package com.buildforge.services.common.ssl;

import com.buildforge.services.common.dbo.SSLDBO;
import com.buildforge.services.common.ssl.config.SSLConfig;
import com.buildforge.services.common.ssl.config.SSLConfigManager;
import com.buildforge.services.common.ssl.provider.JSSEProviderFactory;
import java.io.IOException;
import java.io.InputStream;
import java.nio.channels.SocketChannel;
import java.security.KeyStore;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;

/* loaded from: input_file:com/buildforge/services/common/ssl/BuildForgeSSLEngineFactory.class */
public class BuildForgeSSLEngineFactory {
    public static final String KEYSTORE_LOCATION_SYSTEM_PROPERTY_NAME = "buildforge.keystore.location";
    public static final String KEYSTORE_TYPE_SYSTEM_PROPERTY_NAME = "buildforge.keystore.type";
    public static final String KEYSTORE_PASSWORD_SYSTEM_PROPERTY_NAME = "buildforge.keystore.password";
    private static final String DEFAULT_KEYSTORE_LOCATION = "buildForgeKeyStore";
    private static final String DEFAULT_KEYSTORE_TYPE = "JKS";
    private static final String DEFAULT_KEYSTORE_PASSWORD = "buildforge";
    private static SSLContext INSECURE;
    private static final Logger log = Logger.getLogger(BuildForgeSSLEngineFactory.class.getName());
    private static final BuildForgeSSLEngineFactory INSTANCE = new BuildForgeSSLEngineFactory();

    private BuildForgeSSLEngineFactory() {
    }

    public static BuildForgeSSLEngineFactory getInstance() {
        return INSTANCE;
    }

    public BuildForgeSSLEngine buildClientSSLEngine(SocketChannel socketChannel) throws IOException {
        return buildSSLEngine(socketChannel, true);
    }

    public BuildForgeSSLEngine buildClientSSLEngine(SocketChannel socketChannel, String str, int i) throws IOException {
        return buildSSLEngine(socketChannel, true, str, i);
    }

    public BuildForgeSSLEngine buildServerSSLEngine(SocketChannel socketChannel) throws IOException {
        return buildSSLEngine(socketChannel, false);
    }

    public BuildForgeSSLEngine buildSSLEngine(SocketChannel socketChannel, boolean z) throws IOException {
        return new BuildForgeSSLEngine(createSSLEngine(z), socketChannel, z);
    }

    public BuildForgeSSLEngine buildSSLEngine(SocketChannel socketChannel, boolean z, String str, int i) throws IOException {
        return new BuildForgeSSLEngine(createSSLEngine(z), socketChannel, z, str, i);
    }

    private static SSLEngine createSSLEngine(boolean z) throws IOException {
        return createSSLEngine(true, z);
    }

    private static SSLEngine createSSLEngine(boolean z, boolean z2) throws IOException {
        SSLConfig servicesLayerOutboundSSLConfig = z2 ? SSLConfigManager.getInstance().getServicesLayerOutboundSSLConfig() : SSLConfigManager.getInstance().getServicesLayerInboundSSLConfig();
        if (!z || servicesLayerOutboundSSLConfig == null) {
            try {
                if (INSECURE == null) {
                    INSECURE = SSLContext.getInstance(SSLDBO.TYPE_KEY);
                    INSECURE.init(getKeyManagers(), BypassTrustManager.ARRAY, null);
                }
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, "Using the ByPass TrustManager SSL config for client.");
                }
                return INSECURE.createSSLEngine();
            } catch (Exception e) {
                if (log.isLoggable(Level.WARNING)) {
                    log.log(Level.WARNING, "Could not create an insecure SSL engine due to an exception: ", (Throwable) e);
                }
                throw new IOException(e.getMessage());
            }
        }
        try {
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "Using the following SSL config for client=" + z2 + ": " + String.valueOf(servicesLayerOutboundSSLConfig));
            }
            return JSSEProviderFactory.getInstance().getSSLEngine(z2, servicesLayerOutboundSSLConfig);
        } catch (IOException e2) {
            if (log.isLoggable(Level.WARNING)) {
                log.log(Level.WARNING, "Could not create a secure SSL engine due to an IOException.", (Throwable) e2);
            }
            throw e2;
        } catch (Exception e3) {
            if (log.isLoggable(Level.WARNING)) {
                log.log(Level.WARNING, "Could not create a secure SSL engine due to a generic Exception.", (Throwable) e3);
            }
            throw new IOException(e3.getMessage());
        }
    }

    private static KeyManager[] getKeyManagers() throws Exception {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(getKeyStore(), getKeyStorePassword().toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    private static KeyStore getKeyStore() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        String keyStoreLocation = getKeyStoreLocation();
        if (log.isLoggable(Level.FINE)) {
            log.fine("Keystore location : '" + keyStoreLocation + "'");
        }
        InputStream resourceAsStream = BuildForgeSSLEngineFactory.class.getResourceAsStream(keyStoreLocation);
        if (resourceAsStream == null) {
            resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(keyStoreLocation);
        }
        keyStore.load(resourceAsStream, getKeyStorePassword().toCharArray());
        return keyStore;
    }

    public static String getKeyStoreLocation() {
        return System.getProperty(KEYSTORE_LOCATION_SYSTEM_PROPERTY_NAME, DEFAULT_KEYSTORE_LOCATION);
    }

    public static String getKeyStorePassword() {
        return System.getProperty(KEYSTORE_PASSWORD_SYSTEM_PROPERTY_NAME, DEFAULT_KEYSTORE_PASSWORD);
    }

    public static String getKeyStoreType() {
        return System.getProperty(KEYSTORE_TYPE_SYSTEM_PROPERTY_NAME, DEFAULT_KEYSTORE_TYPE);
    }
}
