package org.jgroups.util;

import java.io.BufferedInputStream;
import java.io.Closeable;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.ServiceLoader;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.jgroups.logging.Log;
import org.jgroups.logging.LogFactory;

/* loaded from: input_file:artemis-tomcat-jndi-resources-sample.war:WEB-INF/lib/jgroups-5.2.16.Final.jar:org/jgroups/util/SslContextFactory.class */
public class SslContextFactory {
    private static final String DEFAULT_KEYSTORE_TYPE = "PKCS12";
    public static final String DEFAULT_SSL_PROTOCOL = "TLS";
    private static final String CLASSPATH_RESOURCE = "classpath:";
    private KeyStore keyStore;
    private String keyStoreFileName;
    private char[] keyStorePassword;
    private String keyAlias;
    private KeyStore trustStore;
    private String trustStoreFileName;
    private char[] trustStorePassword;
    private ClassLoader classLoader;
    private String providerName;
    private static final Log log = LogFactory.getLog(SslContextFactory.class);
    private static final ConcurrentHashMap<ClassLoader, Provider[]> PER_CLASSLOADER_PROVIDERS = new ConcurrentHashMap<>(2);
    private String keyStoreType = DEFAULT_KEYSTORE_TYPE;
    private String trustStoreType = DEFAULT_KEYSTORE_TYPE;
    private String sslProtocol = DEFAULT_SSL_PROTOCOL;

    public SslContextFactory keyStore(KeyStore keyStore) {
        this.keyStore = keyStore;
        return this;
    }

    public SslContextFactory keyStoreFileName(String str) {
        this.keyStoreFileName = str;
        return this;
    }

    public SslContextFactory keyStorePassword(String str) {
        if (str != null) {
            this.keyStorePassword = str.toCharArray();
        }
        return this;
    }

    public SslContextFactory keyStorePassword(char[] cArr) {
        this.keyStorePassword = cArr;
        return this;
    }

    public SslContextFactory keyStoreType(String str) {
        if (str != null) {
            this.keyStoreType = str;
        }
        return this;
    }

    public SslContextFactory keyAlias(String str) {
        this.keyAlias = str;
        return this;
    }

    public SslContextFactory trustStore(KeyStore keyStore) {
        this.trustStore = keyStore;
        return this;
    }

    public SslContextFactory trustStoreFileName(String str) {
        this.trustStoreFileName = str;
        return this;
    }

    public SslContextFactory trustStorePassword(String str) {
        return trustStorePassword(str != null ? str.toCharArray() : null);
    }

    public SslContextFactory trustStorePassword(char[] cArr) {
        this.trustStorePassword = cArr;
        return this;
    }

    public SslContextFactory trustStoreType(String str) {
        if (str != null) {
            this.trustStoreType = str;
        }
        return this;
    }

    public SslContextFactory sslProtocol(String str) {
        if (str != null) {
            this.sslProtocol = str;
        }
        return this;
    }

    public SslContextFactory provider(String str) {
        if (str != null) {
            this.providerName = str;
        }
        return this;
    }

    public SslContextFactory classLoader(ClassLoader classLoader) {
        this.classLoader = classLoader;
        return this;
    }

    public SSLContext getContext() {
        SSLContext sSLContext;
        try {
            if (this.providerName != null) {
                Provider findProvider = findProvider(this.providerName, SSLContext.class.getSimpleName(), this.sslProtocol);
                if (findProvider == null) {
                    throw new IllegalArgumentException("No such provider " + this.providerName);
                }
                sSLContext = SSLContext.getInstance(this.sslProtocol, findProvider);
            } else {
                sSLContext = SSLContext.getInstance(this.sslProtocol);
            }
            initializeContext(sSLContext);
            return sSLContext;
        } catch (Exception e) {
            throw new RuntimeException("Could not initialize SSL", e);
        }
    }

    public void initializeContext(SSLContext sSLContext) {
        try {
            KeyManager[] keyManagerArr = null;
            if (this.keyStoreFileName != null || this.keyStore != null) {
                keyManagerArr = getKeyManagerFactory().getKeyManagers();
            }
            TrustManager[] trustManagerArr = null;
            if (this.trustStoreFileName != null || this.trustStore != null) {
                trustManagerArr = getTrustManagerFactory().getTrustManagers();
            }
            sSLContext.init(keyManagerArr, trustManagerArr, null);
        } catch (Exception e) {
            throw new RuntimeException("Could not initialize SSL", e);
        }
    }

