package com.redhat.rcm.version.util.http;

import com.redhat.rcm.version.VManException;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.net.URL;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.maven.repository.MavenArtifactMetadata;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/redhat/rcm/version/util/http/SSLUtils.class */
public final class SSLUtils {
    private static final Logger LOGGER = LoggerFactory.getLogger(SSLUtils.class);
    private static final String CLASSPATH_PREFIX = "classpath:";

    private SSLUtils() {
    }

    public static void initSSLContext(String str) throws VManException {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(null, null);
            KeyManager keyManager = null;
            for (KeyManager keyManager2 : keyManagerFactory.getKeyManagers()) {
                if (keyManager2 instanceof X509KeyManager) {
                    keyManager = keyManager2;
                }
            }
            TrustManager loadTrustManager = loadTrustManager(str);
            try {
                SSLContext sSLContext = SSLContext.getInstance(SSLSocketFactory.SSL);
                try {
                    sSLContext.init(new KeyManager[]{keyManager}, new TrustManager[]{loadTrustManager}, null);
                    SSLContext.setDefault(sSLContext);
                } catch (KeyManagementException e) {
                    throw new VManException("Failed to initialize SSLContext with new PEM-based TrustStore: %s", e, e.getMessage());
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new VManException("Failed to retrieve SSLContext: %s", e2, e2.getMessage());
            }
        } catch (KeyStoreException e3) {
            throw new VManException("Cannot initialize KeyManagerFactory: %s", e3, e3.getMessage());
        } catch (NoSuchAlgorithmException e4) {
            throw new VManException("Cannot initialize KeyManagerFactory: %s", e4, e4.getMessage());
        } catch (UnrecoverableKeyException e5) {
            throw new VManException("Cannot initialize KeyManagerFactory: %s", e5, e5.getMessage());
        }
    }

    private static TrustManager loadTrustManager(String str) throws VManException {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            X509TrustManager x509TrustManager = null;
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    x509TrustManager = (X509TrustManager) trustManager;
                    break;
                }
                i++;
            }
            return x509TrustManager;
        } catch (KeyStoreException e) {
            throw new VManException("Failed to initialize default trust-store: %s", e, e.getMessage());
        } catch (NoSuchAlgorithmException e2) {
            throw new VManException("Failed to initialize default trust-store: %s", e2, e2.getMessage());
        }
    }

    private static void loadFromClasspath(String str, KeyStore keyStore) throws VManException {
        try {
            for (URL url : Collections.list(Thread.currentThread().getContextClassLoader().getResources(str))) {
                if (MavenArtifactMetadata.DEFAULT_TYPE.equals(url.getProtocol())) {
                    loadFromJar(url, str, keyStore);
                } else {
                    loadFromFile(url.getPath(), keyStore);
                }
            }
        } catch (IOException e) {
            throw new VManException("Failed to scan classpath for certificate base path: %s. Reason: %s", e, str, e.getMessage());
        }
    }

    private static void loadFromFile(String str, KeyStore keyStore) throws VManException {
        File file = new File(str);
        if (file.exists() && file.isFile()) {
            LOGGER.info("Loading SSL server PEM from file: " + file);
            FileInputStream fileInputStream = null;
            try {
                try {
                    try {
                        fileInputStream = new FileInputStream(file);
                        readCerts(fileInputStream, file.getName(), keyStore);
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e) {
                            }
                        }
                    } catch (KeyStoreException e2) {
                        throw new VManException("Failed to add certificate from classpath file: %s. Reason: %s", e2, file, e2.getMessage());
                    } catch (CertificateException e3) {
                        throw new VManException("Failed to read classpath certificate file: %s. Reason: %s", e3, file, e3.getMessage());
                    }
                } catch (IOException e4) {
                    throw new VManException("Failed to read classpath certificate file: %s. Reason: %s", e4, file, e4.getMessage());
                } catch (NoSuchAlgorithmException e5) {
                    throw new VManException("Failed to read classpath certificate file: %s. Reason: %s", e5, file, e5.getMessage());
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e6) {
                    }
                }
                throw th;
            }
        }
    }

