package org.apache.servicecomb.foundation.ssl;

import java.io.File;
import java.io.IOException;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;

/* loaded from: input_file:org/apache/servicecomb/foundation/ssl/SSLManager.class */
public final class SSLManager {
    private SSLManager() {
    }

    public static SSLContext createSSLContext(SSLOption sSLOption, SSLCustom sSLCustom) {
        KeyManager[] keyManagerArr;
        try {
            String fullPath = sSLCustom.getFullPath(sSLOption.getKeyStore());
            if (fullPath == null || !new File(fullPath).exists()) {
                keyManagerArr = null;
            } else {
                char[] decode = sSLCustom.decode(sSLOption.getKeyStoreValue().toCharArray());
                keyManagerArr = KeyStoreUtil.createKeyManagers(KeyStoreUtil.createKeyStore(fullPath, sSLOption.getKeyStoreType(), decode), decode);
            }
            String fullPath2 = sSLCustom.getFullPath(sSLOption.getTrustStore());
            TrustManager[] createTrustManagers = (fullPath2 == null || !new File(fullPath2).exists()) ? new TrustManager[]{new TrustAllManager()} : KeyStoreUtil.createTrustManagers(KeyStoreUtil.createKeyStore(fullPath2, sSLOption.getTrustStoreType(), sSLCustom.decode(sSLOption.getTrustStoreValue().toCharArray())));
            TrustManager[] trustManagerArr = new TrustManager[createTrustManagers.length];
            for (int i = 0; i < createTrustManagers.length; i++) {
                trustManagerArr[i] = new TrustManagerExt((X509ExtendedTrustManager) createTrustManagers[i], sSLOption, sSLCustom);
            }
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
            return sSLContext;
        } catch (KeyManagementException e) {
            throw new IllegalArgumentException("KeyManagementException." + e.getMessage());
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalArgumentException("NoSuchAlgorithmException." + e2.getMessage());
        }
    }

    public static SSLSocketFactory createSSLSocketFactory(SSLOption sSLOption, SSLCustom sSLCustom) {
        SSLSocketFactory socketFactory = createSSLContext(sSLOption, sSLCustom).getSocketFactory();
        return new SSLSocketFactoryExt(socketFactory, getEnabledCiphers(socketFactory.getSupportedCipherSuites(), sSLOption.getCiphers().split(",")), sSLOption.getProtocols().split(","));
    }

    public static SSLEngine createSSLEngine(SSLOption sSLOption, SSLCustom sSLCustom) {
        SSLEngine createSSLEngine = createSSLContext(sSLOption, sSLCustom).createSSLEngine();
        createSSLEngine.setEnabledProtocols(sSLOption.getProtocols().split(","));
        createSSLEngine.setEnabledCipherSuites(getEnabledCiphers(createSSLEngine.getSupportedCipherSuites(), sSLOption.getCiphers().split(",")));
        createSSLEngine.setNeedClientAuth(sSLOption.isAuthPeer());
        return createSSLEngine;
    }

    public static SSLEngine createSSLEngine(SSLOption sSLOption, SSLCustom sSLCustom, String str, int i) {
        SSLEngine createSSLEngine = createSSLContext(sSLOption, sSLCustom).createSSLEngine(str, i);
        createSSLEngine.setEnabledProtocols(sSLOption.getProtocols().split(","));
        createSSLEngine.setEnabledCipherSuites(getEnabledCiphers(createSSLEngine.getSupportedCipherSuites(), sSLOption.getCiphers().split(",")));
        createSSLEngine.setNeedClientAuth(sSLOption.isAuthPeer());
        return createSSLEngine;
    }

    public static SSLServerSocket createSSLServerSocket(SSLOption sSLOption, SSLCustom sSLCustom) {
        try {
            SSLServerSocket sSLServerSocket = (SSLServerSocket) createSSLContext(sSLOption, sSLCustom).getServerSocketFactory().createServerSocket();
            sSLServerSocket.setEnabledProtocols(sSLOption.getProtocols().split(","));
            sSLServerSocket.setEnabledCipherSuites(getEnabledCiphers(sSLServerSocket.getSupportedCipherSuites(), sSLOption.getCiphers().split(",")));
            sSLServerSocket.setNeedClientAuth(sSLOption.isAuthPeer());
            return sSLServerSocket;
        } catch (UnknownHostException e) {
            throw new IllegalArgumentException("unkown host");
        } catch (IOException e2) {
            throw new IllegalArgumentException("unable create socket");
        }
    }

    public static SSLSocket createSSLSocket(SSLOption sSLOption, SSLCustom sSLCustom) {
        try {
            SSLSocket sSLSocket = (SSLSocket) createSSLContext(sSLOption, sSLCustom).getSocketFactory().createSocket();
            sSLSocket.setEnabledProtocols(sSLOption.getProtocols().split(","));
            sSLSocket.setEnabledCipherSuites(getEnabledCiphers(sSLSocket.getSupportedCipherSuites(), sSLOption.getCiphers().split(",")));
            return sSLSocket;
        } catch (UnknownHostException e) {
            throw new IllegalArgumentException("unkown host");
        } catch (IOException e2) {
            throw new IllegalArgumentException("unable create socket");
        }
    }

    private static String[] getEnabledCiphers(String[] strArr, String[] strArr2) {
        String[] strArr3 = new String[strArr2.length];
        int i = 0;
        for (String str : strArr2) {
            int length = strArr.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length) {
                    break;
                }
                if (str.equals(strArr[i2])) {
                    int i3 = i;
                    i++;
                    strArr3[i3] = str;
                    break;
                }
                i2++;
            }
        }
        if (i == 0) {
            throw new IllegalArgumentException("no enabled cipher suits.");
        }
        String[] strArr4 = new String[i];
        System.arraycopy(strArr3, 0, strArr4, 0, i);
        return strArr4;
    }

    public static String[] getEnalbedCiphers(String str) {
        SSLOption sSLOption = new SSLOption();
        sSLOption.setProtocols("TLSv1.2");
        sSLOption.setCiphers(str);
        return createSSLSocket(sSLOption, SSLCustom.defaultSSLCustom()).getEnabledCipherSuites();
    }
}
