package com.dtflys.forest.ssl;

import com.dtflys.forest.exceptions.ForestRuntimeException;
import com.dtflys.forest.http.ForestRequest;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;

/* loaded from: input_file:com/dtflys/forest/ssl/SSLUtils.class */
public class SSLUtils {

    /* loaded from: input_file:com/dtflys/forest/ssl/SSLUtils$SavingTrustManager.class */
    private static class SavingTrustManager implements X509TrustManager {
        private final X509TrustManager tm;
        private X509Certificate[] chain;

        SavingTrustManager(X509TrustManager x509TrustManager) {
            this.tm = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.chain = x509CertificateArr;
            this.tm.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public static SSLContext customSSL(ForestRequest forestRequest) {
        SSLContext sSLContext = null;
        SSLKeyStore keyStore = forestRequest.getKeyStore();
        KeyStore trustStore = keyStore.getTrustStore();
        String certPass = keyStore.getCertPass();
        if (trustStore != null) {
            try {
                KeyManagerFactory.getInstance("sunx509").init(trustStore, certPass.toCharArray());
                TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).init(trustStore);
                SSLContextBuilder custom = SSLContexts.custom();
                sSLContext = certPass != null ? custom.loadKeyMaterial(trustStore, certPass.toCharArray()).build() : custom.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()).build();
            } catch (KeyManagementException e) {
                throw new ForestRuntimeException(e);
            } catch (KeyStoreException e2) {
                throw new ForestRuntimeException(e2);
            } catch (NoSuchAlgorithmException e3) {
                throw new ForestRuntimeException(e3);
            } catch (UnrecoverableKeyException e4) {
                throw new ForestRuntimeException(e4);
            }
        }
        return sSLContext;
    }

    public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance("SSLv3");
        sSLContext.init(null, new TrustManager[]{new TrustAllManager()}, null);
        return sSLContext;
    }

    public static SSLContext getSSLContext(ForestRequest forestRequest) throws KeyManagementException, NoSuchAlgorithmException {
        return forestRequest.getKeyStore() == null ? createIgnoreVerifySSL() : customSSL(forestRequest);
    }

    public static SSLSocketFactory getSSLSocketFactory(ForestRequest forestRequest) {
        if (forestRequest == null) {
            return null;
        }
        try {
            SSLContext sSLContext = getSSLContext(forestRequest);
            if (sSLContext == null) {
                throw new ForestRuntimeException("SSL context cannot be initialized.");
            }
            return sSLContext.getSocketFactory();
        } catch (KeyManagementException e) {
            throw new ForestRuntimeException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new ForestRuntimeException(e2);
        }
    }
}
