package org.appenders.log4j2.elasticsearch.hc;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Optional;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.nio.conn.ssl.SSLIOSessionStrategy;
import org.appenders.log4j2.elasticsearch.CertInfo;
import org.appenders.log4j2.elasticsearch.hc.HttpClientFactory;
import org.appenders.log4j2.elasticsearch.hc.thirdparty.PemReader;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:org/appenders/log4j2/elasticsearch/hc/PEMCertInfo.class */
public final class PEMCertInfo implements CertInfo<HttpClientFactory.Builder> {
    static final String configExceptionMessage = "Failed to apply SSL/TLS settings";
    private final String keyPath;
    private final String keyPassphrase;
    private final String clientCertPath;
    private final String caPath;

    /* loaded from: input_file:org/appenders/log4j2/elasticsearch/hc/PEMCertInfo$Builder.class */
    public static class Builder implements org.apache.logging.log4j.core.util.Builder<PEMCertInfo> {
        private String keyPath;
        private String clientCertPath;
        private String caPath;
        private String keyPassphrase;

        /* renamed from: build, reason: merged with bridge method [inline-methods] */
        public PEMCertInfo m11build() {
            if (this.keyPath == null) {
                throw new IllegalArgumentException("No keyPath provided for " + getClass().getSimpleName());
            }
            if (this.clientCertPath == null) {
                throw new IllegalArgumentException("No clientCertPath provided for " + getClass().getSimpleName());
            }
            if (this.caPath == null) {
                throw new IllegalArgumentException("No caPath provided for " + getClass().getSimpleName());
            }
            return new PEMCertInfo(this.keyPath, this.keyPassphrase, this.clientCertPath, this.caPath);
        }

        public Builder withKeyPath(String str) {
            this.keyPath = str;
            return this;
        }

        public Builder withClientCertPath(String str) {
            this.clientCertPath = str;
            return this;
        }

        public Builder withCaPath(String str) {
            this.caPath = str;
            return this;
        }

        public Builder withKeyPassphrase(String str) {
            this.keyPassphrase = str;
            return this;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PEMCertInfo(String str, String str2, String str3, String str4) {
        this.keyPath = str;
        this.keyPassphrase = str2;
        this.clientCertPath = str3;
        this.caPath = str4;
    }

    public void applyTo(HttpClientFactory.Builder builder) {
        if (java.security.Security.getProvider("BC") == null) {
            java.security.Security.addProvider(new BouncyCastleProvider());
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(new File(this.clientCertPath));
            try {
                FileInputStream fileInputStream2 = new FileInputStream(new File(this.keyPath));
                try {
                    fileInputStream2 = new FileInputStream(new File(this.caPath));
                    try {
                        KeyStore loadKeyStore = PemReader.loadKeyStore(fileInputStream, fileInputStream2, Optional.ofNullable(this.keyPassphrase));
                        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                        keyManagerFactory.init(loadKeyStore, this.keyPassphrase.toCharArray());
                        KeyStore loadTrustStore = PemReader.loadTrustStore(fileInputStream2);
                        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                        trustManagerFactory.init(loadTrustStore);
                        SSLContext sSLContext = SSLContext.getInstance("TLS");
                        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                        builder.withSslSocketFactory(new SSLConnectionSocketFactory(sSLContext));
                        builder.withHttpsIOSessionStrategy(new SSLIOSessionStrategy(sSLContext, new NoopHostnameVerifier()));
                        fileInputStream2.close();
                        fileInputStream2.close();
                        fileInputStream.close();
                    } finally {
                        try {
                            fileInputStream2.close();
                        } catch (Throwable th) {
                            th.addSuppressed(th);
                        }
                    }
                } catch (Throwable th2) {
                    throw th2;
                }
            } finally {
            }
        } catch (IOException | GeneralSecurityException e) {
            throw new IllegalArgumentException(configExceptionMessage, e);
        }
    }

    public static Builder newBuilder() {
        return new Builder();
    }
}
