package dm.jdbc.b.a;

import dm.jdbc.driver.DmdbConnection;
import dm.jdbc.util.StringUtil;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;

/* compiled from: FullDuplexValidatingFactory.java */
/* loaded from: input_file:dm/jdbc/b/a/a.class */
public class a extends d {
    public static String dV = "SunX509";
    public static String ej = "JKS";
    public static List ek = new ArrayList();
    public static String el;
    private KeyStore em = null;
    private String en = "changeit";

    static {
        el = "TLSv1";
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, null, null);
            String[] supportedProtocols = ((SSLSocket) sSLContext.getSocketFactory().createSocket()).getSupportedProtocols();
            String property = Security.getProperty("jdk.tls.disabledAlgorithms");
            String[] split = StringUtil.isNotEmpty(property) ? property.split(", ") : null;
            for (String str : new String[]{"TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}) {
                if (StringUtil.containsIgnoreCase(supportedProtocols, str) && !StringUtil.containsIgnoreCase(split, str)) {
                    ek.add(str);
                }
            }
            if (ek.size() > 0) {
                el = (String) ek.get(0);
            }
        } catch (Exception unused) {
        }
    }

    public a(DmdbConnection dmdbConnection) {
        b(dmdbConnection);
        X();
    }

    private void b(DmdbConnection dmdbConnection) {
        FileInputStream fileInputStream = null;
        try {
            this.em = KeyStore.getInstance(ej);
            String str = dmdbConnection.user;
            if (StringUtil.isNotEmpty(dmdbConnection.sslKeystorePass)) {
                this.en = dmdbConnection.sslKeystorePass;
            }
            fileInputStream = new FileInputStream(a(dmdbConnection.sslFilesPath, str));
            this.em.load(fileInputStream, this.en.toCharArray());
            if (!h(((X509Certificate) this.em.getCertificate("1")).getSubjectDN().getName()).equals(str)) {
                throw new KeyStoreException();
            }
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private String h(String str) {
        int indexOf = str.indexOf("CN=");
        return str.substring(indexOf + "CN=".length(), str.indexOf(",", indexOf));
    }

    private String a(String str, String str2) {
        if (StringUtil.isEmpty(str)) {
            str = String.valueOf(System.getProperty("DM_HOME")) + File.separator + "bin" + File.separator + "client_ssl" + File.separator + str2;
        }
        if (new File(str).isDirectory()) {
            str = String.valueOf(str) + File.separator + ".keystore";
        }
        return str;
    }

    private void X() {
        try {
            Security.addProvider((Provider) Class.forName("com.sun.net.ssl.internal.ssl.Provider").newInstance());
        } catch (Throwable unused) {
        }
        SSLContext sSLContext = SSLContext.getInstance(el);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(dV);
        keyManagerFactory.init(this.em, this.en.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(dV);
        trustManagerFactory.init(this.em);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        this.er = sSLContext.getSocketFactory();
    }
}
