package tigase.io;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:tigase/io/SSLContextContainer.class */
public class SSLContextContainer {
    private static final Logger log = Logger.getLogger("tigase.io.SSLContextContainer");
    private SecureRandom secureRandom;
    private Map<String, SSLContext> sslContexts;
    private Map<String, KeyManagerFactory> kmfs;
    private TrustManagerFactory tmf;
    private String def_cert_alias;

    /* loaded from: input_file:tigase/io/SSLContextContainer$FakeTrustManager.class */
    private static class FakeTrustManager implements X509TrustManager {
        private X509Certificate[] acceptedIssuers;

        public FakeTrustManager(X509Certificate[] x509CertificateArr) {
            this.acceptedIssuers = null;
            this.acceptedIssuers = x509CertificateArr;
        }

        public FakeTrustManager() {
            this.acceptedIssuers = null;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.acceptedIssuers;
        }
    }

    public SSLContextContainer() {
        this.secureRandom = null;
        this.sslContexts = new HashMap();
        this.kmfs = new HashMap();
        this.tmf = null;
        this.def_cert_alias = null;
        log.config("Initializing SSL library (trust all certs mode)...");
        init(null, null, null, null);
    }

    public SSLContextContainer(String str, String str2, String str3) {
        this.secureRandom = null;
        this.sslContexts = new HashMap();
        this.kmfs = new HashMap();
        this.tmf = null;
        this.def_cert_alias = null;
        log.config("Initializing SSL library (trust all certs mode)...");
        this.def_cert_alias = str3;
        init(str, str2, null, null);
    }

    public SSLContextContainer(String str, String str2, String str3, String str4, String str5) {
        this.secureRandom = null;
        this.sslContexts = new HashMap();
        this.kmfs = new HashMap();
        this.tmf = null;
        this.def_cert_alias = null;
        log.config("Initializing SSL library...");
        this.def_cert_alias = str5;
        init(str, str2, str3, str4);
    }

    private void init(String str, String str2, String str3, String str4) {
        if (str != null && str2 != null) {
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                char[] charArray = str2.toCharArray();
                keyStore.load(new FileInputStream(str), charArray);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, charArray);
                this.kmfs.put(null, keyManagerFactory);
                Enumeration<String> aliases = keyStore.aliases();
                ArrayList arrayList = null;
                if (aliases != null) {
                    arrayList = new ArrayList();
                    while (aliases.hasMoreElements()) {
                        String nextElement = aliases.nextElement();
                        if (keyStore.isCertificateEntry(nextElement)) {
                            arrayList.add(nextElement);
                        }
                    }
                }
                Enumeration<String> aliases2 = keyStore.aliases();
                KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(charArray);
                if (aliases2 != null) {
                    while (aliases2.hasMoreElements()) {
                        String nextElement2 = aliases2.nextElement();
                        if (keyStore.isKeyEntry(nextElement2)) {
                            KeyStore.Entry entry = keyStore.getEntry(nextElement2, passwordProtection);
                            KeyStore keyStore2 = KeyStore.getInstance("JKS");
                            keyStore2.load(null, charArray);
                            if (arrayList != null) {
                                Iterator it = arrayList.iterator();
                                while (it.hasNext()) {
                                    String str5 = (String) it.next();
                                    keyStore2.setCertificateEntry(str5, keyStore.getCertificate(str5));
                                }
                            }
                            keyStore2.setEntry(nextElement2, entry, passwordProtection);
                            KeyManagerFactory keyManagerFactory2 = KeyManagerFactory.getInstance("SunX509");
                            keyManagerFactory2.init(keyStore2, charArray);
                            this.kmfs.put(nextElement2, keyManagerFactory2);
                        }
                    }
                }
            } catch (Exception e) {
                System.out.println("Can not initialize SSL library: " + e);
                log.log(Level.SEVERE, "Can not initialize SSL library", (Throwable) e);
                System.exit(1);
                return;
            }
        }
        if (str3 != null && str4 != null) {
            KeyStore keyStore3 = KeyStore.getInstance("JKS");
            keyStore3.load(new FileInputStream(str3), str4.toCharArray());
            this.tmf = TrustManagerFactory.getInstance("SunX509");
            this.tmf.init(keyStore3);
        }
        this.secureRandom = new SecureRandom();
        this.secureRandom.nextInt();
    }

    public SSLContext getSSLContext(String str, String str2) {
        if (str2 == null) {
            str2 = this.def_cert_alias;
        }
        String str3 = str2 + str;
        SSLContext sSLContext = this.sslContexts.get(str3);
        if (sSLContext == null) {
            try {
                sSLContext = SSLContext.getInstance(str);
                KeyManagerFactory keyManagerFactory = this.kmfs.get(str2);
                if (keyManagerFactory == null) {
                    keyManagerFactory = this.kmfs.get(this.def_cert_alias);
                }
                if (keyManagerFactory == null || this.tmf == null) {
                    if (keyManagerFactory == null) {
                        log.warning("No certificate found for host: " + str2);
                    }
                    sSLContext.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, new X509TrustManager[]{new FakeTrustManager()}, this.secureRandom);
                } else {
                    sSLContext.init(keyManagerFactory.getKeyManagers(), this.tmf.getTrustManagers(), this.secureRandom);
                }
                this.sslContexts.put(str3, sSLContext);
                log.config("Created SSL context for: " + sSLContext.getProtocol());
            } catch (Exception e) {
                log.log(Level.SEVERE, "Can not initialize SSLContext", (Throwable) e);
                sSLContext = null;
            }
        }
        return sSLContext;
    }
}
