package com.fundi.cex.common.ssl;

import com.google.common.base.Strings;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Optional;
import java.util.stream.Stream;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.KeyManagerFactorySpi;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:com/fundi/cex/common/ssl/SSLContextBuilder.class
 */
/* loaded from: input_file:bin/com/fundi/cex/common/ssl/SSLContextBuilder.class */
public class SSLContextBuilder {
    private static Logger log = LoggerFactory.getLogger((Class<?>) SSLContextBuilder.class);
    private String protocol;
    private SecureRandom secureRandom;
    private KeyStore keyStore;
    private char[] keyStorePassword;
    private String keyManagerAlgorithm;
    private String keyAlias;
    private KeyStore trustStore;
    private String trustManagerAlgorithm;

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:com/fundi/cex/common/ssl/SSLContextBuilder$ConfigurableKeyManagerFactory.class
     */
    /* loaded from: input_file:bin/com/fundi/cex/common/ssl/SSLContextBuilder$ConfigurableKeyManagerFactory.class */
    public static final class ConfigurableKeyManagerFactory extends KeyManagerFactory {
        public static KeyManagerFactory newInstance(String str, String str2) throws NoSuchAlgorithmException {
            return new ConfigurableKeyManagerFactory(str, str2);
        }

        private ConfigurableKeyManagerFactory(String str, String str2) throws NoSuchAlgorithmException {
            this(KeyManagerFactory.getInstance(str2), str, str2);
        }

        private ConfigurableKeyManagerFactory(KeyManagerFactory keyManagerFactory, String str, String str2) {
            super(new ConfigurableKeyManagerFactorySpi(keyManagerFactory, str), keyManagerFactory.getProvider(), str2);
        }
    }

    /* JADX WARN: Classes with same name are omitted:
      input_file:com/fundi/cex/common/ssl/SSLContextBuilder$ConfigurableKeyManagerFactorySpi.class
     */
    /* loaded from: input_file:bin/com/fundi/cex/common/ssl/SSLContextBuilder$ConfigurableKeyManagerFactorySpi.class */
    private static final class ConfigurableKeyManagerFactorySpi extends KeyManagerFactorySpi {
        private final KeyManagerFactory keyManagerFactory;
        private final String alias;

        /* JADX WARN: Classes with same name are omitted:
          input_file:com/fundi/cex/common/ssl/SSLContextBuilder$ConfigurableKeyManagerFactorySpi$ConfigurableAliasKeyManager.class
         */
        /* loaded from: input_file:bin/com/fundi/cex/common/ssl/SSLContextBuilder$ConfigurableKeyManagerFactorySpi$ConfigurableAliasKeyManager.class */
        private static final class ConfigurableAliasKeyManager extends X509ExtendedKeyManager {
            private final X509ExtendedKeyManager x509ExtendedKeyManager;
            private final String alias;

            private ConfigurableAliasKeyManager(X509ExtendedKeyManager x509ExtendedKeyManager, String str) {
                this.x509ExtendedKeyManager = x509ExtendedKeyManager;
                this.alias = str;
            }

            @Override // javax.net.ssl.X509ExtendedKeyManager
            public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
                return this.x509ExtendedKeyManager.chooseEngineClientAlias(strArr, principalArr, sSLEngine);
            }

            @Override // javax.net.ssl.X509ExtendedKeyManager
            public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
                return (String) Optional.ofNullable(this.alias).orElse(this.x509ExtendedKeyManager.chooseEngineServerAlias(str, principalArr, sSLEngine));
            }

            @Override // javax.net.ssl.X509KeyManager
            public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
                return this.x509ExtendedKeyManager.chooseClientAlias(strArr, principalArr, socket);
            }

            @Override // javax.net.ssl.X509KeyManager
            public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
                return this.x509ExtendedKeyManager.chooseServerAlias(str, principalArr, socket);
            }

            @Override // javax.net.ssl.X509KeyManager
            public X509Certificate[] getCertificateChain(String str) {
                return this.x509ExtendedKeyManager.getCertificateChain(str);
            }

            @Override // javax.net.ssl.X509KeyManager
            public String[] getClientAliases(String str, Principal[] principalArr) {
                return this.x509ExtendedKeyManager.getClientAliases(str, principalArr);
            }

            @Override // javax.net.ssl.X509KeyManager
            public PrivateKey getPrivateKey(String str) {
                return this.x509ExtendedKeyManager.getPrivateKey(str);
            }

