package io.fabric8.gateway.handlers.detecting.protocol.ssl;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.Socket;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;

/* loaded from: input_file:io/fabric8/gateway/handlers/detecting/protocol/ssl/SslConfig.class */
public class SslConfig {
    private URL keyStoreURL;
    private String keyStorePassword;
    private KeyStore keyStore;
    private URL trustStoreURL;
    private String trustStorePassword;
    private KeyStore trustStore;
    private String keyAlias;
    private String keyPassword;
    String storeType;
    String algorithm;
    TrustManager[] trustManagers;
    KeyManager[] keyManagers;
    private String protocol;
    String disabledCypherSuites;
    String enabledCipherSuites;

    /* loaded from: input_file:io/fabric8/gateway/handlers/detecting/protocol/ssl/SslConfig$AliasFilteringKeyManager.class */
    static class AliasFilteringKeyManager extends X509ExtendedKeyManager {
        private final String alias;
        private final X509ExtendedKeyManager next;

        AliasFilteringKeyManager(String str, X509ExtendedKeyManager x509ExtendedKeyManager) {
            this.alias = str;
            this.next = x509ExtendedKeyManager;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.alias;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return this.alias;
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
            return this.alias;
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
            return this.alias;
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.next.getCertificateChain(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.next.getClientAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.next.getPrivateKey(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.next.getServerAliases(str, principalArr);
        }
    }

    public SslConfig() {
        this.protocol = "TLS";
    }

    public SslConfig(File file, String str) {
        this(url(file), str);
    }

    public SslConfig(File file, String str, File file2, String str2) {
        this(url(file), str, url(file2), str2);
    }

    private static URL url(File file) {
        if (file == null) {
            return null;
        }
        try {
            return file.toURI().toURL();
        } catch (MalformedURLException e) {
            throw new RuntimeException(e);
        }
    }

    public SslConfig(URL url, String str) {
        this(url, str, (URL) null, (String) null);
    }

    public SslConfig(URL url, String str, URL url2, String str2) {
        this.protocol = "TLS";
        this.keyStoreURL = url;
        this.keyStorePassword = str;
        this.trustStoreURL = url2;
        this.trustStorePassword = str2;
    }

    public KeyStore getKeyStore() throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        if (this.keyStore == null) {
            if (this.storeType == null) {
                this.storeType = "JKS";
            }
            if (this.keyStorePassword == null) {
                this.keyStorePassword = "";
            }
            KeyStore keyStore = KeyStore.getInstance(this.storeType);
            InputStream openStream = this.keyStoreURL.openStream();
            try {
                keyStore.load(openStream, this.keyStorePassword.toCharArray());
                openStream.close();
                this.keyStore = keyStore;
            } catch (Throwable th) {
                openStream.close();
                throw th;
            }
        }
        return this.keyStore;
    }

    public KeyStore getTrustStore() throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        if (this.trustStoreURL == null) {
            return getKeyStore();
        }
        if (this.trustStore == null) {
            if (this.storeType == null) {
                this.storeType = "JKS";
            }
            if (this.trustStorePassword == null) {
                this.trustStorePassword = "";
            }
            KeyStore keyStore = KeyStore.getInstance(this.storeType);
            InputStream openStream = this.trustStoreURL.openStream();
            try {
                keyStore.load(openStream, this.trustStorePassword.toCharArray());
                openStream.close();
                this.trustStore = keyStore;
            } catch (Throwable th) {
                openStream.close();
                throw th;
            }
        }
        return this.trustStore;
    }

    public TrustManager[] getTrustManagers() throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
        if (this.trustManagers == null) {
            if (this.algorithm == null) {
                this.algorithm = "SunX509";
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.algorithm);
            trustManagerFactory.init(getTrustStore());
            this.trustManagers = trustManagerFactory.getTrustManagers();
        }
        return this.trustManagers;
    }

    public KeyManager[] getKeyManagers() throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException, UnrecoverableKeyException {
        if (this.keyManagers == null) {
            if (this.algorithm == null) {
                this.algorithm = "SunX509";
            }
            if (this.keyPassword == null) {
                this.keyPassword = "";
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.algorithm);
            keyManagerFactory.init(getKeyStore(), this.keyPassword.toCharArray());
            this.keyManagers = keyManagerFactory.getKeyManagers();
            if (this.keyAlias != null) {
                for (int i = 0; i < this.keyManagers.length; i++) {
                    KeyManager keyManager = this.keyManagers[i];
                    if (keyManager instanceof X509ExtendedKeyManager) {
                        this.keyManagers[i] = new AliasFilteringKeyManager(this.keyAlias, (X509ExtendedKeyManager) keyManager);
                    }
                }
            }
        }
        return this.keyManagers;
    }

    public String getProtocol() {
        return this.protocol;
    }

    public void setProtocol(String str) {
        this.protocol = str;
    }

    public String getKeyAlias() {
        return this.keyAlias;
    }

    public void setKeyAlias(String str) {
        this.keyAlias = str;
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String str) {
        this.algorithm = str;
    }

    public String getStoreType() {
        return this.storeType;
    }

    public void setStoreType(String str) {
        this.storeType = str;
    }

    public String getKeyPassword() {
        return this.keyPassword;
    }

    public void setKeyPassword(String str) {
        this.keyPassword = str;
    }

    public URL getKeyStoreURL() {
        return this.keyStoreURL;
    }

    public void setKeyStoreURL(URL url) {
        this.keyStoreURL = url;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    public URL getTrustStoreURL() {
        return this.trustStoreURL;
    }

    public void setTrustStoreURL(URL url) {
        this.trustStoreURL = url;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    public String getDisabledCypherSuites() {
        return this.disabledCypherSuites;
    }

    public void setDisabledCypherSuites(String str) {
        this.disabledCypherSuites = str;
    }

    public String getEnabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    public void setEnabledCipherSuites(String str) {
        this.enabledCipherSuites = str;
    }
}
