package de.iip_ecosphere.platform.support.net;

import de.iip_ecosphere.platform.support.resources.ResourceLoader;
import de.iip_ecosphere.platform.support.resources.ResourceResolver;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/support.aas-0.7.1-SNAPSHOT.jar:de/iip_ecosphere/platform/support/net/SslUtils.class */
public class SslUtils {
    public static final String KEYSTORE_JKS = "JKS";
    public static final String KEYSTORE_PCKS12 = "PKCS12";
    public static final String TRUST_MANAGER_SUN_X509 = "SunX509";
    public static final String CONTEXT_ALG_TLS12 = "TLSv1.2";
    public static final String CONTEXT_ALG_TLS = "TLS";
    public static final String DEFAULT_CONTEXT_ALG = "TLS";

    public static final String getKeystoreType(File file) {
        return getKeystoreType(file.getName());
    }

    public static final String getKeystoreType(String str) {
        return str.endsWith(".p12") ? KEYSTORE_PCKS12 : "JKS";
    }

    public static KeyStore openKeyStore(File file, String str) throws IOException {
        KeyStore keyStore = null;
        if (null != file) {
            try {
                keyStore = KeyStore.getInstance(getKeystoreType(file));
                InputStream resourceAsStream = ResourceLoader.getResourceAsStream(file.toString(), new ResourceResolver[0]);
                if (null == resourceAsStream) {
                    resourceAsStream = new FileInputStream(file);
                }
                keyStore.load(resourceAsStream, null == str ? null : str.toCharArray());
                resourceAsStream.close();
            } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new IOException(e);
            }
        }
        return keyStore;
    }

    public static TrustManagerFactory createTrustManagerFactory(File file, String str) throws IOException {
        TrustManagerFactory trustManagerFactory = null;
        if (null != file) {
            trustManagerFactory = createTrustManagerFactory(openKeyStore(file, str));
        }
        return trustManagerFactory;
    }

    public static TrustManagerFactory createTrustManagerFactory(KeyStore keyStore) throws IOException {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_SUN_X509);
            trustManagerFactory.init(keyStore);
            return trustManagerFactory;
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new IOException(e);
        }
    }

    public static SSLContext createTlsContext(File file, String str) throws IOException {
        return createTlsContext(file, str, null);
    }

    public static SSLContext createTlsContext(File file, String str, String str2) throws IOException {
        return createTlsContext(file, str, str2, "TLS");
    }

    public static SSLContext createTlsContext(File file, String str, String str2, String str3) throws IOException {
        SSLContext sSLContext = null;
        KeyStore openKeyStore = openKeyStore(file, str);
        if (null != openKeyStore) {
            try {
                TrustManagerFactory createTrustManagerFactory = createTrustManagerFactory(openKeyStore);
                KeyManager[] createKeyManagers = createKeyManagers(openKeyStore, str, str2);
                sSLContext = SSLContext.getInstance(str3);
                sSLContext.init(createKeyManagers, createTrustManagerFactory.getTrustManagers(), null);
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                throw new IOException(e);
            }
        }
        return sSLContext;
    }

    public static KeyManager[] createKeyManagers(KeyStore keyStore, String str, String str2) throws IOException {
        KeyManager[] keyManagerArr = null;
        if (null != str2) {
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, null == str ? null : str.toCharArray());
                keyManagerArr = createProjectingKeyManagers(str2, keyManagerFactory.getKeyManagers());
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new IOException(e);
            }
        }
        return keyManagerArr;
    }

    public static KeyManager[] createProjectingKeyManagers(final String str, KeyManager[] keyManagerArr) {
        KeyManager[] keyManagerArr2;
        X509KeyManager x509KeyManager = null;
        X509KeyManager x509KeyManager2 = null;
        for (KeyManager keyManager : keyManagerArr) {
            if (keyManager instanceof X509KeyManager) {
                X509KeyManager x509KeyManager3 = (X509KeyManager) keyManager;
                if (null == x509KeyManager2) {
                    x509KeyManager2 = x509KeyManager3;
                }
                if (null != x509KeyManager3.getPrivateKey(str)) {
                    x509KeyManager = x509KeyManager3;
                }
            }
        }
        if (null == x509KeyManager) {
            x509KeyManager = x509KeyManager2;
        }
        if (null != x509KeyManager) {
            final X509KeyManager x509KeyManager4 = x509KeyManager;
            keyManagerArr2 = new KeyManager[]{new X509KeyManager() { // from class: de.iip_ecosphere.platform.support.net.SslUtils.1
                @Override // javax.net.ssl.X509KeyManager
                public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
                    return str;
                }

                @Override // javax.net.ssl.X509KeyManager
                public X509Certificate[] getCertificateChain(String str2) {
                    return x509KeyManager4.getCertificateChain(str2);
                }

                @Override // javax.net.ssl.X509KeyManager
                public String chooseServerAlias(String str2, Principal[] principalArr, Socket socket) {
                    return x509KeyManager4.chooseClientAlias(null, principalArr, socket);
                }

                @Override // javax.net.ssl.X509KeyManager
                public String[] getClientAliases(String str2, Principal[] principalArr) {
                    return x509KeyManager4.getClientAliases(str2, principalArr);
                }

                @Override // javax.net.ssl.X509KeyManager
                public PrivateKey getPrivateKey(String str2) {
                    return x509KeyManager4.getPrivateKey(str2);
                }

                @Override // javax.net.ssl.X509KeyManager
                public String[] getServerAliases(String str2, Principal[] principalArr) {
                    return x509KeyManager4.getServerAliases(str2, principalArr);
                }
            }};
        } else {
            keyManagerArr2 = new KeyManager[0];
        }
        return keyManagerArr2;
    }

    public static PublicKey readPublicKeySafe(File file, String str) {
        PublicKey publicKey;
        try {
            publicKey = readPublicKey(file, str);
        } catch (IOException e) {
            publicKey = null;
        }
        return publicKey;
    }

    public static PublicKey readPublicKey(File file, String str) throws IOException {
        try {
            return KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(new String(Files.readAllBytes(file.toPath()), Charset.defaultCharset()).replace("-----BEGIN PUBLIC KEY-----", "").replaceAll(StringUtils.CR, "").replaceAll("\n", "").replace("-----END PUBLIC KEY-----", ""))));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new IOException(e);
        }
    }
}