    public KeyManagerFactory getKeyManagerFactory() throws IOException, GeneralSecurityException {
        Provider provider;
        KeyStore keyStore = this.keyStore != null ? this.keyStore : null;
        if (keyStore == null) {
            String str = this.keyStoreType != null ? this.keyStoreType : DEFAULT_KEYSTORE_TYPE;
            provider = findProvider(this.providerName, KeyStore.class.getSimpleName(), str);
            keyStore = provider != null ? KeyStore.getInstance(str, provider) : KeyStore.getInstance(str);
            loadKeyStore(keyStore, this.keyStoreFileName, this.keyStorePassword, this.classLoader);
        } else {
            provider = keyStore.getProvider();
        }
        if (this.keyAlias != null) {
            if (!keyStore.containsAlias(this.keyAlias) || !keyStore.isKeyEntry(this.keyAlias)) {
                throw new RuntimeException("No alias '" + this.keyAlias + "' in key store '" + this.keyStoreFileName + "'");
            }
            KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(this.keyStorePassword);
            KeyStore.Entry entry = keyStore.getEntry(this.keyAlias, passwordProtection);
            keyStore = provider != null ? KeyStore.getInstance(this.keyStoreType, provider) : KeyStore.getInstance(this.keyStoreType);
            keyStore.load(null, null);
            keyStore.setEntry(this.keyAlias, entry, passwordProtection);
        }
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        Provider findProvider = findProvider(this.providerName, KeyManagerFactory.class.getSimpleName(), defaultAlgorithm);
        KeyManagerFactory keyManagerFactory = findProvider != null ? KeyManagerFactory.getInstance(defaultAlgorithm, findProvider) : KeyManagerFactory.getInstance(defaultAlgorithm);
        keyManagerFactory.init(keyStore, this.keyStorePassword);
        return keyManagerFactory;
    }

    public TrustManagerFactory getTrustManagerFactory() throws IOException, GeneralSecurityException {
        KeyStore keyStore = this.trustStore != null ? this.trustStore : null;
        if (keyStore == null) {
            String str = this.trustStoreType != null ? this.trustStoreType : DEFAULT_KEYSTORE_TYPE;
            Provider findProvider = findProvider(this.providerName, KeyStore.class.getSimpleName(), str);
            keyStore = findProvider != null ? KeyStore.getInstance(str, findProvider) : KeyStore.getInstance(str);
            loadKeyStore(keyStore, this.trustStoreFileName, this.trustStorePassword, this.classLoader);
        }
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        Provider findProvider2 = findProvider(this.providerName, TrustManagerFactory.class.getSimpleName(), defaultAlgorithm);
        TrustManagerFactory trustManagerFactory = findProvider2 != null ? TrustManagerFactory.getInstance(defaultAlgorithm, findProvider2) : TrustManagerFactory.getInstance(defaultAlgorithm);
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    private static void loadKeyStore(KeyStore keyStore, String str, char[] cArr, ClassLoader classLoader) throws IOException, GeneralSecurityException {
        InputStream bufferedInputStream;
        try {
            if (str.startsWith("classpath:")) {
                bufferedInputStream = Util.getResourceAsStream(str.substring(str.indexOf(":") + 1), classLoader);
                if (bufferedInputStream == null) {
                    throw new IllegalArgumentException("Cannot find `" + str + "`");
                }
            } else {
                bufferedInputStream = Files.exists(Paths.get(str, new String[0]), new LinkOption[0]) ? new BufferedInputStream(new FileInputStream(str)) : Util.getResourceAsStream(str, classLoader);
            }
            keyStore.load(bufferedInputStream, cArr);
            Util.close(bufferedInputStream);
        } catch (Throwable th) {
            Util.close((Closeable) null);
            throw th;
        }
    }

    public static Provider findProvider(String str, String str2, String str3) {
        for (Provider provider : discoverSecurityProviders(Thread.currentThread().getContextClassLoader())) {
            if ((str == null || str.equals(provider.getName())) && provider.getService(str2, str3) != null) {
                return provider;
            }
        }
        return null;
    }

    public static Provider[] discoverSecurityProviders(ClassLoader classLoader) {
        return PER_CLASSLOADER_PROVIDERS.computeIfAbsent(classLoader, classLoader2 -> {
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            for (Provider provider : Security.getProviders()) {
                linkedHashMap.put(provider.getClass(), provider);
            }
            Iterator it = ServiceLoader.load(Provider.class, classLoader).iterator();
            while (true) {
                if (!it.hasNext()) {
                    return (Provider[]) linkedHashMap.values().toArray(new Provider[0]);
                }
                Provider provider2 = (Provider) it.next();
                linkedHashMap.putIfAbsent(provider2.getClass(), provider2);
            }
        });
    }
}