            @Override // javax.net.ssl.X509KeyManager
            public String[] getServerAliases(String str, Principal[] principalArr) {
                return this.x509ExtendedKeyManager.getServerAliases(str, principalArr);
            }
        }

        private ConfigurableKeyManagerFactorySpi(KeyManagerFactory keyManagerFactory, String str) {
            this.keyManagerFactory = keyManagerFactory;
            this.alias = str;
        }

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected void engineInit(KeyStore keyStore, char[] cArr) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
            this.keyManagerFactory.init(keyStore, cArr);
        }

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected void engineInit(ManagerFactoryParameters managerFactoryParameters) throws InvalidAlgorithmParameterException {
            throw new InvalidAlgorithmParameterException("Unsupported ManagerFactoryParameters");
        }

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected KeyManager[] engineGetKeyManagers() {
            Stream stream = Arrays.stream(this.keyManagerFactory.getKeyManagers());
            Class<X509ExtendedKeyManager> cls = X509ExtendedKeyManager.class;
            X509ExtendedKeyManager.class.getClass();
            Stream filter = stream.filter((v1) -> {
                return r1.isInstance(v1);
            });
            Class<X509ExtendedKeyManager> cls2 = X509ExtendedKeyManager.class;
            X509ExtendedKeyManager.class.getClass();
            return (KeyManager[]) filter.map((v1) -> {
                return r1.cast(v1);
            }).map(this::wrap).toArray(i -> {
                return new KeyManager[i];
            });
        }

        private ConfigurableAliasKeyManager wrap(X509ExtendedKeyManager x509ExtendedKeyManager) {
            return new ConfigurableAliasKeyManager(x509ExtendedKeyManager, this.alias);
        }
    }

    public SSLContextBuilder keyStorePassword(String str) {
        if (!Strings.isNullOrEmpty(str)) {
            this.keyStorePassword = str.toCharArray();
        }
        return this;
    }

    public SSLContextBuilder protocol(String str) {
        this.protocol = str;
        return this;
    }

    public SSLContextBuilder secureRandom(SecureRandom secureRandom) {
        this.secureRandom = secureRandom;
        return this;
    }

    public SSLContextBuilder trustStore(KeyStore keyStore) {
        this.trustStore = keyStore;
        return this;
    }

    public SSLContextBuilder keyStore(KeyStore keyStore) {
        this.keyStore = keyStore;
        return this;
    }

    public SSLContextBuilder keyAlias(String str) {
        this.keyAlias = str;
        return this;
    }

    public SSLContextBuilder keyStorePassword(char[] cArr) {
        this.keyStorePassword = cArr;
        return this;
    }

    protected KeyManager[] makeKeyManagers() throws GeneralSecurityException {
        if (this.keyStore == null) {
            return null;
        }
        this.keyManagerAlgorithm = (String) Optional.ofNullable(this.keyManagerAlgorithm).orElse(KeyManagerFactory.getDefaultAlgorithm());
        log.debug("Creating KeyManagerFactory. alias: {}, algorithm: {}", this.keyAlias, this.keyManagerAlgorithm);
        KeyManagerFactory newInstance = this.keyAlias != null ? ConfigurableKeyManagerFactory.newInstance(this.keyAlias, this.keyManagerAlgorithm) : KeyManagerFactory.getInstance(this.keyManagerAlgorithm);
        newInstance.init(this.keyStore, this.keyStorePassword);
        return newInstance.getKeyManagers();
    }

    protected TrustManager[] makeTrustManagers() throws NoSuchAlgorithmException, KeyStoreException {
        if (this.trustStore == null) {
            return null;
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance((String) Optional.ofNullable(this.trustManagerAlgorithm).orElse(TrustManagerFactory.getDefaultAlgorithm()));
        trustManagerFactory.init(this.trustStore);
        return trustManagerFactory.getTrustManagers();
    }

    public static SSLContextBuilder builder() {
        return new SSLContextBuilder();
    }

    public SSLContext build() throws GeneralSecurityException {
        SSLContext sSLContext = SSLContext.getInstance((String) Optional.ofNullable(this.protocol).orElse(SSLProtocol.getDefault()));
        sSLContext.init(makeKeyManagers(), makeTrustManagers(), (SecureRandom) Optional.ofNullable(this.secureRandom).orElse(new SecureRandom()));
        return sSLContext;
    }
}
