package dev.getelements.elements.dao.mongo.provider;

import com.mongodb.ConnectionString;
import com.mongodb.connection.SslSettings;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.inject.Provider;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:dev/getelements/elements/dao/mongo/provider/MongoSslSettingsProvider.class */
public class MongoSslSettingsProvider implements Provider<SslSettings> {
    public static final String FORMAT = "dev.getelements.elements.mongo.tls.format";
    public static final String TRUST_ALGORITHM = "dev.getelements.elements.mongo.tls.trust.algorithm";
    public static final String KEY_ALGORITHM = "dev.getelements.elements.mongo.tls.key.algorithm";
    public static final String CA = "dev.getelements.elements.mongo.tls.ca";
    public static final String CA_PASSPHRASE = "dev.getelements.elements.mongo.tls.ca.passphrase";
    public static final String CLIENT_CERTIFICATE = "dev.getelements.elements.mongo.tls.client.certificate";
    public static final String CLIENT_CERTIFICATE_PASSPHRASE = "dev.getelements.elements.mongo.tls.client.certificate.passphrase";
    public static final String SSL_PROTOCOL = "dev.getelements.elements.mongo.tls.protocol";
    private static final Logger logger = LoggerFactory.getLogger(MongoSslSettingsProvider.class);
    private String sslProtocol;
    private String keyAlgorithm;
    private String trustAlgorithm;
    private String keyFormat;
    private String caPath;
    private String caPassphrase;
    private String clientCertificatePath;
    private String clientCertificatePassphrase;
    private String clientUri;

    /* renamed from: get, reason: merged with bridge method [inline-methods] */
    public SslSettings m33get() {
        ConnectionString connectionString = new ConnectionString(getClientUri());
        Boolean sslEnabled = connectionString.getSslEnabled();
        if (sslEnabled == null || !sslEnabled.booleanValue()) {
            logger.info("TLS/SSL Is not Enabled. Please explicitly enable it in the connect string.");
            return SslSettings.builder().enabled(false).build();
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(getKeyFormat());
            KeyStore keyStore2 = KeyStore.getInstance(getKeyFormat());
            FileInputStream fileInputStream = new FileInputStream(getCaPath());
            try {
                String caPassphrase = getCaPassphrase();
                keyStore.load(fileInputStream, caPassphrase.isEmpty() ? null : caPassphrase.toCharArray());
                fileInputStream.close();
                fileInputStream = new FileInputStream(getClientCertificatePath());
                try {
                    String clientCertificatePassphrase = getClientCertificatePassphrase();
                    keyStore2.load(fileInputStream, clientCertificatePassphrase.isEmpty() ? null : clientCertificatePassphrase.toCharArray());
                    fileInputStream.close();
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(getTrustAlgorithm());
                    trustManagerFactory.init(keyStore);
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(getKeyAlgorithm());
                    keyManagerFactory.init(keyStore2, getClientCertificatePassphrase().toCharArray());
                    SSLContext sSLContext = SSLContext.getInstance(getSslProtocol());
                    sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
                    SslSettings.Builder applyConnectionString = SslSettings.builder().enabled(true).context(sSLContext).applyConnectionString(connectionString);
                    logger.info("Enabled TLS/SSL.");
                    return applyConnectionString.build();
                } finally {
                }
            } finally {
            }
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            logger.warn("Caught exception loading TLS/SSL Keys.", e);
            return SslSettings.builder().enabled(false).build();
        }
    }

    public String getSslProtocol() {
        return this.sslProtocol;
    }

    @Inject
    public void setSslProtocol(@Named("dev.getelements.elements.mongo.tls.protocol") String str) {
        this.sslProtocol = str;
    }

    public String getKeyAlgorithm() {
        return this.keyAlgorithm;
    }

    @Inject
    public void setKeyAlgorithm(@Named("dev.getelements.elements.mongo.tls.key.algorithm") String str) {
        this.keyAlgorithm = str;
    }

    public String getKeyFormat() {
        return this.keyFormat;
    }

    @Inject
    public void setKeyFormat(@Named("dev.getelements.elements.mongo.tls.format") String str) {
        this.keyFormat = str;
    }

    public String getCaPath() {
        return this.caPath;
    }

    @Inject
    public void setCaPath(@Named("dev.getelements.elements.mongo.tls.ca") String str) {
        this.caPath = str;
    }

    public String getCaPassphrase() {
        return this.caPassphrase;
    }

    @Inject
    public void setCaPassphrase(@Named("dev.getelements.elements.mongo.tls.ca.passphrase") String str) {
        this.caPassphrase = str;
    }

    public String getClientCertificatePath() {
        return this.clientCertificatePath;
    }

    @Inject
    public void setClientCertificatePath(@Named("dev.getelements.elements.mongo.tls.client.certificate") String str) {
        this.clientCertificatePath = str;
    }

    public String getClientCertificatePassphrase() {
        return this.clientCertificatePassphrase;
    }

    @Inject
    public void setClientCertificatePassphrase(@Named("dev.getelements.elements.mongo.tls.client.certificate.passphrase") String str) {
        this.clientCertificatePassphrase = str;
    }

    public String getTrustAlgorithm() {
        return this.trustAlgorithm;
    }

    @Inject
    public void setTrustAlgorithm(@Named("dev.getelements.elements.mongo.tls.trust.algorithm") String str) {
        this.trustAlgorithm = str;
    }

    public String getClientUri() {
        return this.clientUri;
    }

    @Inject
    public void setClientUri(@Named("dev.getelements.elements.mongo.uri") String str) {
        this.clientUri = str;
    }
}
