package org.apache.camel.util.jsse;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.security.Security;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509KeyManager;
import org.apache.camel.util.jsse.BaseSSLContextParameters;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:lib/camel-core-2.17.0.redhat-630373.jar:org/apache/camel/util/jsse/SSLContextParameters.class */
public class SSLContextParameters extends BaseSSLContextParameters {
    protected static final String DEFAULT_SECURE_SOCKET_PROTOCOL = "TLS";
    private static final Logger LOG = LoggerFactory.getLogger(SSLContextParameters.class);
    private KeyManagersParameters keyManagers;
    private TrustManagersParameters trustManagers;
    private SecureRandomParameters secureRandom;
    private SSLContextClientParameters clientParameters;
    private SSLContextServerParameters serverParameters;
    private String provider;
    private String secureSocketProtocol;
    private String certAlias;

    public KeyManagersParameters getKeyManagers() {
        return this.keyManagers;
    }

    public void setKeyManagers(KeyManagersParameters keyManagersParameters) {
        this.keyManagers = keyManagersParameters;
    }

    public TrustManagersParameters getTrustManagers() {
        return this.trustManagers;
    }

    public void setTrustManagers(TrustManagersParameters trustManagersParameters) {
        this.trustManagers = trustManagersParameters;
    }

    public SecureRandomParameters getSecureRandom() {
        return this.secureRandom;
    }

    public void setSecureRandom(SecureRandomParameters secureRandomParameters) {
        this.secureRandom = secureRandomParameters;
    }

    public SSLContextClientParameters getClientParameters() {
        return this.clientParameters;
    }

    public void setClientParameters(SSLContextClientParameters sSLContextClientParameters) {
        this.clientParameters = sSLContextClientParameters;
    }

    public SSLContextServerParameters getServerParameters() {
        return this.serverParameters;
    }

    public void setServerParameters(SSLContextServerParameters sSLContextServerParameters) {
        this.serverParameters = sSLContextServerParameters;
    }

    public String getProvider() {
        return this.provider;
    }

    public void setProvider(String str) {
        this.provider = str;
    }

    public String getSecureSocketProtocol() {
        return this.secureSocketProtocol == null ? "TLS" : this.secureSocketProtocol;
    }

    public void setSecureSocketProtocol(String str) {
        this.secureSocketProtocol = str;
    }

