package com.questdb.net;

import com.questdb.ex.NetworkError;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/questdb/net/SslConfig.class */
public class SslConfig {
    private static final X509TrustManager[] allowAllTrustManagers = {new AllowAllTrustManager()};
    private SSLContext sslContext;
    private KeyManagerFactory keyManagerFactory;
    private TrustManagerFactory trustManagerFactory;
    private boolean secure = false;
    private boolean requireClientAuth = false;
    private boolean client = false;
    private boolean trustAll = false;

    /* loaded from: input_file:com/questdb/net/SslConfig$AllowAllTrustManager.class */
    private static final class AllowAllTrustManager implements X509TrustManager {
        private AllowAllTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public SSLContext getSslContext() {
        if (this.sslContext == null) {
            this.sslContext = createSSLContext();
        }
        return this.sslContext;
    }

    public boolean isClient() {
        return this.client;
    }

    public void setClient(boolean z) {
        this.client = z;
    }

    public boolean isRequireClientAuth() {
        return this.requireClientAuth;
    }

    public void setRequireClientAuth(boolean z) {
        this.requireClientAuth = z;
    }

    public boolean isSecure() {
        return this.secure;
    }

    public void setSecure(boolean z) {
        this.secure = z;
    }

    public boolean isTrustAll() {
        return this.trustAll;
    }

    public void setTrustAll(boolean z) {
        this.trustAll = z;
    }

    public void setKeyStore(InputStream inputStream, String str) throws UnrecoverableKeyException, CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
        setKeyStore("JKS", inputStream, str);
    }

    public void setTrustStore(InputStream inputStream, String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        setTrustStore("JKS", inputStream, str, null);
    }

    private SSLContext createSSLContext() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextInt();
            sSLContext.init(this.keyManagerFactory != null ? this.keyManagerFactory.getKeyManagers() : null, this.trustManagerFactory != null ? this.trustManagerFactory.getTrustManagers() : this.trustAll ? allowAllTrustManagers : null, secureRandom);
            return sSLContext;
        } catch (Exception e) {
            throw new NetworkError(e);
        }
    }

    private KeyStore loadKeyStore(String str, InputStream inputStream, String str2, String str3) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        if (inputStream == null) {
            throw new KeyStoreException("NULL key store");
        }
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(inputStream, str2 == null ? null : str2.toCharArray());
        if (str3 != null) {
            ArrayList arrayList = new ArrayList();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                arrayList.add(aliases.nextElement());
            }
            for (int i = 0; i < arrayList.size(); i++) {
                if (!((String) arrayList.get(i)).equals(str3)) {
                    keyStore.deleteEntry((String) arrayList.get(i));
                }
            }
        }
        return keyStore;
    }

    private void setKeyStore(String str, InputStream inputStream, String str2) throws UnrecoverableKeyException, CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
        setKeyStore(str, inputStream, str2, null, str2);
    }

    private void setKeyStore(String str, InputStream inputStream, String str2, String str3, String str4) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableKeyException {
        KeyStore loadKeyStore = loadKeyStore(str, inputStream, str2, str3);
        this.keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        this.keyManagerFactory.init(loadKeyStore, str4 == null ? null : str4.toCharArray());
    }

    private void setTrustStore(String str, InputStream inputStream, String str2, String str3) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore loadKeyStore = loadKeyStore(str, inputStream, str2, str3);
        this.trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
        this.trustManagerFactory.init(loadKeyStore);
    }
}
