package net.sf.sahi.ssl;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Properties;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import net.sf.sahi.config.Configuration;
import net.sf.sahi.request.HttpRequest;
import net.sf.sahi.util.Utils;
import org.sakuli.services.forwarder.icinga2.model.builder.Icinga2OutputBuilder;

/* loaded from: input_file:net/sf/sahi/ssl/SSLHelper.class */
public class SSLHelper {
    private String defaultFilePath = Utils.concatPaths(Configuration.getCertsPath(), "sahi_example_com");
    private static final Logger logger = Logger.getLogger("net.sf.sahi.ssl.SSLHelper");
    static HashMap<String, SSLSocketFactory> sslSocketFactories = new HashMap<>();

    private SSLSocketFactory getSSLClientSocketFactory(String str) throws IOException {
        if (str == null) {
            str = Configuration.getCommonDomain();
        }
        if (!sslSocketFactories.containsKey(str)) {
            SSLSocketFactory createSocketFactory = createSocketFactory(getTrustStoreFilePath(str), Configuration.getSSLPassword());
            if (createSocketFactory != null) {
                sslSocketFactories.put(str, createSocketFactory);
            }
        }
        return sslSocketFactories.get(str);
    }

    private SSLSocketFactory createSocketFactory(String str, String str2) {
        try {
            KeyManagerFactory keyManagerFactory = getKeyManagerFactory(str, str2, "JKS");
            SSLContext sSLContext = SSLContext.getInstance("SSLv3");
            sSLContext.init(keyManagerFactory.getKeyManagers(), getAllTrustingManager(), new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            e.printStackTrace();
            return (SSLSocketFactory) SSLSocketFactory.getDefault();
        }
    }

    public static KeyManagerFactory getKeyManagerFactoryForRemoteFetch() throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, FileNotFoundException, CertificateException, IOException {
        String sSLClientCertPath = Configuration.getSSLClientCertPath();
        logger.info(sSLClientCertPath == null ? "No SSL Client Cert specified" : "\n----\nSSL Client Cert Path = " + sSLClientCertPath + "\n----");
        return getKeyManagerFactory(sSLClientCertPath, Configuration.getSSLClientCertPassword(), Configuration.getSSLClientKeyStoreType());
    }

    public static KeyManagerFactory getKeyManagerFactory(String str, String str2, String str3) throws NoSuchAlgorithmException, KeyStoreException, FileNotFoundException, IOException, CertificateException, UnrecoverableKeyException {
        char[] charArray = str2 == null ? null : str2.toCharArray();
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(Configuration.getSSLAlgorithm());
        KeyStore keyStore = KeyStore.getInstance(str3);
        FileInputStream fileInputStream = null;
        if (str != null) {
            try {
                fileInputStream = new FileInputStream(str);
            } catch (IOException e) {
                logger.warning("\n----\nCertificate not found: " + str + "\n----");
            }
        }
        keyStore.load(fileInputStream, charArray);
        keyManagerFactory.init(keyStore, charArray);
        return keyManagerFactory;
    }

    private String getTrustStoreFilePath(String str) {
        String concatPaths = Utils.concatPaths(Configuration.getCertsPath(), getCertsFileName(str));
        if (new File(concatPaths).exists()) {
            return concatPaths;
        }
        if (!Configuration.autoCreateSSLCertificates()) {
            return this.defaultFilePath;
        }
        String sSLCommand = getSSLCommand(str, concatPaths, Configuration.getSSLPassword(), Configuration.getKeytoolPath());
        try {
            executeCommand(sSLCommand);
            return concatPaths;
        } catch (Exception e) {
            System.out.println("\n\n\n--------------------HTTPS/SSL START--------------------\n\nSahi is trying to create a certificate for domain: \n" + str + "\n\nIf you are unable to connect to this HTTPS site, do the following:\nCheck on your filesystem to see if a file like " + Icinga2OutputBuilder.ICINGA_SEPARATOR + concatPaths + "\nhas been created.\n\nIf not, then create it by running the command below on a command prompt.\nNote that you need 'keytool' to be in your path. \nkeytool comes with the JDK by default and is present in <JAVA_HOME>/bin.\n\nOnce you create that file, SSL/HTTPS should work properly for that site.\n\n\n-------COMMAND START-------\n\n" + getPrintableSSLCommand(sSLCommand) + "\n\n-------COMMAND END-------\n\nThe files in certs can be copied over to other systems to make ssl/https work there.\n\n--------------------HTTPS/SSL END--------------------\n\n\n");
            return concatPaths;
        }
    }

    private static synchronized void executeCommand(String str) throws Exception {
        Utils.executeCommand(Utils.getCommandTokens(str));
    }

    private String getCertsFileName(String str) {
        return str.replace('.', '_');
    }

    String getPrintableSSLCommand(String str) {
        return str.replace('\n', ' ').replaceAll("\r", "");
    }

    String getSSLCommand(String str, String str2, String str3, String str4) {
        String trim = new String(Utils.readCachedFile(Configuration.getSSLCommandFile())).trim();
        Properties properties = new Properties();
        properties.put("domain", str);
        properties.put("keystore", Utils.escapeDoubleQuotesAndBackSlashes(str2));
        properties.put("password", str3);
        properties.put("keytool", Utils.escapeDoubleQuotesAndBackSlashes(str4));
        return Utils.substitute(trim, properties);
    }

    public static TrustManager[] getAllTrustingManager() {
        return new TrustManager[]{new X509TrustManager() { // from class: net.sf.sahi.ssl.SSLHelper.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }
        }};
    }

    public Socket getSocket(HttpRequest httpRequest, InetAddress inetAddress, int i) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) getSSLClientSocketFactory(inetAddress.getHostName()).createSocket(inetAddress, i);
        sSLSocket.setUseClientMode(true);
        sSLSocket.setEnabledCipherSuites(sSLSocket.getSupportedCipherSuites());
        return sSLSocket;
    }

    public SSLSocket convertToSecureSocket(Socket socket, String str) {
        try {
            return (SSLSocket) getSSLClientSocketFactory(str).createSocket(socket, socket.getInetAddress().getHostName(), socket.getPort(), true);
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public SSLSocket convertToSecureServerSocket(Socket socket, String str) {
        SSLSocket convertToSecureSocket = convertToSecureSocket(socket, str);
        convertToSecureSocket.setUseClientMode(false);
        return convertToSecureSocket;
    }
}
