package pl.allegro.tech.hermes.common.ssl;

import com.google.common.base.Strings;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.net.URI;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:pl/allegro/tech/hermes/common/ssl/JvmKeystoreSslContextFactory.class */
public class JvmKeystoreSslContextFactory implements SslContextFactory {
    private final String protocol;
    private final KeystoreProperties keyStoreProperties;
    private final KeystoreProperties trustStoreProperties;

    public JvmKeystoreSslContextFactory(String str, KeystoreProperties keystoreProperties, KeystoreProperties keystoreProperties2) {
        this.protocol = str;
        this.keyStoreProperties = keystoreProperties;
        this.trustStoreProperties = keystoreProperties2;
    }

    @Override // pl.allegro.tech.hermes.common.ssl.SslContextFactory
    public SSLContext create() {
        try {
            return createSSLContext(loadKeyStore(this.keyStoreProperties), loadKeyStore(this.trustStoreProperties));
        } catch (Exception e) {
            throw new IllegalStateException("Something went wrong with setting up SSL context.", e);
        }
    }

    private KeyStore loadKeyStore(KeystoreProperties keystoreProperties) throws Exception {
        InputStream resourceAsInputStream = getResourceAsInputStream(keystoreProperties.getLocationAsURI());
        Throwable th = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(keystoreProperties.getFormat());
                keyStore.load(resourceAsInputStream, keystoreProperties.getPassword().toCharArray());
                if (resourceAsInputStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        resourceAsInputStream.close();
                    }
                }
                return keyStore;
            } finally {
            }
        } catch (Throwable th3) {
            if (resourceAsInputStream != null) {
                if (th != null) {
                    try {
                        resourceAsInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    resourceAsInputStream.close();
                }
            }
            throw th3;
        }
    }

    private InputStream getResourceAsInputStream(URI uri) throws FileNotFoundException {
        if ("classpath".equalsIgnoreCase(uri.getScheme())) {
            return JvmKeystoreSslContextFactory.class.getClassLoader().getResourceAsStream(uri.getSchemeSpecificPart());
        }
        return new FileInputStream(Strings.isNullOrEmpty(uri.getPath()) ? uri.getSchemeSpecificPart() : uri.getPath());
    }

    private SSLContext createSSLContext(KeyStore keyStore, KeyStore keyStore2) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, this.keyStoreProperties.getPassword().toCharArray());
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore2);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        SSLContext sSLContext = SSLContext.getInstance(this.protocol);
        sSLContext.init(keyManagers, trustManagers, new SecureRandom());
        return sSLContext;
    }
}
