package org.gradle.internal.resource.transport.http;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.gradle.internal.Factory;
import org.gradle.internal.SystemProperties;
import org.gradle.internal.impldep.com.google.common.cache.CacheBuilder;
import org.gradle.internal.impldep.com.google.common.cache.CacheLoader;
import org.gradle.internal.impldep.com.google.common.cache.LoadingCache;
import org.gradle.internal.impldep.com.google.common.collect.ImmutableSet;
import org.gradle.internal.impldep.org.apache.http.ssl.SSLInitializationException;
import org.gradle.launcher.daemon.configuration.DaemonJvmOptions;

/* loaded from: input_file:org/gradle/internal/resource/transport/http/DefaultSslContextFactory.class */
public class DefaultSslContextFactory implements SslContextFactory {
    private static final char[] EMPTY_PASSWORD = "".toCharArray();
    private static final Set<String> SSL_SYSTEM_PROPERTIES = ImmutableSet.of("ssl.TrustManagerFactory.algorithm", DaemonJvmOptions.SSL_TRUSTSTORETYPE_KEY, DaemonJvmOptions.SSL_TRUSTSTORE_KEY, "javax.net.ssl.trustStoreProvider", DaemonJvmOptions.SSL_TRUSTPASSWORD_KEY, "ssl.KeyManagerFactory.algorithm", DaemonJvmOptions.SSL_KEYSTORETYPE_KEY, DaemonJvmOptions.SSL_KEYSTORE_KEY, "javax.net.ssl.keyStoreProvider", DaemonJvmOptions.SSL_KEYSTOREPASSWORD_KEY, "java.home");
    private LoadingCache<Map<String, String>, SSLContext> cache = CacheBuilder.newBuilder().softValues().build(new SynchronizedSystemPropertiesCacheLoader(new SslContextCacheLoader()));

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/gradle/internal/resource/transport/http/DefaultSslContextFactory$SslContextCacheLoader.class */
    public static class SslContextCacheLoader extends CacheLoader<Map<String, String>, SSLContext> {
        private SslContextCacheLoader() {
        }

        @Override // org.gradle.internal.impldep.com.google.common.cache.CacheLoader
        public SSLContext load(Map<String, String> map) {
            try {
                TrustManagerFactory initTrustManagerFactory = initTrustManagerFactory(map);
                KeyManagerFactory initKeyManagerFactory = initKeyManagerFactory(map);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(initKeyManagerFactory.getKeyManagers(), initTrustManagerFactory.getTrustManagers(), null);
                return sSLContext;
            } catch (IOException | GeneralSecurityException e) {
                throw new SSLInitializationException(e.getMessage(), e);
            }
        }

        private static TrustManagerFactory initTrustManagerFactory(Map<String, String> map) throws GeneralSecurityException, IOException {
            TrustManagerFactory trustManagerFactory;
            FileInputStream fileInputStream;
            String trustAlgorithm = trustAlgorithm(map);
            String trustStoreType = trustStoreType(map);
            if ("none".equalsIgnoreCase(trustStoreType)) {
                trustManagerFactory = TrustManagerFactory.getInstance(trustAlgorithm);
            } else {
                String str = map.get(DaemonJvmOptions.SSL_TRUSTSTORE_KEY);
                if (str != null) {
                    File file = new File(str);
                    trustManagerFactory = TrustManagerFactory.getInstance(trustAlgorithm);
                    KeyStore trustStore = trustStore(map, trustStoreType);
                    char[] trustStorePassword = trustStorePassword(map);
                    fileInputStream = new FileInputStream(file);
                    try {
                        trustStore.load(fileInputStream, trustStorePassword);
                        fileInputStream.close();
                        trustManagerFactory.init(trustStore);
                    } finally {
                    }
                } else {
                    File trustStoreFile = trustStoreFile(map);
                    trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    char[] trustStorePassword2 = trustStorePassword(map);
                    fileInputStream = new FileInputStream(trustStoreFile);
                    try {
                        keyStore.load(fileInputStream, trustStorePassword2);
                        fileInputStream.close();
                        trustManagerFactory.init(keyStore);
                    } finally {
                    }
                }
            }
            return trustManagerFactory;
        }

        private static KeyManagerFactory initKeyManagerFactory(Map<String, String> map) throws GeneralSecurityException, IOException {
            KeyManagerFactory keyManagerFactory = keyManagerFactory(map);
            String keyStoreType = keyStoreType(map);
            if (!"none".equalsIgnoreCase(keyStoreType)) {
                char[] keystorePassword = keystorePassword(map);
                keyManagerFactory.init(keyStore(map, keyStoreType, keystorePassword), keystorePassword);
            }
            return keyManagerFactory;
        }

        private static String trustStoreType(Map<String, String> map) {
            String str = map.get(DaemonJvmOptions.SSL_TRUSTSTORETYPE_KEY);
            return str == null ? KeyStore.getDefaultType() : str;
        }

