package won.cryptography.service;

import java.io.Serializable;
import java.security.KeyStore;
import javax.crypto.Cipher;
import javax.net.ssl.SSLContext;
import net.sf.ehcache.Cache;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.Ehcache;
import net.sf.ehcache.Element;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.PrivateKeyStrategy;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.ssl.TrustStrategy;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;
import won.cryptography.ssl.PredefinedAliasPrivateKeyStrategy;

/* loaded from: input_file:WEB-INF/lib/won-core-0.3.jar:won/cryptography/service/CryptographyUtils.class */
public class CryptographyUtils {
    private static final Ehcache ehcache;

    public static boolean checkForUnlimitedSecurityPolicy() {
        try {
            int maxAllowedKeyLength = Cipher.getMaxAllowedKeyLength("RC5");
            System.out.println("max allowed key size: " + maxAllowedKeyLength);
            return maxAllowedKeyLength < 256;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    private static SSLContext getSSLContext(KeyStore keyStore, String str, PrivateKeyStrategy privateKeyStrategy, KeyStore keyStore2, TrustStrategy trustStrategy, boolean z) throws Exception {
        return (z && (privateKeyStrategy instanceof PredefinedAliasPrivateKeyStrategy)) ? getCachedSslContextForPredefinedAlias(keyStore, str, (PredefinedAliasPrivateKeyStrategy) privateKeyStrategy, keyStore2, trustStrategy) : createSSLContextBuilder(keyStore, str, privateKeyStrategy, keyStore2, trustStrategy).build();
    }

    private static SSLContext getCachedSslContextForPredefinedAlias(KeyStore keyStore, String str, PredefinedAliasPrivateKeyStrategy predefinedAliasPrivateKeyStrategy, KeyStore keyStore2, TrustStrategy trustStrategy) throws Exception {
        String alias = predefinedAliasPrivateKeyStrategy.getAlias();
        Element element = ehcache.get((Serializable) alias);
        if (element == null) {
            synchronized (ehcache) {
                element = ehcache.get((Serializable) alias);
                if (element == null) {
                    element = new Element(alias, createSSLContextBuilder(keyStore, str, predefinedAliasPrivateKeyStrategy, keyStore2, trustStrategy).build());
                    ehcache.put(element);
                }
            }
        }
        return (SSLContext) element.getObjectValue();
    }

    private static SSLContextBuilder createSSLContextBuilder(KeyStore keyStore, String str, PrivateKeyStrategy privateKeyStrategy, KeyStore keyStore2, TrustStrategy trustStrategy) throws Exception {
        SSLContextBuilder custom = SSLContexts.custom();
        custom.loadKeyMaterial(keyStore, str.toCharArray(), privateKeyStrategy);
        custom.loadTrustMaterial(keyStore2, trustStrategy);
        return custom;
    }

    public static RestTemplate createSslRestTemplate(KeyStore keyStore, String str, PrivateKeyStrategy privateKeyStrategy, KeyStore keyStore2, TrustStrategy trustStrategy, Integer num, Integer num2, boolean z) throws Exception {
        CloseableHttpClient build = HttpClients.custom().setSSLSocketFactory(new SSLConnectionSocketFactory(getSSLContext(keyStore, str, privateKeyStrategy, keyStore2, trustStrategy, z))).build();
        HttpComponentsClientHttpRequestFactory httpComponentsClientHttpRequestFactory = new HttpComponentsClientHttpRequestFactory();
        if (num != null) {
            httpComponentsClientHttpRequestFactory.setReadTimeout(num.intValue());
        }
        if (num2 != null) {
            httpComponentsClientHttpRequestFactory.setConnectTimeout(num2.intValue());
        }
        httpComponentsClientHttpRequestFactory.setHttpClient(build);
        return new RestTemplate(httpComponentsClientHttpRequestFactory);
    }

    public static RestTemplate createSslRestTemplate(TrustStrategy trustStrategy, Integer num, Integer num2) throws Exception {
        CloseableHttpClient build = HttpClients.custom().setSSLSocketFactory(new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial((KeyStore) null, trustStrategy).build())).build();
        HttpComponentsClientHttpRequestFactory httpComponentsClientHttpRequestFactory = new HttpComponentsClientHttpRequestFactory();
        if (num != null) {
            httpComponentsClientHttpRequestFactory.setReadTimeout(num.intValue());
        }
        if (num2 != null) {
            httpComponentsClientHttpRequestFactory.setConnectTimeout(num2.intValue());
        }
        httpComponentsClientHttpRequestFactory.setHttpClient(build);
        return new RestTemplate(httpComponentsClientHttpRequestFactory);
    }

    static {
        CacheManager cacheManager = CacheManager.getInstance();
        ehcache = new Cache("sslContextCache", 100, false, false, 3600L, 600L);
        cacheManager.addCache(ehcache);
    }
}
