package io.cloudslang.content.mail.sslconfig;

import io.cloudslang.content.mail.constants.Constants;
import io.cloudslang.content.mail.constants.PropNames;
import io.cloudslang.content.mail.constants.SecurityConstants;
import io.cloudslang.content.mail.entities.GetMailInput;
import io.cloudslang.content.mail.entities.MailInput;
import io.cloudslang.content.mail.entities.SimpleAuthenticator;
import io.cloudslang.content.mail.utils.ProxyUtils;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Properties;
import javax.mail.Authenticator;
import javax.mail.MessagingException;
import javax.mail.NoSuchProviderException;
import javax.mail.Session;
import javax.mail.Store;
import javax.mail.URLName;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:io/cloudslang/content/mail/sslconfig/SSLUtils.class */
public class SSLUtils {
    public static KeyStore createKeyStore(URL url, String str) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (url == null) {
            throw new IllegalArgumentException("Keystore url may not be null");
        }
        KeyStore keyStore = KeyStore.getInstance("jks");
        InputStream inputStream = null;
        try {
            inputStream = url.openStream();
            keyStore.load(inputStream, str != null ? str.toCharArray() : null);
            if (inputStream != null) {
                inputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (inputStream != null) {
                inputStream.close();
            }
            throw th;
        }
    }

    public static KeyManager[] createKeyManagers(KeyStore keyStore, String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore may not be null");
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, str != null ? str.toCharArray() : null);
        return keyManagerFactory.getKeyManagers();
    }

    public static TrustManager[] createAuthTrustManagers(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException {
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore may not be null");
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                trustManagers[i] = new AuthSSLX509TrustManager((X509TrustManager) trustManagers[i]);
            }
        }
        return trustManagers;
    }

    public static Store createMessageStore(GetMailInput getMailInput) throws Exception {
        Store configureStoreWithoutSSL;
        Properties properties = new Properties();
        if (getMailInput.getTimeout() > 0) {
            properties.put(PropNames.MAIL + getMailInput.getProtocol() + PropNames.TIMEOUT, Integer.valueOf(getMailInput.getTimeout()));
        }
        if (StringUtils.isNotEmpty(getMailInput.getProxyHost())) {
            ProxyUtils.setPropertiesProxy(properties, getMailInput);
        }
        SimpleAuthenticator simpleAuthenticator = new SimpleAuthenticator(getMailInput.getUsername(), getMailInput.getPassword());
        if (getMailInput.isEnableTLS() || getMailInput.isEnableSSL()) {
            addSSLSettings(getMailInput.isTrustAllRoots(), getMailInput.getKeystore(), getMailInput.getKeystorePassword(), "", "");
        }
        if (getMailInput.isEnableTLS()) {
            configureStoreWithoutSSL = tryTLSOtherwiseTrySSL(simpleAuthenticator, properties, getMailInput);
        } else if (getMailInput.isEnableSSL()) {
            configureStoreWithoutSSL = connectUsingSSL(properties, simpleAuthenticator, getMailInput);
        } else {
            configureStoreWithoutSSL = configureStoreWithoutSSL(properties, simpleAuthenticator, getMailInput);
            configureStoreWithoutSSL.connect();
        }
        return configureStoreWithoutSSL;
    }

    public static void addSSLSettings(boolean z, String str, String str2, String str3, String str4) throws Exception {
        boolean z2 = false;
        boolean z3 = false;
        String property = System.getProperty(PropNames.FILE_SEPARATOR);
        String str5 = System.getProperty(PropNames.JAVA_HOME) + property + "lib" + property + "security" + property + "cacerts";
        if (str.length() == 0 && !z) {
            boolean exists = new File(str5).exists();
            str = exists ? Constants.FILE + str5 : null;
            if (null != str2 && "".equals(str2)) {
                str2 = SecurityConstants.DEFAULT_PASSWORD_FOR_STORE;
            }
            z2 = exists;
        } else if (!z) {
            if (!str.startsWith(Constants.HTTP)) {
                str = Constants.FILE + str;
            }
            z2 = true;
        }
        if (str3.length() == 0 && !z) {
            boolean exists2 = new File(str5).exists();
            str3 = exists2 ? Constants.FILE + str5 : null;
            if (!exists2) {
                str4 = null;
            } else if (StringUtils.isEmpty(str4)) {
                str4 = SecurityConstants.DEFAULT_PASSWORD_FOR_STORE;
            }
            z3 = exists2;
        } else if (!z) {
            if (!str3.startsWith(Constants.HTTP)) {
                str3 = Constants.FILE + str3;
            }
            z3 = true;
        }
        TrustManager[] trustManagerArr = null;
        KeyManager[] keyManagerArr = null;
        if (z) {
            trustManagerArr = new TrustManager[]{new EasyX509TrustManager()};
        }
        if (z3) {
            trustManagerArr = createAuthTrustManagers(createKeyStore(new URL(str3), str4));
        }
        if (z2) {
            keyManagerArr = createKeyManagers(createKeyStore(new URL(str), str2), str2);
        }
        SSLContext sSLContext = SSLContext.getInstance(SecurityConstants.SSL);
        sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
        SSLContext.setDefault(sSLContext);
    }

