package de.iip_ecosphere.platform.support.net;

import de.iip_ecosphere.platform.support.aas.AasFactory;
import de.iip_ecosphere.platform.support.resources.ResourceLoader;
import de.iip_ecosphere.platform.support.resources.ResourceResolver;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:de/iip_ecosphere/platform/support/net/SslUtils.class */
public class SslUtils {
    public static final String KEYSTORE_JKS = "JKS";
    public static final String KEYSTORE_PCKS12 = "PKCS12";
    public static final String TRUST_MANAGER_SUN_X509 = "SunX509";
    public static final String CONTEXT_ALG_TLS12 = "TLSv1.2";
    public static final String CONTEXT_ALG_TLS = "TLS";

    public static final String getKeystoreType(File file) {
        return getKeystoreType(file.getName());
    }

    public static final String getKeystoreType(String str) {
        String str2 = KEYSTORE_JKS;
        if (str.endsWith(".p12")) {
            str2 = KEYSTORE_PCKS12;
        }
        return str2;
    }

    public static KeyStore openKeyStore(File file, String str) throws IOException {
        KeyStore keyStore = null;
        if (null != file) {
            try {
                keyStore = KeyStore.getInstance(getKeystoreType(file));
                InputStream resourceAsStream = ResourceLoader.getResourceAsStream(file.toString(), new ResourceResolver[0]);
                if (null == resourceAsStream) {
                    resourceAsStream = new FileInputStream(file);
                }
                keyStore.load(resourceAsStream, null == str ? null : str.toCharArray());
                resourceAsStream.close();
            } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new IOException(e);
            }
        }
        return keyStore;
    }

    public static TrustManagerFactory createTrustManagerFactory(File file, String str) throws IOException {
        TrustManagerFactory trustManagerFactory = null;
        if (null != file) {
            trustManagerFactory = createTrustManagerFactory(openKeyStore(file, str));
        }
        return trustManagerFactory;
    }

    public static TrustManagerFactory createTrustManagerFactory(KeyStore keyStore) throws IOException {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_SUN_X509);
            trustManagerFactory.init(keyStore);
            return trustManagerFactory;
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new IOException(e);
        }
    }

    public static SSLContext createTlsContext(File file, String str) throws IOException {
        return createTlsContext(file, str, null);
    }

    public static SSLContext createTlsContext(File file, String str, String str2) throws IOException {
        return createTlsContext(file, str, str2, CONTEXT_ALG_TLS);
    }

    public static SSLContext createTlsContext(File file, String str, String str2, String str3) throws IOException {
        SSLContext sSLContext = null;
        KeyStore openKeyStore = openKeyStore(file, str);
        if (null != openKeyStore) {
            try {
                TrustManagerFactory createTrustManagerFactory = createTrustManagerFactory(openKeyStore);
                KeyManager[] createKeyManagers = createKeyManagers(openKeyStore, str, str2);
                sSLContext = SSLContext.getInstance(str3);
                sSLContext.init(createKeyManagers, createTrustManagerFactory.getTrustManagers(), null);
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                throw new IOException(e);
            }
        }
        return sSLContext;
    }

    public static KeyManager[] createKeyManagers(KeyStore keyStore, String str, final String str2) throws IOException {
        KeyManager[] keyManagerArr = null;
        if (null != str2) {
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, null == str ? null : str.toCharArray());
                final X509KeyManager x509KeyManager = (X509KeyManager) keyManagerFactory.getKeyManagers()[0];
                keyManagerArr = new KeyManager[]{new X509KeyManager() { // from class: de.iip_ecosphere.platform.support.net.SslUtils.1
                    @Override // javax.net.ssl.X509KeyManager
                    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
                        return str2;
                    }

                    @Override // javax.net.ssl.X509KeyManager
                    public X509Certificate[] getCertificateChain(String str3) {
                        return x509KeyManager.getCertificateChain(str3);
                    }

                    @Override // javax.net.ssl.X509KeyManager
                    public String chooseServerAlias(String str3, Principal[] principalArr, Socket socket) {
                        return x509KeyManager.chooseClientAlias(null, principalArr, socket);
                    }

                    @Override // javax.net.ssl.X509KeyManager
                    public String[] getClientAliases(String str3, Principal[] principalArr) {
                        return x509KeyManager.getClientAliases(str3, principalArr);
                    }

                    @Override // javax.net.ssl.X509KeyManager
                    public PrivateKey getPrivateKey(String str3) {
                        return x509KeyManager.getPrivateKey(str3);
                    }

                    @Override // javax.net.ssl.X509KeyManager
                    public String[] getServerAliases(String str3, Principal[] principalArr) {
                        return x509KeyManager.getServerAliases(str3, principalArr);
                    }
                }};
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new IOException(e);
            }
        }
        return keyManagerArr;
    }

    public static PublicKey readPublicKeySafe(File file, String str) {
        PublicKey publicKey;
        try {
            publicKey = readPublicKey(file, str);
        } catch (IOException e) {
            publicKey = null;
        }
        return publicKey;
    }

    public static PublicKey readPublicKey(File file, String str) throws IOException {
        try {
            return KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(new String(Files.readAllBytes(file.toPath()), Charset.defaultCharset()).replace("-----BEGIN PUBLIC KEY-----", AasFactory.DEFAULT_PROTOCOL).replaceAll("\r", AasFactory.DEFAULT_PROTOCOL).replaceAll("\n", AasFactory.DEFAULT_PROTOCOL).replace("-----END PUBLIC KEY-----", AasFactory.DEFAULT_PROTOCOL))));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new IOException(e);
        }
    }
}
