package com.redhat.lightblue.client.http.auth;

import com.redhat.lightblue.client.LightblueClientConfiguration;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/redhat/lightblue/client/http/auth/SslSocketFactories.class */
public class SslSocketFactories {
    private static final Logger LOGGER = LoggerFactory.getLogger(SslSocketFactories.class);
    private static final String TLSV1 = "TLSv1";
    private static final String[] SUPPORTED_PROTOCOLS = {TLSV1};
    private static final String[] SUPPORTED_CIPHER_SUITES = null;
    private static final String FILE_PROTOCOL = "file://";

    public static SSLConnectionSocketFactory fromLightblueClientConfig(LightblueClientConfiguration lightblueClientConfiguration) throws CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException {
        return lightblueClientConfiguration.useCertAuth() ? defaultCertAuthSocketFactory(loadFile(lightblueClientConfiguration.getCaFilePath()), loadFile(lightblueClientConfiguration.getCertFilePath()), lightblueClientConfiguration.getCertPassword().toCharArray(), lightblueClientConfiguration.getCertAlias()) : defaultNoAuthSocketFactory();
    }

    public static SSLConnectionSocketFactory defaultNoAuthSocketFactory() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
        sSLContextBuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
        return new SSLConnectionSocketFactory(sSLContextBuilder.build());
    }

    public static SSLConnectionSocketFactory defaultCertAuthSocketFactory(InputStream inputStream, InputStream inputStream2, char[] cArr, String str) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        X509Certificate certificate = getCertificate(inputStream);
        KeyStore pkcs12KeyStore = getPkcs12KeyStore(inputStream2, cArr);
        return new SSLConnectionSocketFactory(getDefaultSSLContext(getJksKeyStore(certificate, pkcs12KeyStore, str, cArr), pkcs12KeyStore, cArr), SUPPORTED_PROTOCOLS, SUPPORTED_CIPHER_SUITES, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }

    public static SSLSocketFactory javaNetSslSocketFactory(LightblueClientConfiguration lightblueClientConfiguration) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, KeyManagementException {
        return javaNetSslSocketFactory(loadFile(lightblueClientConfiguration.getCaFilePath()), loadFile(lightblueClientConfiguration.getCertFilePath()), lightblueClientConfiguration.getCertPassword().toCharArray(), lightblueClientConfiguration.getCertAlias());
    }

    public static SSLSocketFactory javaNetSslSocketFactory(InputStream inputStream, InputStream inputStream2, char[] cArr, String str) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, KeyManagementException {
        X509Certificate certificate = getCertificate(inputStream);
        KeyStore pkcs12KeyStore = getPkcs12KeyStore(inputStream2, cArr);
        return getDefaultSSLContext(getJksKeyStore(certificate, pkcs12KeyStore, str, cArr), pkcs12KeyStore, cArr).getSocketFactory();
    }

    private static InputStream loadFile(String str) throws FileNotFoundException {
        return loadFile(Thread.currentThread().getContextClassLoader(), str);
    }

    private static InputStream loadFile(ClassLoader classLoader, String str) throws FileNotFoundException {
        return str.startsWith(FILE_PROTOCOL) ? new FileInputStream(str.substring(FILE_PROTOCOL.length())) : classLoader.getResourceAsStream(str);
    }

    private static X509Certificate getCertificate(InputStream inputStream) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
    }

    private static KeyStore getPkcs12KeyStore(InputStream inputStream, char[] cArr) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance("pkcs12");
        keyStore.load(inputStream, cArr);
        return keyStore;
    }

    private static KeyStore getJksKeyStore(Certificate certificate, KeyStore keyStore, String str, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, UnrecoverableKeyException {
        KeyStore keyStore2 = KeyStore.getInstance("jks");
        keyStore2.load(null, cArr);
        keyStore2.setCertificateEntry(str, certificate);
        keyStore2.setKeyEntry("anykey", keyStore.getKey(str, cArr), cArr, keyStore.getCertificateChain(str));
        return keyStore2;
    }

    private static SSLContext getDefaultSSLContext(KeyStore keyStore, KeyStore keyStore2, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
        trustManagerFactory.init(keyStore);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keyStore2, cArr);
        SSLContext sSLContext = SSLContext.getInstance(TLSV1);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        return sSLContext;
    }
}