        private static KeyStore trustStore(Map<String, String> map, String str) throws NoSuchProviderException, KeyStoreException {
            String str2 = map.get("javax.net.ssl.trustStoreProvider");
            return str2 != null ? KeyStore.getInstance(str, str2) : KeyStore.getInstance(str);
        }

        private static File trustStoreFile(Map<String, String> map) {
            File file = new File(map.get("java.home"));
            File file2 = new File(file, "lib/security/jssecacerts");
            if (!file2.exists()) {
                file2 = new File(file, "lib/security/cacerts");
            }
            return file2;
        }

        private static String trustAlgorithm(Map<String, String> map) {
            String str = map.get("ssl.TrustManagerFactory.algorithm");
            return str == null ? TrustManagerFactory.getDefaultAlgorithm() : str;
        }

        private static char[] trustStorePassword(Map<String, String> map) {
            String str = map.get(DaemonJvmOptions.SSL_TRUSTPASSWORD_KEY);
            if (str != null) {
                return str.toCharArray();
            }
            return null;
        }

        private static KeyManagerFactory keyManagerFactory(Map<String, String> map) throws NoSuchAlgorithmException {
            String str = map.get("ssl.KeyManagerFactory.algorithm");
            if (str == null) {
                str = KeyManagerFactory.getDefaultAlgorithm();
            }
            return KeyManagerFactory.getInstance(str);
        }

        private static String keyStoreType(Map<String, String> map) {
            String str = map.get(DaemonJvmOptions.SSL_KEYSTORETYPE_KEY);
            if (str == null) {
                str = KeyStore.getDefaultType();
            }
            return str;
        }

        private static KeyStore keyStore(Map<String, String> map, String str, char[] cArr) throws NoSuchProviderException, KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
            KeyStore keyStoreInstance = getKeyStoreInstance(map, str);
            File keyStoreFile = keyStoreFile(map);
            if (keyStoreFile != null) {
                FileInputStream fileInputStream = new FileInputStream(keyStoreFile);
                try {
                    keyStoreInstance.load(fileInputStream, cArr);
                    fileInputStream.close();
                } catch (Throwable th) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } else {
                keyStoreInstance.load(null, cArr);
            }
            return keyStoreInstance;
        }

        private static KeyStore getKeyStoreInstance(Map<String, String> map, String str) throws NoSuchProviderException, KeyStoreException {
            String str2 = map.get("javax.net.ssl.keyStoreProvider");
            return str2 != null ? KeyStore.getInstance(str, str2) : KeyStore.getInstance(str);
        }

        private static File keyStoreFile(Map<String, String> map) {
            String str = map.get(DaemonJvmOptions.SSL_KEYSTORE_KEY);
            if (str == null || "none".equalsIgnoreCase(str)) {
                return null;
            }
            return new File(str);
        }

        private static char[] keystorePassword(Map<String, String> map) {
            String str = map.get(DaemonJvmOptions.SSL_KEYSTOREPASSWORD_KEY);
            return str != null ? str.toCharArray() : DefaultSslContextFactory.EMPTY_PASSWORD;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/gradle/internal/resource/transport/http/DefaultSslContextFactory$SynchronizedSystemPropertiesCacheLoader.class */
    public static class SynchronizedSystemPropertiesCacheLoader extends CacheLoader<Map<String, String>, SSLContext> {
        private final SslContextCacheLoader delegate;

        private SynchronizedSystemPropertiesCacheLoader(SslContextCacheLoader sslContextCacheLoader) {
            this.delegate = sslContextCacheLoader;
        }

        @Override // org.gradle.internal.impldep.com.google.common.cache.CacheLoader
        public SSLContext load(final Map<String, String> map) {
            return (SSLContext) SystemProperties.getInstance().withSystemProperties(map, new Factory<SSLContext>() { // from class: org.gradle.internal.resource.transport.http.DefaultSslContextFactory.SynchronizedSystemPropertiesCacheLoader.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.gradle.internal.Factory
                /* renamed from: create */
                public SSLContext mo991create() {
                    return SynchronizedSystemPropertiesCacheLoader.this.delegate.load(map);
                }
            });
        }
    }

    @Override // org.gradle.internal.resource.transport.http.SslContextFactory
    public SSLContext createSslContext() {
        return this.cache.getUnchecked(getCurrentProperties());
    }

    private Map<String, String> getCurrentProperties() {
        return (Map) SystemProperties.getInstance().withSystemProperties(new Factory<Map<String, String>>() { // from class: org.gradle.internal.resource.transport.http.DefaultSslContextFactory.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.gradle.internal.Factory
            /* renamed from: create */
            public Map<String, String> mo991create() {
                TreeMap treeMap = new TreeMap();
                for (String str : DefaultSslContextFactory.SSL_SYSTEM_PROPERTIES) {
                    treeMap.put(str, System.getProperty(str));
                }
                return treeMap;
            }
        });
    }
}
