package io.nosqlbench.engine.api.util;

import io.netty.handler.ssl.JdkSslContext;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.nosqlbench.engine.api.activityimpl.ActivityDef;
import java.io.File;
import java.security.KeyStore;
import java.util.Optional;
import javax.net.ServerSocketFactory;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/nosqlbench/engine/api/util/SSLKsFactory.class */
public class SSLKsFactory {
    private static final Logger logger = LoggerFactory.getLogger(SSLKsFactory.class);
    private static final SSLKsFactory instance = new SSLKsFactory();

    private SSLKsFactory() {
    }

    public static SSLKsFactory get() {
        return instance;
    }

    public ServerSocketFactory createSSLServerSocketFactory(ActivityDef activityDef) {
        JdkSslContext context = getContext(activityDef);
        if (context == null) {
            throw new IllegalArgumentException("SSL is not enabled.");
        }
        return context.context().getServerSocketFactory();
    }

    public SocketFactory createSocketFactory(ActivityDef activityDef) {
        JdkSslContext context = getContext(activityDef);
        if (context == null) {
            throw new IllegalArgumentException("SSL is not enabled.");
        }
        return context.context().getSocketFactory();
    }

    public SslContext getContext(ActivityDef activityDef) {
        Optional<String> optionalString = activityDef.getParams().getOptionalString("ssl");
        if (!optionalString.isPresent()) {
            return null;
        }
        String orElse = activityDef.getParams().getOptionalString("tlsversion").orElse("TLSv1.2");
        if (!optionalString.get().equals("jdk") && !optionalString.get().equals("true")) {
            if (!optionalString.get().equals("openssl")) {
                throw new RuntimeException("The 'ssl' parameter must have one of jdk, or openssl");
            }
            try {
                return SslContextBuilder.forClient().protocols(new String[]{orElse}).trustManager((File) activityDef.getParams().getOptionalString("caCertFilePath").map(File::new).orElse(null)).keyManager((File) activityDef.getParams().getOptionalString("certFilePath").map(File::new).orElse(null), (File) activityDef.getParams().getOptionalString("keyFilePath").map(File::new).orElse(null)).build();
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        if (optionalString.get().equals("true")) {
            logger.warn("Please update your 'ssl=true' parameter to 'ssl=jdk'");
        }
        Optional<String> optionalString2 = activityDef.getParams().getOptionalString("keystore");
        Optional<String> optionalString3 = activityDef.getParams().getOptionalString("kspass");
        char[] cArr = (char[]) activityDef.getParams().getOptionalString("keyPassword").map((v0) -> {
            return v0.toCharArray();
        }).orElse(null);
        Optional<String> optionalString4 = activityDef.getParams().getOptionalString("truststore");
        Optional<String> optionalString5 = activityDef.getParams().getOptionalString("tspass");
        KeyStore keyStore = (KeyStore) optionalString2.map(str -> {
            try {
                return KeyStore.getInstance(new File(str), (char[]) optionalString3.map((v0) -> {
                    return v0.toCharArray();
                }).orElse(null));
            } catch (Exception e2) {
                throw new RuntimeException("Unable to load the keystore. Please check.", e2);
            }
        }).orElse(null);
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, cArr);
            KeyStore keyStore2 = (KeyStore) optionalString4.map(str2 -> {
                try {
                    return KeyStore.getInstance(new File(str2), (char[]) optionalString5.map((v0) -> {
                        return v0.toCharArray();
                    }).orElse(null));
                } catch (Exception e2) {
                    throw new RuntimeException("Unable to load the truststore. Please check.", e2);
                }
            }).orElse(null);
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore2 != null ? keyStore2 : keyStore);
                try {
                    return SslContextBuilder.forClient().protocols(new String[]{orElse}).trustManager(trustManagerFactory).keyManager(keyManagerFactory).build();
                } catch (Exception e2) {
                    throw new RuntimeException(e2);
                }
            } catch (Exception e3) {
                throw new RuntimeException("Unable to init TrustManagerFactory. Please check.", e3);
            }
        } catch (Exception e4) {
            throw new RuntimeException("Unable to init KeyManagerFactory. Please check.", e4);
        }
    }
}
