package at.gv.util.ssl;

import at.gv.util.ToStringUtil;
import at.gv.util.TrustAllManager;
import at.gv.util.ex.EgovUtilException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Properties;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/util/ssl/SSLUtils.class */
public class SSLUtils {
    private static Logger log = LoggerFactory.getLogger(SSLUtils.class);

    public static boolean useLaxHostNameVerifier(Properties properties, String str) {
        try {
            return Boolean.parseBoolean(properties.getProperty(str + ".ssl.laxhostnameverification"));
        } catch (Exception e) {
            return false;
        }
    }

    public static SSLContext getPropertiesSSLContext(Properties properties, String str, String str2, boolean z) throws EgovUtilException {
        log.trace("Configuring SSL socket factory.");
        if (properties == null) {
            throw new NullPointerException("Argument 'properties' must not be null.");
        }
        if (str == null) {
            throw new NullPointerException("Argument 'configDir' must not be null.");
        }
        boolean z2 = (properties.getProperty(new StringBuilder().append(str2).append(".ssl.keystore.file").toString()) == null && properties.getProperty(new StringBuilder().append(str2).append(".ssl.truststore.file").toString()) == null && !"true".equalsIgnoreCase(properties.getProperty(new StringBuilder().append(str2).append(".ssl.trustall").toString()))) ? false : true;
        log.trace("SSL enabled: " + z2);
        if (!z2) {
            throw new EgovUtilException("Please provide an SSL configuration in your properties file.");
        }
        log.trace("Configuring using standard JKS or PKCS12 keystore/truststore.");
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyManager[] keyManagerArr = null;
            if (properties.getProperty(str2 + ".ssl.keystore.file") != null) {
                log.trace("Keystore definition found.");
                String property = properties.getProperty(str2 + ".ssl.keystore.file");
                File file = new File(property);
                File file2 = file.isAbsolute() ? file : new File(str, property);
                log.trace("Key store location: " + file2);
                String property2 = properties.getProperty(str2 + ".ssl.keystore.password");
                if (property2 == null) {
                    log.trace("No keystore password set in configuration, using empty password.");
                    property2 = ToStringUtil.DEFAULT_AROUND;
                }
                String property3 = properties.getProperty(str2 + ".ssl.keystore.type");
                if (property3 == null) {
                    log.trace("No keystore type set in configuration, using default JKS.");
                    property3 = "JKS";
                }
                log.trace("Key store type: " + property3);
                KeyStore keyStore = KeyStore.getInstance(property3);
                keyStore.load(new FileInputStream(file2), property2.toCharArray());
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, property2.toCharArray());
                keyManagerArr = keyManagerFactory.getKeyManagers();
            } else {
                log.trace("No keystore definition found. Not using SSL client authentication.");
            }
            TrustManager[] trustManagerArr = null;
            if (z || "true".equalsIgnoreCase(properties.getProperty(str2 + ".ssl.trustall"))) {
                log.info("Trust all property is switched on. This setting is not recommended.");
                trustManagerArr = new TrustManager[]{new TrustAllManager()};
            } else if (properties.getProperty(str2 + ".ssl.truststore.file") != null) {
                log.trace("Using standard trust store mechanism (truststore file definition found).");
                String property4 = properties.getProperty(str2 + ".ssl.truststore.file");
                File file3 = new File(property4);
                File file4 = file3.isAbsolute() ? file3 : new File(str, property4);
                log.trace("Trust store file location: " + file4);
                if (file4 == null) {
                    throw new EgovUtilException("Please set a trust store in your configuration or switch the trust all property on.");
                }
                String property5 = properties.getProperty(str2 + ".ssl.truststore.password");
                if (property5 == null) {
                    log.trace("No truststore password set in configuration, using empty password.");
                    property5 = ToStringUtil.DEFAULT_AROUND;
                }
                String property6 = properties.getProperty(str2 + ".ssl.truststore.type");
                if (property6 == null) {
                    log.trace("No truststore type set in configuration, using default JKS.");
                    property6 = "JKS";
                }
                log.trace("Trust store type: " + property6);
                KeyStore keyStore2 = KeyStore.getInstance(property6);
                keyStore2.load(new FileInputStream(file4), property5.toCharArray());
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore2);
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } else {
                log.warn("No truststore definition found. Using standard Java truststore mechanism.");
            }
            sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
            return sSLContext;
        } catch (FileNotFoundException e) {
            throw new EgovUtilException(e);
        } catch (IOException e2) {
            throw new EgovUtilException(e2);
        } catch (KeyManagementException e3) {
            throw new EgovUtilException(e3);
        } catch (KeyStoreException e4) {
            throw new EgovUtilException(e4);
        } catch (NoSuchAlgorithmException e5) {
            throw new EgovUtilException(e5);
        } catch (UnrecoverableKeyException e6) {
            throw new EgovUtilException(e6);
        } catch (CertificateException e7) {
            throw new EgovUtilException(e7);
        }
    }
}