    static Store connectUsingSSL(Properties properties, Authenticator authenticator, GetMailInput getMailInput) throws MessagingException {
        Store configureStoreWithSSL = configureStoreWithSSL(properties, authenticator, getMailInput);
        configureStoreWithSSL.connect();
        return configureStoreWithSSL;
    }

    public static Store configureStoreWithSSL(Properties properties, Authenticator authenticator, MailInput mailInput) throws NoSuchProviderException {
        configureWithSSL(properties, mailInput);
        return Session.getInstance(properties, authenticator).getStore(new URLName(mailInput.getProtocol(), mailInput.getHostname(), mailInput.getPort().shortValue(), "", mailInput.getUsername(), mailInput.getPassword()));
    }

    private static void configureWithSSL(Properties properties, MailInput mailInput) {
        properties.setProperty(PropNames.MAIL + mailInput.getProtocol() + PropNames.SOCKET_FACTORY_CLASS, SecurityConstants.SSL_SOCKET_FACTORY);
        properties.setProperty(PropNames.MAIL + mailInput.getProtocol() + PropNames.SOCKET_FACTORY_FALLBACK, String.valueOf(false));
        properties.setProperty(PropNames.MAIL + mailInput.getProtocol() + PropNames.PORT, String.valueOf(mailInput.getPort()));
        properties.setProperty(PropNames.MAIL + mailInput.getProtocol() + PropNames.SOCKET_FACTORY_PORT, String.valueOf(mailInput.getPort()));
    }

    public static Store tryTLSOtherwiseTrySSL(Authenticator authenticator, Properties properties, GetMailInput getMailInput) throws MessagingException {
        Store configureStoreWithTLS = configureStoreWithTLS(properties, authenticator, getMailInput);
        try {
            configureStoreWithTLS.connect(getMailInput.getHostname(), getMailInput.getUsername(), getMailInput.getPassword());
        } catch (Exception e) {
            if (!getMailInput.isEnableSSL()) {
                throw e;
            }
            clearTLSProperties(properties, getMailInput);
            configureStoreWithTLS = connectUsingSSL(properties, authenticator, getMailInput);
        }
        return configureStoreWithTLS;
    }

    public static Store configureStoreWithTLS(Properties properties, Authenticator authenticator, MailInput mailInput) throws NoSuchProviderException {
        configureWithTLS(properties, mailInput);
        return Session.getInstance(properties, authenticator).getStore(mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX);
    }

    public static void configureWithTLS(Properties properties, MailInput mailInput) {
        String format = String.format(PropNames.MAIL_SSL_ENABLE, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX);
        String format2 = String.format(PropNames.MAIL_STARTTLS_ENABLE, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX);
        String format3 = String.format(PropNames.MAIL_STARTTLS_REQUIRED, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX);
        String format4 = String.format(PropNames.MAIL_SOCKET_FACTORY, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX);
        String format5 = String.format(PropNames.MAIL_SOCKET_FACTORY_FALLBACK, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX);
        TLSSocketFactory tLSSocketFactory = new TLSSocketFactory(mailInput.getTlsVersions(), mailInput.getAllowedCiphers());
        if (mailInput.getTlsVersions().isEmpty()) {
            properties.setProperty(format, String.valueOf(false));
            properties.setProperty(format2, String.valueOf(true));
            properties.setProperty(format3, String.valueOf(true));
        } else {
            properties.setProperty(format, String.valueOf(false));
            properties.setProperty(format2, String.valueOf(true));
            properties.setProperty(format3, String.valueOf(true));
            properties.put(format4, tLSSocketFactory);
            properties.setProperty(format5, String.valueOf(false));
        }
    }

    public static void clearTLSProperties(Properties properties, MailInput mailInput) {
        properties.remove(String.format(PropNames.MAIL_SSL_ENABLE, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX));
        properties.remove(String.format(PropNames.MAIL_STARTTLS_ENABLE, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX));
        properties.remove(String.format(PropNames.MAIL_STARTTLS_REQUIRED, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX));
        properties.remove(String.format(PropNames.MAIL_SOCKET_FACTORY, mailInput.getProtocol() + SecurityConstants.SECURE_SUFFIX));
        properties.remove(String.format(PropNames.MAIL_SSL_ENABLE, mailInput.getProtocol()));
        properties.remove(String.format(PropNames.MAIL_STARTTLS_ENABLE, mailInput.getProtocol()));
        properties.remove(String.format(PropNames.MAIL_STARTTLS_REQUIRED, mailInput.getProtocol()));
    }

    static Store configureStoreWithoutSSL(Properties properties, Authenticator authenticator, GetMailInput getMailInput) throws NoSuchProviderException {
        properties.put(PropNames.MAIL + getMailInput.getProtocol() + PropNames.HOST, getMailInput.getHostname());
        properties.put(PropNames.MAIL + getMailInput.getProtocol() + PropNames.PORT, getMailInput.getPort());
        return Session.getInstance(properties, authenticator).getStore(getMailInput.getProtocol());
    }
}
