package no.digipost.signature.client.internal;

import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.config.ConnectionConfig;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
import org.apache.http.ssl.SSLContexts;

/* loaded from: input_file:no/digipost/signature/client/internal/SigneringHttpClient.class */
public class SigneringHttpClient {
    public static final KeyStoreConfig CLIENT_TRUSTSTORE = KeyStoreConfig.fromKeyStore(SigneringHttpClient.class.getResourceAsStream("/truststore.jce"), "root", "Qwer1234", null);
    public static final int SOCKET_TIMEOUT_MS = 10000;
    public static final int CONNECT_TIMEOUT_MS = 10000;
    public static final int CONNECTION_REQUEST_TIMEOUT_MS = 10000;
    public static final int MAX_CONNECTIONS_PER_ROUTE = 10;
    public static final int MAX_CONNECTIONS_TOTAL = 10;

    public static CloseableHttpClient create(KeyStoreConfig keyStoreConfig) {
        try {
            SSLConnectionSocketFactory createSSLSocketFactory = createSSLSocketFactory(keyStoreConfig);
            return HttpClientBuilder.create().setDefaultConnectionConfig(ConnectionConfig.DEFAULT).setDefaultSocketConfig(createSocketConfig(10000)).setDefaultRequestConfig(createRequestConfig(10000, 10000, 10000)).setMaxConnTotal(10).setMaxConnPerRoute(10).setSSLSocketFactory(createSSLSocketFactory).setConnectionManager(createConnectionManager(createSSLSocketFactory)).build();
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new RuntimeException(e);
        }
    }

    public static RequestConfig createRequestConfig(int i, int i2, int i3) {
        return RequestConfig.custom().setConnectionRequestTimeout(i).setConnectTimeout(i2).setSocketTimeout(i3).build();
    }

    public static SocketConfig createSocketConfig(int i) {
        return SocketConfig.custom().setSoTimeout(i).build();
    }

    private static SSLConnectionSocketFactory createSSLSocketFactory(KeyStoreConfig keyStoreConfig) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        return new SSLConnectionSocketFactory(SSLContexts.custom().loadKeyMaterial(keyStoreConfig.keyStore, keyStoreConfig.privatekeyPassword.toCharArray()).loadTrustMaterial(CLIENT_TRUSTSTORE.keyStore, new TrustSelfSignedStrategy()).build(), new String[]{"TLSv1.2"}, (String[]) null, NoopHostnameVerifier.INSTANCE);
    }

    private static BasicHttpClientConnectionManager createConnectionManager(SSLConnectionSocketFactory sSLConnectionSocketFactory) {
        return new BasicHttpClientConnectionManager(RegistryBuilder.create().register("https", sSLConnectionSocketFactory).build());
    }
}