    public String getCertAlias() {
        return this.certAlias;
    }

    public void setCertAlias(String str) {
        this.certAlias = str;
    }

    public SSLContext createSSLContext() throws GeneralSecurityException, IOException {
        LOG.trace("Creating SSLContext from SSLContextParameters [{}].", this);
        LOG.info("Available providers: {}.", (Object[]) Security.getProviders());
        KeyManager[] createKeyManagers = this.keyManagers == null ? null : this.keyManagers.createKeyManagers();
        TrustManager[] createTrustManagers = this.trustManagers == null ? null : this.trustManagers.createTrustManagers();
        SecureRandom createSecureRandom = this.secureRandom == null ? null : this.secureRandom.createSecureRandom();
        SSLContext sSLContext = getProvider() == null ? SSLContext.getInstance(parsePropertyValue(getSecureSocketProtocol())) : SSLContext.getInstance(parsePropertyValue(getSecureSocketProtocol()), parsePropertyValue(getProvider()));
        if (getCertAlias() != null && createKeyManagers != null) {
            for (int i = 0; i < createKeyManagers.length; i++) {
                if (createKeyManagers[i] instanceof X509KeyManager) {
                    try {
                        createKeyManagers[i] = new AliasedX509ExtendedKeyManager(getCertAlias(), (X509KeyManager) createKeyManagers[i]);
                    } catch (Exception e) {
                        throw new GeneralSecurityException(e);
                    }
                }
            }
        }
        LOG.debug("SSLContext [{}], initialized from [{}], is using provider [{}], protocol [{}], key managers {}, trust managers {}, and secure random [{}].", sSLContext, this, sSLContext.getProvider(), sSLContext.getProtocol(), createKeyManagers, createTrustManagers, createSecureRandom);
        sSLContext.init(createKeyManagers, createTrustManagers, createSecureRandom);
        configureSSLContext(sSLContext);
        return new BaseSSLContextParameters.SSLContextDecorator(new BaseSSLContextParameters.SSLContextSpiDecorator(sSLContext, getSSLEngineConfigurers(sSLContext), getSSLSocketFactoryConfigurers(sSLContext), getSSLServerSocketFactoryConfigurers(sSLContext)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.camel.util.jsse.BaseSSLContextParameters
    public void configureSSLContext(SSLContext sSLContext) throws GeneralSecurityException {
        LOG.trace("Configuring client and server side SSLContext parameters on SSLContext [{}]...", sSLContext);
        super.configureSSLContext(sSLContext);
        if (getClientParameters() != null) {
            LOG.trace("Overriding client-side SSLContext parameters on SSLContext [{}] with configured client parameters.", sSLContext);
            getClientParameters().configureSSLContext(sSLContext);
        }
        if (getServerParameters() != null) {
            LOG.trace("Overriding server-side SSLContext parameters on SSLContext [{}] with configured server parameters.", sSLContext);
            getServerParameters().configureSSLContext(sSLContext);
        }
        LOG.trace("Configured client and server side SSLContext parameters on SSLContext [{}].", sSLContext);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.camel.util.jsse.BaseSSLContextParameters
    public List<BaseSSLContextParameters.Configurer<SSLEngine>> getSSLEngineConfigurers(SSLContext sSLContext) {
        LOG.trace("Collecting client and server side SSLEngine configurers on SSLContext [{}]...", sSLContext);
        List<BaseSSLContextParameters.Configurer<SSLEngine>> sSLEngineConfigurers = super.getSSLEngineConfigurers(sSLContext);
        if (getClientParameters() != null) {
            LOG.trace("Augmenting SSLEngine configurers with configurers from client parameters on SSLContext [{}].", sSLContext);
            sSLEngineConfigurers.addAll(getClientParameters().getSSLEngineConfigurers(sSLContext));
        }
        if (getServerParameters() != null) {
            LOG.trace("Augmenting SSLEngine configurers with configurers from server parameters on SSLContext [{}].", sSLContext);
            sSLEngineConfigurers.addAll(getServerParameters().getSSLEngineConfigurers(sSLContext));
        }
        LOG.trace("Collected client and server side SSLEngine configurers on SSLContext [{}].", sSLContext);
        return sSLEngineConfigurers;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.camel.util.jsse.BaseSSLContextParameters
    public List<BaseSSLContextParameters.Configurer<SSLSocketFactory>> getSSLSocketFactoryConfigurers(SSLContext sSLContext) {
        LOG.trace("Collecting SSLSocketFactory configurers on SSLContext [{}]...", sSLContext);
        List<BaseSSLContextParameters.Configurer<SSLSocketFactory>> sSLSocketFactoryConfigurers = super.getSSLSocketFactoryConfigurers(sSLContext);
        if (getClientParameters() != null) {
            LOG.trace("Augmenting SSLSocketFactory configurers with configurers from client parameters on SSLContext [{}].", sSLContext);
            sSLSocketFactoryConfigurers.addAll(getClientParameters().getSSLSocketFactoryConfigurers(sSLContext));
        }
        LOG.trace("Collected SSLSocketFactory configurers on SSLContext [{}].", sSLContext);
        return sSLSocketFactoryConfigurers;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.camel.util.jsse.BaseSSLContextParameters
    public List<BaseSSLContextParameters.Configurer<SSLServerSocketFactory>> getSSLServerSocketFactoryConfigurers(SSLContext sSLContext) {
        LOG.trace("Collecting SSLServerSocketFactory configurers for SSLContext [{}]...", sSLContext);
        List<BaseSSLContextParameters.Configurer<SSLServerSocketFactory>> sSLServerSocketFactoryConfigurers = super.getSSLServerSocketFactoryConfigurers(sSLContext);
        if (getServerParameters() != null) {
            LOG.trace("Augmenting SSLServerSocketFactory configurers with configurers from server parameters for SSLContext [{}].", sSLContext);
            sSLServerSocketFactoryConfigurers.addAll(getServerParameters().getSSLServerSocketFactoryConfigurers(sSLContext));
        }
        LOG.trace("Collected client and server side SSLServerSocketFactory configurers for SSLContext [{}].", sSLContext);
        return sSLServerSocketFactoryConfigurers;
    }

    public String toString() {
        return "SSLContextParameters[keyManagers=" + this.keyManagers + ", trustManagers=" + this.trustManagers + ", secureRandom=" + this.secureRandom + ", clientParameters=" + this.clientParameters + ", serverParameters=" + this.serverParameters + ", provider=" + this.provider + ", secureSocketProtocol=" + this.secureSocketProtocol + ", certAlias=" + this.certAlias + ", getCipherSuites()=" + getCipherSuites() + ", getCipherSuitesFilter()=" + getCipherSuitesFilter() + ", getSecureSocketProtocols()=" + getSecureSocketProtocols() + ", getSecureSocketProtocolsFilter()=" + getSecureSocketProtocolsFilter() + ", getSessionTimeout()=" + getSessionTimeout() + "]";
    }
}
