package com.googlecode.protobuf.pro.duplex;

import com.googlecode.protobuf.pro.duplex.util.ResourceUtils;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/googlecode/protobuf/pro/duplex/RpcSSLContext.class */
public class RpcSSLContext {
    private static Logger log;
    private String keystorePath;
    private String keystorePassword;
    private String truststorePath;
    private String truststorePassword;
    private SSLContext sslContext;
    static final /* synthetic */ boolean $assertionsDisabled;
    private String keystoreType = "JKS";
    private String truststoreType = "JKS";

    public void init() throws Exception {
        this.sslContext = createSSLContext(getKeystoreType(), getKeystorePath(), getKeystorePassword(), getTruststoreType(), getTruststorePath(), getTruststorePassword());
    }

    public static SSLContext createSSLContext(String str, String str2, String str3, String str4, String str5, String str6) throws Exception {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        KeyManager[] loadKeyManagers = loadKeyManagers(str, str2, str3);
        TrustManager[] loadTrustManager = loadTrustManager(str4, str5, str6);
        for (TrustManager trustManager : loadTrustManager) {
            if (trustManager instanceof X509TrustManager) {
                for (X509Certificate x509Certificate : ((X509TrustManager) trustManager).getAcceptedIssuers()) {
                    log.info("AcceptedIssuer: " + x509Certificate.getSubjectX500Principal() + ". Valid until " + x509Certificate.getNotAfter());
                }
            }
        }
        sSLContext.init(loadKeyManagers, loadTrustManager, new SecureRandom());
        return sSLContext;
    }

    private static TrustManager[] loadTrustManager(String str, String str2, String str3) throws Exception {
        KeyStore loadKeystore = loadKeystore(str, str2, str3);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(loadKeystore);
        return trustManagerFactory.getTrustManagers();
    }

    private static KeyManager[] loadKeyManagers(String str, String str2, String str3) throws Exception {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(loadKeystore(str, str2, str3), str3.toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    private static KeyStore loadKeystore(String str, String str2, String str3) throws Exception {
        if (!$assertionsDisabled && str2 == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && str3 == null) {
            throw new AssertionError();
        }
        KeyStore keyStore = KeyStore.getInstance(str);
        InputStream inputStream = null;
        try {
            inputStream = ResourceUtils.validateResourceURL(str2).openStream();
            keyStore.load(inputStream, str3.toCharArray());
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e) {
                }
            }
            return keyStore;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }

    public String getKeystoreType() {
        return this.keystoreType;
    }

    public void setKeystoreType(String str) {
        this.keystoreType = str;
    }

    public String getKeystorePath() {
        return this.keystorePath;
    }

    public void setKeystorePath(String str) {
        this.keystorePath = str;
    }

    public String getKeystorePassword() {
        return this.keystorePassword;
    }

    public void setKeystorePassword(String str) {
        this.keystorePassword = str;
    }

    public String getTruststoreType() {
        return this.truststoreType;
    }

    public void setTruststoreType(String str) {
        this.truststoreType = str;
    }

    public String getTruststorePath() {
        return this.truststorePath;
    }

    public void setTruststorePath(String str) {
        this.truststorePath = str;
    }

    public String getTruststorePassword() {
        return this.truststorePassword;
    }

    public void setTruststorePassword(String str) {
        this.truststorePassword = str;
    }

    public SSLEngine createClientEngine() {
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine();
        createSSLEngine.setUseClientMode(true);
        createSSLEngine.setWantClientAuth(true);
        return createSSLEngine;
    }

    public SSLEngine createServerEngine() {
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine();
        createSSLEngine.setUseClientMode(false);
        createSSLEngine.setNeedClientAuth(true);
        return createSSLEngine;
    }

    static {
        $assertionsDisabled = !RpcSSLContext.class.desiredAssertionStatus();
        log = LoggerFactory.getLogger(RpcSSLContext.class);
    }
}
