package org.summerboot.jexpress.security;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:org/summerboot/jexpress/security/SSLUtil.class */
public class SSLUtil {
    public static String DEFAULT_PROTOCOL = "TLSv1.3";
    public static final HostnameVerifier IGNORE_HOST_NAME_VERIFIER = (str, sSLSession) -> {
        return true;
    };
    private static final X509Certificate[] TRUSTED_CERTIFICATE = new X509Certificate[0];
    public static final TrustManager[] TRUST_ALL_CERTIFICATES = {new X509TrustManager() { // from class: org.summerboot.jexpress.security.SSLUtil.1
        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return SSLUtil.TRUSTED_CERTIFICATE;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }
    }};

    /* loaded from: input_file:org/summerboot/jexpress/security/SSLUtil$Caller.class */
    enum Caller {
        client,
        server
    }

    public static KeyManagerFactory buildKeyManagerFactory(String str, char[] cArr, String str2, char[] cArr2) throws GeneralSecurityException, IOException {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(str.trim());
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(fileInputStream, cArr);
                if (StringUtils.isNotBlank(str2)) {
                    Certificate certificate = keyStore.getCertificate(str2.trim());
                    Key key = keyStore.getKey(str2, cArr2);
                    if (certificate == null || key == null) {
                        throw new GeneralSecurityException("Alias (" + str2 + ") not found in " + str);
                    }
                    keyStore.load(null);
                    keyStore.setCertificateEntry(str2, certificate);
                    keyStore.setKeyEntry(str2, key, cArr, new Certificate[]{certificate});
                }
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, cArr);
                fileInputStream.close();
                return keyManagerFactory;
            } finally {
            }
        } finally {
            if (cArr != null) {
                for (int i = 0; i < cArr.length; i++) {
                    cArr[i] = 0;
                }
            }
            if (cArr2 != null) {
                for (int i2 = 0; i2 < cArr2.length; i2++) {
                    cArr2[i2] = 0;
                }
            }
        }
    }

    public static KeyManager[] buildKeyManagers(String str, char[] cArr, String str2, char[] cArr2) throws GeneralSecurityException, IOException {
        KeyManagerFactory buildKeyManagerFactory;
        if (StringUtils.isBlank(str) || (buildKeyManagerFactory = buildKeyManagerFactory(str, cArr, str2, cArr2)) == null) {
            return null;
        }
        return buildKeyManagerFactory.getKeyManagers();
    }

    public static TrustManagerFactory buildTrustManagerFactory(String str, char[] cArr) throws GeneralSecurityException, IOException {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(fileInputStream, cArr);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore);
                fileInputStream.close();
                return trustManagerFactory;
            } finally {
            }
        } finally {
            if (cArr != null) {
                for (int i = 0; i < cArr.length; i++) {
                    cArr[i] = 0;
                }
            }
        }
    }

    public static TrustManager[] buildTrustManagers(String str, char[] cArr) throws GeneralSecurityException, IOException {
        TrustManagerFactory buildTrustManagerFactory = buildTrustManagerFactory(str, cArr);
        if (buildTrustManagerFactory == null) {
            return null;
        }
        return buildTrustManagerFactory.getTrustManagers();
    }

    public static SSLContext buildSSLContext(String str, char[] cArr, String str2, char[] cArr2, String str3, String str4, char[] cArr3) throws GeneralSecurityException, IOException {
        return buildSSLContext(buildKeyManagers(str, cArr, str2, cArr2), buildTrustManagers(str4, cArr3), str3);
    }

    public static SSLContext buildSSLContext(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, String str) throws GeneralSecurityException, IOException {
        if (keyManagerArr == null) {
            return null;
        }
        SSLContext sSLContext = SSLContext.getInstance(str);
        sSLContext.init(keyManagerArr, trustManagerArr, SecureRandom.getInstanceStrong());
        return sSLContext;
    }
}
