package io.engineblock.util;

import io.engineblock.activityimpl.ActivityDef;
import io.netty.handler.ssl.SslContextBuilder;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Optional;
import javax.net.ServerSocketFactory;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/engineblock/util/SSLKsFactory.class */
public class SSLKsFactory {
    private static final Logger logger = LoggerFactory.getLogger(SSLKsFactory.class);
    private static SSLKsFactory instance = new SSLKsFactory();

    private SSLKsFactory() {
    }

    public static SSLKsFactory get() {
        return instance;
    }

    public ServerSocketFactory createSSLServerSocketFactory(ActivityDef activityDef) {
        return ((SSLContext) getContext(activityDef)).getServerSocketFactory();
    }

    public SocketFactory createSocketFactory(ActivityDef activityDef) {
        return ((SSLContext) getContext(activityDef)).getSocketFactory();
    }

    public Object getContext(ActivityDef activityDef) {
        Optional<String> optionalString = activityDef.getParams().getOptionalString("ssl");
        if (!optionalString.isPresent()) {
            return null;
        }
        if (!optionalString.get().equals("jdk") && !optionalString.get().equals("true")) {
            if (!optionalString.get().equals("openssl")) {
                throw new RuntimeException("The 'ssl' parameter must have one of jdk, or openssl");
            }
            logger.info("Cluster builder proceeding with SSL and Client Auth");
            String orElse = activityDef.getParams().getOptionalString("keyPassword").orElse(null);
            String orElse2 = activityDef.getParams().getOptionalString("caCertFilePath").orElse(null);
            String orElse3 = activityDef.getParams().getOptionalString("certFilePath").orElse(null);
            String orElse4 = activityDef.getParams().getOptionalString("keyFilePath").orElse(null);
            String orElse5 = activityDef.getParams().getOptionalString("truststore").orElse(null);
            String orElse6 = activityDef.getParams().getOptionalString("tspass").orElse(null);
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS", "SUN");
                keyStore.load(null, orElse.toCharArray());
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new FileInputStream(orElse2));
                keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                if (orElse5 == null || orElse5.isEmpty() || orElse6 == null) {
                    trustManagerFactory.init(keyStore);
                } else {
                    KeyStore keyStore2 = KeyStore.getInstance("JKS");
                    keyStore2.load(new FileInputStream(orElse5), orElse6.toCharArray());
                    trustManagerFactory.init(keyStore2);
                }
                return SslContextBuilder.forClient().trustManager(trustManagerFactory).keyManager(new File(orElse3), new File(orElse4)).build();
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        if (optionalString.get().equals("true")) {
            logger.warn("Please update your 'ssl=true' parameter to 'ssl=jdk'");
        }
        Optional<String> optionalString2 = activityDef.getParams().getOptionalString("keystore");
        Optional<String> optionalString3 = activityDef.getParams().getOptionalString("kspass");
        Optional<String> optionalString4 = activityDef.getParams().getOptionalString("truststore");
        Optional<String> optionalString5 = activityDef.getParams().getOptionalString("tspass");
        String orElse7 = activityDef.getParams().getOptionalString("tlsversion").orElse("TLSv1.2");
        if (!optionalString2.isPresent() || !optionalString3.isPresent() || !optionalString4.isPresent() || !optionalString5.isPresent()) {
            if (!optionalString2.isEmpty() || !optionalString3.isEmpty() || !optionalString4.isPresent() || !optionalString5.isPresent()) {
                throw new RuntimeException("SSL arguments are incorrectly configured. Please Check.");
            }
            try {
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                KeyStore keyStore3 = KeyStore.getInstance("JKS");
                keyStore3.load(new FileInputStream(optionalString4.get()), optionalString5.get().toCharArray());
                trustManagerFactory2.init(keyStore3);
                SSLContext sSLContext = SSLContext.getInstance(orElse7);
                sSLContext.init(null, trustManagerFactory2.getTrustManagers(), null);
                return sSLContext;
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        }
        try {
            KeyStore keyStore4 = KeyStore.getInstance("JKS");
            keyStore4.load(new FileInputStream(optionalString2.get()), optionalString3.get().toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore4, optionalString3.get().toCharArray());
            TrustManagerFactory trustManagerFactory3 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            if (optionalString4.get().isEmpty()) {
                trustManagerFactory3.init(keyStore4);
            } else {
                KeyStore keyStore5 = KeyStore.getInstance("JKS");
                keyStore5.load(new FileInputStream(optionalString4.get()), System.getProperty("javax.net.ssl.trustStorePassword").toCharArray());
                trustManagerFactory3.init(keyStore5);
            }
            SSLContext sSLContext2 = SSLContext.getInstance(orElse7);
            sSLContext2.init(keyManagerFactory.getKeyManagers(), trustManagerFactory3.getTrustManagers(), null);
            return sSLContext2;
        } catch (Exception e3) {
            throw new RuntimeException(e3);
        }
    }
}
