package com.veertu.ankaMgmtSdk;

import java.io.IOException;
import java.io.StringReader;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.ssl.SSLContextBuilder;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;

/* loaded from: input_file:WEB-INF/lib/anka-build.jar:com/veertu/ankaMgmtSdk/AnkaMgmtClientCertAuthCommunicator.class */
public class AnkaMgmtClientCertAuthCommunicator extends AnkaMgmtCommunicator {
    protected ClientCertAuthenticator authenticator;

    public AnkaMgmtClientCertAuthCommunicator(String str, String str2, String str3) {
        super(str);
        this.authenticator = new ClientCertAuthenticator(str2, str3);
    }

    public AnkaMgmtClientCertAuthCommunicator(String str, boolean z, String str2, String str3) {
        super(str, z);
        this.authenticator = new ClientCertAuthenticator(str2, str3);
    }

    public AnkaMgmtClientCertAuthCommunicator(String str, boolean z, String str2, String str3, String str4) {
        super(str, z, str4);
        this.authenticator = new ClientCertAuthenticator(str2, str3);
    }

    @Override // com.veertu.ankaMgmtSdk.AnkaMgmtCommunicator
    protected CloseableHttpClient makeHttpClient() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, KeyManagementException {
        RequestConfig.Builder connectionRequestTimeout = RequestConfig.custom().setConnectTimeout(30000).setConnectionRequestTimeout(30000);
        connectionRequestTimeout.setSocketTimeout(30000);
        HttpClientBuilder create = HttpClientBuilder.create();
        KeyStore keyStore = this.authenticator.getKeyStore();
        if (this.rootCA != null) {
            BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
            keyStore.setCertificateEntry("rootCA", new JcaX509CertificateConverter().setProvider(bouncyCastleProvider).getCertificate((X509CertificateHolder) new PEMParser(new StringReader(this.rootCA)).readObject()));
        }
        SSLContext build = new SSLContextBuilder().loadKeyMaterial(keyStore, this.authenticator.getPemPassword().toCharArray()).loadTrustMaterial(keyStore, getTrustStartegy()).build();
        create.setSSLContext(build);
        setTLSVerificationIfDefined(build, create);
        return create.setDefaultRequestConfig(connectionRequestTimeout.build()).build();
    }
}
