package org.apache.solr.util;

import java.io.File;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.SSLContext;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.scheme.SchemeSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.solr.client.solrj.embedded.SSLConfig;
import org.apache.solr.client.solrj.impl.HttpClientConfigurer;
import org.apache.solr.common.params.SolrParams;
import org.eclipse.jetty.util.security.CertificateUtils;

/* loaded from: input_file:org/apache/solr/util/SSLTestConfig.class */
public class SSLTestConfig extends SSLConfig {
    public static File TEST_KEYSTORE;
    private static String TEST_KEYSTORE_PATH;
    private static String TEST_KEYSTORE_PASSWORD;
    private static HttpClientConfigurer DEFAULT_CONFIGURER;

    /* loaded from: input_file:org/apache/solr/util/SSLTestConfig$SSLHttpClientConfigurer.class */
    private class SSLHttpClientConfigurer extends HttpClientConfigurer {
        private SSLHttpClientConfigurer() {
        }

        public void configure(DefaultHttpClient defaultHttpClient, SolrParams solrParams) {
            super.configure(defaultHttpClient, solrParams);
            SchemeRegistry schemeRegistry = defaultHttpClient.getConnectionManager().getSchemeRegistry();
            schemeRegistry.unregister("http");
            try {
                schemeRegistry.register(new Scheme("https", 443, (SchemeSocketFactory) new SSLSocketFactory(SSLTestConfig.this.buildSSLContext())));
            } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new IllegalStateException("Unable to setup https scheme for HTTPClient to test SSL.", e);
            }
        }
    }

    public SSLTestConfig() {
        this(false, false);
    }

    public SSLTestConfig(boolean z, boolean z2) {
        super(z, z2, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD, TEST_KEYSTORE_PATH, TEST_KEYSTORE_PASSWORD);
    }

    public SSLTestConfig(boolean z, boolean z2, String str, String str2, String str3, String str4) {
        super(z, z2, str, str2, str3, str4);
    }

    public HttpClientConfigurer getHttpClientConfigurer() {
        return isSSLMode() ? new SSLHttpClientConfigurer() : DEFAULT_CONFIGURER;
    }

    protected SSLContext buildSSLContext() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        return SSLContexts.custom().loadKeyMaterial(buildKeyStore(getKeyStore(), getKeyStorePassword()), getKeyStorePassword().toCharArray()).loadTrustMaterial(buildKeyStore(getTrustStore(), getTrustStorePassword()), new TrustSelfSignedStrategy()).build();
    }

    protected static KeyStore buildKeyStore(String str, String str2) {
        try {
            return CertificateUtils.getKeyStore((InputStream) null, str, "JKS", (String) null, str2);
        } catch (Exception e) {
            throw new IllegalStateException("Unable to build KeyStore from file: " + str, e);
        }
    }

    public static void setSSLSystemProperties() {
        System.setProperty("javax.net.ssl.keyStore", TEST_KEYSTORE_PATH);
        System.setProperty("javax.net.ssl.keyStorePassword", TEST_KEYSTORE_PASSWORD);
        System.setProperty("javax.net.ssl.trustStore", TEST_KEYSTORE_PATH);
        System.setProperty("javax.net.ssl.trustStorePassword", TEST_KEYSTORE_PASSWORD);
    }

    public static void clearSSLSystemProperties() {
        System.clearProperty("javax.net.ssl.keyStore");
        System.clearProperty("javax.net.ssl.keyStorePassword");
        System.clearProperty("javax.net.ssl.trustStore");
        System.clearProperty("javax.net.ssl.trustStorePassword");
    }

    static {
        TEST_KEYSTORE = ExternalPaths.SERVER_HOME == null ? null : new File(ExternalPaths.SERVER_HOME, "../etc/test/solrtest.keystore");
        TEST_KEYSTORE_PATH = (TEST_KEYSTORE == null || !TEST_KEYSTORE.exists()) ? null : TEST_KEYSTORE.getAbsolutePath();
        TEST_KEYSTORE_PASSWORD = "secret";
        DEFAULT_CONFIGURER = new HttpClientConfigurer();
    }
}
