package org.opendaylight.sxp.core.service;

import com.google.common.base.Preconditions;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Objects;
import java.util.Optional;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import org.opendaylight.sxp.core.Configuration;
import org.opendaylight.yang.gen.v1.urn.opendaylight.sxp.node.rev160308.PathType;
import org.opendaylight.yang.gen.v1.urn.opendaylight.sxp.node.rev160308.security.fields.Tls;
import org.opendaylight.yang.gen.v1.urn.opendaylight.sxp.node.rev160308.tls.security.fields.Keystore;
import org.opendaylight.yang.gen.v1.urn.opendaylight.sxp.node.rev160308.tls.security.fields.Truststore;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/sxp/core/service/SslContextFactory.class */
public final class SslContextFactory {
    private static final Logger LOG = LoggerFactory.getLogger(SslContextFactory.class);
    private SslContext clientSslContext;
    private SslContext serverSslContext;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.opendaylight.sxp.core.service.SslContextFactory$1, reason: invalid class name */
    /* loaded from: input_file:org/opendaylight/sxp/core/service/SslContextFactory$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$opendaylight$yang$gen$v1$urn$opendaylight$sxp$node$rev160308$PathType = new int[PathType.values().length];

        static {
            try {
                $SwitchMap$org$opendaylight$yang$gen$v1$urn$opendaylight$sxp$node$rev160308$PathType[PathType.CLASSPATH.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$opendaylight$yang$gen$v1$urn$opendaylight$sxp$node$rev160308$PathType[PathType.PATH.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public SslContextFactory(Tls tls) {
        this.clientSslContext = null;
        this.serverSslContext = null;
        try {
            if (Objects.nonNull(tls)) {
                KeyManagerFactory keyStore = getKeyStore(tls.getKeystore(), tls.getCertificatePassword());
                TrustManagerFactory trustStore = getTrustStore(tls.getTruststore());
                this.clientSslContext = SslContextBuilder.forClient().keyManager(keyStore).trustManager(trustStore).build();
                this.serverSslContext = SslContextBuilder.forServer(keyStore).trustManager(trustStore).clientAuth(ClientAuth.REQUIRE).build();
            }
        } catch (IOException e) {
            LOG.error("IOException - Failed to load keystore / truststore.", e);
        } catch (NoSuchAlgorithmException e2) {
            LOG.error("NoSuchAlgorithmException - Unsupported algorithm.", e2);
        } catch (CertificateException e3) {
            LOG.error("CertificateException - Unable to access certificate (check password).", e3);
        } catch (Exception e4) {
            LOG.error("Exception - Failed to initialize the SSLContext", e4);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v10, types: [java.io.InputStream] */
    public static InputStream asInputStream(String str, PathType pathType) {
        FileInputStream fileInputStream;
        switch (AnonymousClass1.$SwitchMap$org$opendaylight$yang$gen$v1$urn$opendaylight$sxp$node$rev160308$PathType[pathType.ordinal()]) {
            case Configuration.SET_COMPOSITION_ATTRIBUTE_COMPACT_NO_RESERVED_FIELDS /* 1 */:
                fileInputStream = SslContextFactory.class.getClassLoader().getResourceAsStream(str);
                Preconditions.checkArgument(fileInputStream != null, "File not found: %s", str);
                break;
            case 2:
                LOG.debug("Current dir using System: {}", System.getProperty("user.dir"));
                try {
                    fileInputStream = new FileInputStream(new File(str));
                    break;
                } catch (FileNotFoundException e) {
                    throw new IllegalStateException("File not found: " + str, e);
                }
            default:
                throw new IllegalArgumentException("Unknown path type: " + pathType);
        }
        return fileInputStream;
    }

    private KeyManagerFactory getKeyStore(Keystore keystore, String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableKeyException {
        KeyStore keyStore = KeyStore.getInstance(((Keystore) Objects.requireNonNull(keystore)).getType().name());
        keyStore.load(asInputStream(keystore.getLocation(), keystore.getPathType()), keystore.getPassword().toCharArray());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, Objects.isNull(str) ? new char[0] : str.toCharArray());
        return keyManagerFactory;
    }

    private TrustManagerFactory getTrustStore(Truststore truststore) throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(((Truststore) Objects.requireNonNull(truststore)).getType().name());
        keyStore.load(asInputStream(truststore.getLocation(), truststore.getPathType()), truststore.getPassword().toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    public Optional<SslContext> getClientContext() {
        return Objects.isNull(this.clientSslContext) ? Optional.empty() : Optional.of(this.clientSslContext);
    }

    public Optional<SslContext> getServerContext() {
        return Objects.isNull(this.serverSslContext) ? Optional.empty() : Optional.of(this.serverSslContext);
    }
}
