package com.dtflys.forest.ssl;

import com.dtflys.forest.exceptions.ForestRuntimeException;
import com.dtflys.forest.http.ForestRequest;
import com.dtflys.forest.utils.StringUtils;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;

/* loaded from: input_file:BOOT-INF/lib/forest-core-1.5.3.jar:com/dtflys/forest/ssl/SSLUtils.class */
public class SSLUtils {
    public static final String SSL_2 = "SSLv2";
    public static final String SSL_3 = "SSLv3";
    public static final String TLS_1_0 = "TLSv1.0";
    public static final String TLS_1_1 = "TLSv1.1";
    public static final String TLS_1_2 = "TLSv1.2";
    public static final String TLS_1_3 = "TLSv1.3";

    public static SSLContext customSSL(ForestRequest forestRequest) {
        SSLContext sSLContext = null;
        SSLKeyStore keyStore = forestRequest.getKeyStore();
        KeyStore trustStore = keyStore.getTrustStore();
        String certPass = keyStore.getCertPass();
        if (trustStore != null) {
            try {
                char[] charArray = certPass.toCharArray();
                KeyManagerFactory.getInstance("sunx509").init(trustStore, charArray);
                TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).init(trustStore);
                SSLContextBuilder custom = SSLContexts.custom();
                String sslProtocol = forestRequest.getSslProtocol();
                if (StringUtils.isNotEmpty(sslProtocol)) {
                    custom.useProtocol(sslProtocol);
                }
                custom.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());
                if (certPass != null) {
                    custom.loadKeyMaterial(trustStore, charArray);
                }
                sSLContext = custom.build();
            } catch (KeyManagementException e) {
                throw new ForestRuntimeException(e);
            } catch (KeyStoreException e2) {
                throw new ForestRuntimeException(e2);
            } catch (NoSuchAlgorithmException e3) {
                throw new ForestRuntimeException(e3);
            } catch (UnrecoverableKeyException e4) {
                throw new ForestRuntimeException(e4);
            }
        }
        return sSLContext;
    }

    public static SSLContext createIgnoreVerifySSL(String str) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext;
        if (StringUtils.isEmpty(str)) {
            sSLContext = SSLContexts.custom().build();
        } else {
            sSLContext = SSLContext.getInstance(str);
            sSLContext.init(null, new TrustManager[]{new TrustAllManager()}, null);
        }
        return sSLContext;
    }

    public static SSLContext getSSLContext(ForestRequest forestRequest, String str) throws KeyManagementException, NoSuchAlgorithmException {
        return forestRequest.getKeyStore() == null ? createIgnoreVerifySSL(str) : customSSL(forestRequest);
    }

    private static SSLSocketFactory getDefaultSSLSocketFactory(ForestRequest forestRequest, String str) {
        if (forestRequest == null) {
            return null;
        }
        try {
            SSLContext sSLContext = getSSLContext(forestRequest, str);
            if (sSLContext == null) {
                throw new ForestRuntimeException("SSL context cannot be initialized.");
            }
            return sSLContext.getSocketFactory();
        } catch (KeyManagementException e) {
            throw new ForestRuntimeException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new ForestRuntimeException(e2);
        }
    }

    public static SSLSocketFactory getSSLSocketFactory(ForestRequest forestRequest, String str) {
        SSLSocketFactoryBuilder sslSocketFactoryBuilder;
        SSLKeyStore keyStore = forestRequest.getKeyStore();
        if (keyStore != null && (sslSocketFactoryBuilder = keyStore.getSslSocketFactoryBuilder()) != null) {
            try {
                SSLSocketFactory sSLSocketFactory = sslSocketFactoryBuilder.getSSLSocketFactory(forestRequest, str);
                return sSLSocketFactory == null ? getDefaultSSLSocketFactory(forestRequest, str) : sSLSocketFactory;
            } catch (Exception e) {
                throw new ForestRuntimeException(e);
            }
        }
        return getDefaultSSLSocketFactory(forestRequest, str);
    }
}