    private static void loadFromJar(URL url, String str, KeyStore keyStore) throws VManException {
        String path = url.getPath();
        int indexOf = path.indexOf("!");
        if (indexOf > -1) {
            path = path.substring(0, indexOf);
        }
        if (path.startsWith("file:")) {
            path = path.substring(5);
        }
        try {
            JarFile jarFile = new JarFile(path);
            for (JarEntry jarEntry : Collections.list(jarFile.entries())) {
                String name = jarEntry.getName();
                if (name.startsWith(str)) {
                    LOGGER.info("Loading SSL server PEM from: " + name + " in jar: " + path);
                    InputStream inputStream = jarFile.getInputStream(jarEntry);
                    try {
                        try {
                            readCerts(inputStream, new File(name).getName(), keyStore);
                            if (inputStream != null) {
                                try {
                                    inputStream.close();
                                } catch (IOException e) {
                                }
                            }
                        } catch (Throwable th) {
                            if (inputStream != null) {
                                try {
                                    inputStream.close();
                                } catch (IOException e2) {
                                }
                            }
                            throw th;
                        }
                    } catch (KeyStoreException e3) {
                        throw new VManException("Failed to read certificates from classpath jar entry: %s!%s. Reason: %s", e3, path, name, e3.getMessage());
                    } catch (NoSuchAlgorithmException e4) {
                        throw new VManException("Failed to read certificates from classpath jar entry: %s!%s. Reason: %s", e4, path, name, e4.getMessage());
                    } catch (CertificateException e5) {
                        throw new VManException("Failed to read certificates from classpath jar entry: %s!%s. Reason: %s", e5, path, name, e5.getMessage());
                    }
                }
            }
        } catch (IOException e6) {
            throw new VManException("Failed to open classpath jar: %s. Reason: %s", e6, path, e6.getMessage());
        }
    }

    public static void readKeyAndCert(InputStream inputStream, String str, KeyStore keyStore) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, InvalidKeySpecException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        List<String> readLines = readLines(inputStream);
        String str2 = null;
        StringBuilder sb = new StringBuilder();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (String str3 : readLines) {
            if (str3 != null) {
                if (str3.startsWith("-----BEGIN")) {
                    str2 = str3.trim();
                    sb.setLength(0);
                } else if (str3.startsWith("-----END")) {
                    linkedHashMap.put(str2, sb.toString());
                } else {
                    sb.append(str3.trim());
                }
            }
        }
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < 2; i++) {
            for (Map.Entry entry : linkedHashMap.entrySet()) {
                String str4 = (String) entry.getKey();
                byte[] decodeBase64 = Base64.decodeBase64((String) entry.getValue());
                if (i > 0 && str4.contains("BEGIN PRIVATE KEY")) {
                    keyStore.setKeyEntry("key", keyFactory.generatePrivate(new PKCS8EncodedKeySpec(decodeBase64)), str.toCharArray(), (Certificate[]) arrayList.toArray(new Certificate[0]));
                } else if (i < 1 && str4.contains("BEGIN CERTIFICATE")) {
                    Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(decodeBase64));
                    keyStore.setCertificateEntry("certificate", generateCertificate);
                    arrayList.add(generateCertificate);
                }
            }
        }
    }

    public static void readCerts(InputStream inputStream, String str, KeyStore keyStore) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        List<String> readLines = readLines(inputStream);
        StringBuilder sb = new StringBuilder();
        ArrayList arrayList = new ArrayList();
        for (String str2 : readLines) {
            if (str2 != null) {
                if (str2.startsWith("-----BEGIN")) {
                    sb.setLength(0);
                } else if (str2.startsWith("-----END")) {
                    arrayList.add(sb.toString());
                } else {
                    sb.append(str2.trim());
                }
            }
        }
        int i = 0;
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            keyStore.setCertificateEntry(str + i, certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decodeBase64((String) it.next()))));
            i++;
        }
    }

    private static List<String> readLines(InputStream inputStream) throws IOException {
        ArrayList arrayList = new ArrayList();
        BufferedReader bufferedReader = null;
        try {
            bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    IOUtils.closeQuietly((Reader) bufferedReader);
                    return arrayList;
                }
                arrayList.add(readLine.trim());
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly((Reader) bufferedReader);
            throw th;
        }
    }
}
