package com.github.toolarium.jwebserver.util;

import ch.qos.logback.core.net.ssl.SSL;
import com.github.toolarium.common.security.ISecuredValue;
import com.github.toolarium.common.security.SecuredValue;
import com.github.toolarium.common.util.ClassInstanceUtil;
import com.github.toolarium.jwebserver.Version;
import com.github.toolarium.security.certificate.CertificateUtilFactory;
import com.github.toolarium.security.keystore.ISecurityManagerProvider;
import com.github.toolarium.security.keystore.impl.SecurityManagerProviderImpl;
import com.github.toolarium.security.keystore.util.KeyStoreUtil;
import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;

/* loaded from: input_file:com/github/toolarium/jwebserver/util/CertificateUtil.class */
public final class CertificateUtil {

    /* loaded from: input_file:com/github/toolarium/jwebserver/util/CertificateUtil$HOLDER.class */
    private static class HOLDER {
        static final CertificateUtil INSTANCE = new CertificateUtil();

        private HOLDER() {
        }
    }

    private CertificateUtil() {
    }

    public static CertificateUtil getInstance() {
        return HOLDER.INSTANCE;
    }

    public ISecurityManagerProvider getSecurityManagerProvider(String str, String str2, String str3, String str4, ISecuredValue<String> iSecuredValue) throws GeneralSecurityException, IOException {
        SecurityManagerProviderImpl securityManagerProviderImpl = null;
        KeyStore keyStore = null;
        if (str != null && !str.isBlank()) {
            File file = new File(str);
            if (file.exists()) {
                keyStore = KeyStoreUtil.getInstance().readKeyStore(file.getName(), str3, null, null);
            }
        }
        if (keyStore == null) {
            keyStore = KeyStoreUtil.getInstance().getDefaultTrustKeyStore();
        }
        if (str2 != null && !str2.isBlank()) {
            File file2 = new File(str2);
            if (file2.exists()) {
                securityManagerProviderImpl = new SecurityManagerProviderImpl(keyStore, KeyStoreUtil.getInstance().readKeyStore(file2.getPath(), str3, null, iSecuredValue), iSecuredValue);
            }
        }
        if (securityManagerProviderImpl == null) {
            if (!ClassInstanceUtil.getInstance().isClassAvailable("org.bouncycastle.jce.provider.BouncyCastleProvider")) {
                throw new GeneralSecurityException();
            }
            ISecuredValue<String> iSecuredValue2 = iSecuredValue;
            if (iSecuredValue2 == null) {
                iSecuredValue2 = new SecuredValue(SSL.DEFAULT_KEYSTORE_PASSWORD);
            }
            String str5 = Version.COMPONENT_ID;
            if (str4 != null) {
                str5 = str4;
            }
            KeyStore keyStore2 = CertificateUtilFactory.getInstance().getGenerator().createCreateCertificate(str5).toKeyStore(str5, iSecuredValue.getValue());
            KeyStoreUtil.getInstance().addCertificateToKeystore(keyStore, str5, new X509Certificate[]{(X509Certificate) keyStore2.getCertificate(str5)});
            securityManagerProviderImpl = new SecurityManagerProviderImpl(keyStore, keyStore2, iSecuredValue2);
        }
        return securityManagerProviderImpl;
    }

    public SSLContext createSSLContext(ISecurityManagerProvider iSecurityManagerProvider, boolean z) throws GeneralSecurityException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        if (z) {
            sSLContext.init(iSecurityManagerProvider.getKeyManagers(), KeyStoreUtil.getInstance().getTrustAllCertificateManager(), SecureRandom.getInstanceStrong());
        } else {
            sSLContext.init(iSecurityManagerProvider.getKeyManagers(), iSecurityManagerProvider.getTrustManagers(), SecureRandom.getInstanceStrong());
        }
        return sSLContext;
    }
}
