package io.fabric8.ssl;

import io.fabric8.protocols.ProfileSafeUrlHandler;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.osgi.framework.BundleActivator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.url.URLStreamHandlerService;

/* loaded from: input_file:io/fabric8/ssl/SSLContextBundleActivator.class */
public class SSLContextBundleActivator implements BundleActivator {
    SSLContext original;
    ServiceRegistration<URLStreamHandlerService> safeProfileHandlerRegistration;

    public void start(BundleContext bundleContext) throws Exception {
        String property = System.getProperty("javax.net.ssl.trustStore");
        boolean z = Boolean.getBoolean("javax.net.ssl.trustAll");
        if (property == null && z) {
            this.original = SSLContext.getDefault();
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(createKeyManagers(), trustAllCerts(), new SecureRandom());
            SSLContext.setDefault(sSLContext);
        } else if (property != null && z) {
            System.err.println();
            System.err.println("Invalid system property configuration:  The javax.net.ssl.trustStore and javax.net.ssl.trustAll cannot both be set.  Ignoring the javax.net.ssl.trustAll property");
            System.err.println();
        }
        Hashtable hashtable = new Hashtable();
        hashtable.put("url.handler.protocol", "profile");
        this.safeProfileHandlerRegistration = bundleContext.registerService(URLStreamHandlerService.class, new ProfileSafeUrlHandler(), hashtable);
    }

    public void stop(BundleContext bundleContext) throws Exception {
        if (this.original != null) {
            SSLContext.setDefault(this.original);
            this.original = null;
        }
        if (this.safeProfileHandlerRegistration != null) {
            this.safeProfileHandlerRegistration.unregister();
        }
    }

    private KeyManager[] createKeyManagers() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        String property = System.getProperty("javax.net.ssl.keyStore");
        KeyManager[] keyManagerArr = null;
        if (property != null) {
            char[] charArray = System.getProperty("javax.net.ssl.keyStorePassword", "").toCharArray();
            KeyStore keyStore = KeyStore.getInstance(System.getProperty("javax.net.ssl.keyStoreType", "jks"));
            keyStore.load(new FileInputStream(property), charArray);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, charArray);
            keyManagerArr = keyManagerFactory.getKeyManagers();
        }
        return keyManagerArr;
    }

    private TrustManager[] trustAllCerts() {
        return new TrustManager[]{new X509TrustManager() { // from class: io.fabric8.ssl.SSLContextBundleActivator.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }
        }};
    }
}
