package org.tio.core.ssl;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.tio.utils.hutool.ResourceUtil;
import org.tio.utils.hutool.StrUtil;

/* loaded from: input_file:org/tio/core/ssl/SslConfig.class */
public class SslConfig {
    private static final String ALGORITHM = "SunX509";
    private final ClientAuth clientAuth;
    private final SSLContext sslContext;

    public SslConfig(SSLContext sSLContext) {
        this(ClientAuth.NONE, sSLContext);
    }

    public SslConfig(ClientAuth clientAuth, SSLContext sSLContext) {
        this.clientAuth = clientAuth;
        this.sslContext = sSLContext;
    }

    public static SslConfig forServer(String str, String str2) {
        return forServer(str, str2, ClientAuth.NONE);
    }

    public static SslConfig forServer(String str, String str2, ClientAuth clientAuth) {
        return forServer(str, str2, (String) null, (String) null, clientAuth);
    }

    public static SslConfig forServer(String str, String str2, String str3, String str4, ClientAuth clientAuth) {
        return new SslConfig(clientAuth, getSslContext(str, str2, str3, str4));
    }

    public static SslConfig forServer(InputStream inputStream, String str) {
        return forServer(inputStream, str, ClientAuth.NONE);
    }

    public static SslConfig forServer(InputStream inputStream, String str, ClientAuth clientAuth) {
        return forServer(inputStream, str, (InputStream) null, (String) null, clientAuth);
    }

    public static SslConfig forServer(InputStream inputStream, String str, InputStream inputStream2, String str2, ClientAuth clientAuth) {
        return new SslConfig(clientAuth, getSslContext(inputStream, str, inputStream2, str2));
    }

    public static SslConfig forClient() {
        return forClient((InputStream) null, (String) null);
    }

    public static SslConfig forClient(String str, String str2) {
        return forClient((String) null, (String) null, str, str2);
    }

    public static SslConfig forClient(String str, String str2, String str3, String str4) {
        return new SslConfig(getSslContext(str, str2, str3, str4));
    }

    public static SslConfig forClient(InputStream inputStream, String str) {
        return new SslConfig(getSslContext((InputStream) null, (String) null, inputStream, str));
    }

    public static SslConfig forClient(InputStream inputStream, String str, InputStream inputStream2, String str2) {
        return new SslConfig(getSslContext(inputStream, str, inputStream2, str2));
    }

    public static SSLContext getSslContext(String str, String str2, String str3, String str4) {
        return getSslContext(str == null ? null : StrUtil.startWithIgnoreCase(str, "classpath:") ? ResourceUtil.getResourceAsStream(str) : ResourceUtil.getFileResource(str), str2, str3 == null ? null : StrUtil.startWithIgnoreCase(str3, "classpath:") ? ResourceUtil.getResourceAsStream(str3) : ResourceUtil.getFileResource(str3), str4);
    }

    public static SSLContext getSslContext(InputStream inputStream, String str, InputStream inputStream2, String str2) {
        KeyManager[] keyManagerArr = null;
        TrustManager[] trustManagerArr = null;
        if (inputStream != null) {
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(ALGORITHM);
                KeyStore keyStore = KeyStore.getInstance("JKS");
                char[] charArray = str == null ? null : str.toCharArray();
                keyStore.load(inputStream, charArray);
                keyManagerFactory.init(keyStore, charArray);
                keyManagerArr = keyManagerFactory.getKeyManagers();
            } catch (Exception e) {
                throw new IllegalArgumentException(e);
            }
        }
        if (inputStream2 != null) {
            trustManagerArr = getTrustManagers(inputStream2, str2 == null ? null : str2.toCharArray());
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
        return sSLContext;
    }

    private static TrustManager[] getTrustManagers(InputStream inputStream, char[] cArr) throws Exception {
        if (inputStream == null) {
            return new TrustManager[]{new X509TrustManager() { // from class: org.tio.core.ssl.SslConfig.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(ALGORITHM);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(inputStream, cArr);
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    public ClientAuth getClientAuth() {
        return this.clientAuth;
    }

    public SSLContext getSslContext() {
        return this.sslContext;
    }
}
