package io.snappydata.thrift.common;

import io.snappydata.org.apache.thrift.transport.TTransportException;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:io/snappydata/thrift/common/SSLFactory.class */
public abstract class SSLFactory {
    private static final String[] DEFAULT_PROTOCOLS = {"TLSv1.2", "Default", "TLSv1", "TLS"};

    private SSLFactory() {
    }

    public static SSLSocket getClientSocket(InetAddress inetAddress, int i, int i2, SocketParameters socketParameters) throws TTransportException {
        return createClient(createSSLContext(socketParameters).getSocketFactory(), inetAddress, i, i2, socketParameters);
    }

    private static SSLSocket createClient(SSLSocketFactory sSLSocketFactory, InetAddress inetAddress, int i, int i2, SocketParameters socketParameters) throws TTransportException {
        try {
            SSLSocket sSLSocket = (SSLSocket) sSLSocketFactory.createSocket(inetAddress, i);
            sSLSocket.setSoTimeout(i2);
            if (socketParameters != null) {
                if (socketParameters.getSSLEnabledProtocols() != null) {
                    sSLSocket.setEnabledProtocols(socketParameters.getSSLEnabledProtocols());
                }
                if (socketParameters.getSSLCipherSuites() != null) {
                    sSLSocket.setEnabledCipherSuites(socketParameters.getSSLCipherSuites());
                }
            }
            return sSLSocket;
        } catch (IOException e) {
            throw new TTransportException(1, e);
        } catch (Exception e2) {
            throw new TTransportException(1, "Could not connect to " + inetAddress + " on port " + i, e2);
        }
    }

    public static SSLEngine createEngine(String str, int i, SocketParameters socketParameters, boolean z) throws TTransportException {
        SSLEngine createSSLEngine = createSSLContext(socketParameters).createSSLEngine(str, i);
        if (socketParameters != null) {
            if (socketParameters.getSSLEnabledProtocols() != null) {
                createSSLEngine.setEnabledProtocols(socketParameters.getSSLEnabledProtocols());
            }
            if (socketParameters.getSSLCipherSuites() != null) {
                createSSLEngine.setEnabledCipherSuites(socketParameters.getSSLCipherSuites());
            }
            if (z) {
                createSSLEngine.setUseClientMode(true);
            } else {
                createSSLEngine.setUseClientMode(false);
                createSSLEngine.setNeedClientAuth(socketParameters.getSSLClientAuth());
            }
        }
        return createSSLEngine;
    }

    public static SSLContext createSSLContext(SocketParameters socketParameters) throws TTransportException {
        SSLContext sSLContext;
        FileInputStream fileInputStream = null;
        FileInputStream fileInputStream2 = null;
        try {
            if (socketParameters != null) {
                try {
                    if (socketParameters.hasSSLParams()) {
                        if (!socketParameters.isSSLKeyStoreSet() && !socketParameters.isSSLTrustStoreSet()) {
                            throw new TTransportException("Either one of the KeyStore or TrustStore must be set in SSLSocketParameters having explicit SSL parameters");
                        }
                        if (socketParameters.getSSLProtocol() != null) {
                            sSLContext = SSLContext.getInstance(socketParameters.getSSLProtocol());
                        } else {
                            sSLContext = null;
                            NoSuchAlgorithmException noSuchAlgorithmException = null;
                            for (String str : DEFAULT_PROTOCOLS) {
                                try {
                                    sSLContext = SSLContext.getInstance(str);
                                    break;
                                } catch (NoSuchAlgorithmException e) {
                                    noSuchAlgorithmException = e;
                                }
                            }
                            if (noSuchAlgorithmException != null) {
                                throw noSuchAlgorithmException;
                            }
                            if (sSLContext == null) {
                                throw new NoSuchAlgorithmException(Arrays.toString(DEFAULT_PROTOCOLS));
                            }
                        }
                        KeyManager[] keyManagerArr = null;
                        TrustManager[] trustManagerArr = null;
                        if (socketParameters.isSSLTrustStoreSet()) {
                            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(socketParameters.getSSLTrustManagerType());
                            KeyStore keyStore = KeyStore.getInstance(socketParameters.getSSLTrustStoreType());
                            fileInputStream = new FileInputStream(socketParameters.getSSLTrustStore());
                            keyStore.load(fileInputStream, socketParameters.getSSLTrustPass().toCharArray());
                            trustManagerFactory.init(keyStore);
                            trustManagerArr = trustManagerFactory.getTrustManagers();
                        }
                        if (socketParameters.isSSLKeyStoreSet()) {
                            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(socketParameters.getSSLKeyManagerType());
                            KeyStore keyStore2 = KeyStore.getInstance(socketParameters.getSSLKeyStoreType());
                            char[] charArray = socketParameters.getSSLKeyPass() != null ? socketParameters.getSSLKeyPass().toCharArray() : null;
                            fileInputStream2 = new FileInputStream(socketParameters.getSSLKeyStore());
                            keyStore2.load(fileInputStream2, charArray);
                            keyManagerFactory.init(keyStore2, charArray);
                            keyManagerArr = keyManagerFactory.getKeyManagers();
                        }
                        sSLContext.init(keyManagerArr, trustManagerArr, null);
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (Exception e2) {
                            }
                        }
                        if (fileInputStream2 != null) {
                            try {
                                fileInputStream2.close();
                            } catch (Exception e3) {
                            }
                        }
                        return sSLContext;
                    }
                } catch (Exception e4) {
                    throw new TTransportException("Error creating the transport", e4);
                }
            }
            SSLContext sSLContext2 = SSLContext.getDefault();
            if (0 != 0) {
                try {
                    fileInputStream.close();
                } catch (Exception e5) {
                }
            }
            if (0 != 0) {
                try {
                    fileInputStream2.close();
                } catch (Exception e6) {
                }
            }
            return sSLContext2;
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    fileInputStream.close();
                } catch (Exception e7) {
                }
            }
            if (0 != 0) {
                try {
                    fileInputStream2.close();
                } catch (Exception e8) {
                }
            }
            throw th;
        }
    }
}
