public static SSLContext uncheckedSSLContext(String str, String str2, String str3) {
        try {
            return sslContext(str, str2, str3);
        } catch (FileNotFoundException e) {
            throw new RuntimeException(e);
        } catch (IOException e2) {
            throw new RuntimeException(e2);
        } catch (KeyManagementException e3) {
            throw new RuntimeException(e3);
        } catch (KeyStoreException e4) {
            throw new RuntimeException(e4);
        } catch (NoSuchAlgorithmException e5) {
            throw new RuntimeException(e5);
        } catch (NoSuchProviderException e6) {
            throw new RuntimeException(e6);
        } catch (UnrecoverableKeyException e7) {
            throw new RuntimeException(e7);
        } catch (CertificateException e8) {
            throw new RuntimeException(e8);
        } catch (InvalidKeySpecException e9) {
            throw new RuntimeException(e9);
        }
    }
}
