package org.apache.zookeeper.common;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.zookeeper.common.X509Exception;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/zookeeper-3.5.3-beta.jar:org/apache/zookeeper/common/X509Util.class */
public class X509Util {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) X509Util.class);

    @Deprecated
    public static final String SSL_KEYSTORE_LOCATION = "zookeeper.ssl.keyStore.location";

    @Deprecated
    public static final String SSL_KEYSTORE_PASSWD = "zookeeper.ssl.keyStore.password";

    @Deprecated
    public static final String SSL_TRUSTSTORE_LOCATION = "zookeeper.ssl.trustStore.location";

    @Deprecated
    public static final String SSL_TRUSTSTORE_PASSWD = "zookeeper.ssl.trustStore.password";

    @Deprecated
    public static final String SSL_AUTHPROVIDER = "zookeeper.ssl.authProvider";

    public static SSLContext createSSLContext() throws X509Exception.SSLContextException {
        return createSSLContext(new ZKConfig());
    }

    public static SSLContext createSSLContext(ZKConfig zKConfig) throws X509Exception.SSLContextException {
        KeyManager[] keyManagerArr = null;
        TrustManager[] trustManagerArr = null;
        String property = zKConfig.getProperty("zookeeper.ssl.keyStore.location");
        String property2 = zKConfig.getProperty("zookeeper.ssl.keyStore.password");
        if (property == null && property2 == null) {
            LOG.warn("keystore not specified for client connection");
        } else {
            if (property == null) {
                throw new X509Exception.SSLContextException("keystore location not specified for client connection");
            }
            if (property2 == null) {
                throw new X509Exception.SSLContextException("keystore password not specified for client connection");
            }
            try {
                keyManagerArr = new KeyManager[]{createKeyManager(property, property2)};
            } catch (X509Exception.KeyManagerException e) {
                throw new X509Exception.SSLContextException("Failed to create KeyManager", e);
            }
        }
        String property3 = zKConfig.getProperty("zookeeper.ssl.trustStore.location");
        String property4 = zKConfig.getProperty("zookeeper.ssl.trustStore.password");
        if (property3 == null && property4 == null) {
            LOG.warn("keystore not specified for client connection");
        } else {
            if (property3 == null) {
                throw new X509Exception.SSLContextException("keystore location not specified for client connection");
            }
            if (property4 == null) {
                throw new X509Exception.SSLContextException("keystore password not specified for client connection");
            }
            try {
                trustManagerArr = new TrustManager[]{createTrustManager(property3, property4)};
            } catch (X509Exception.TrustManagerException e2) {
                throw new X509Exception.SSLContextException("Failed to create KeyManager", e2);
            }
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLSv1");
            sSLContext.init(keyManagerArr, trustManagerArr, null);
            return sSLContext;
        } catch (Exception e3) {
            throw new X509Exception.SSLContextException(e3);
        }
    }

    public static X509KeyManager createKeyManager(String str, String str2) throws X509Exception.KeyManagerException {
        FileInputStream fileInputStream = null;
        try {
            try {
                char[] charArray = str2.toCharArray();
                File file = new File(str);
                KeyStore keyStore = KeyStore.getInstance("JKS");
                FileInputStream fileInputStream2 = new FileInputStream(file);
                keyStore.load(fileInputStream2, charArray);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, charArray);
                for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
                    if (keyManager instanceof X509KeyManager) {
                        X509KeyManager x509KeyManager = (X509KeyManager) keyManager;
                        if (fileInputStream2 != null) {
                            try {
                                fileInputStream2.close();
                            } catch (IOException e) {
                            }
                        }
                        return x509KeyManager;
                    }
                }
                throw new X509Exception.KeyManagerException("Couldn't find X509KeyManager");
            } catch (Exception e2) {
                throw new X509Exception.KeyManagerException(e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                }
            }
            throw th;
        }
    }

    public static X509TrustManager createTrustManager(String str, String str2) throws X509Exception.TrustManagerException {
        FileInputStream fileInputStream = null;
        try {
            try {
                char[] charArray = str2.toCharArray();
                File file = new File(str);
                KeyStore keyStore = KeyStore.getInstance("JKS");
                FileInputStream fileInputStream2 = new FileInputStream(file);
                keyStore.load(fileInputStream2, charArray);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore);
                for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                    if (trustManager instanceof X509TrustManager) {
                        X509TrustManager x509TrustManager = (X509TrustManager) trustManager;
                        if (fileInputStream2 != null) {
                            try {
                                fileInputStream2.close();
                            } catch (IOException e) {
                            }
                        }
                        return x509TrustManager;
                    }
                }
                throw new X509Exception.TrustManagerException("Couldn't find X509TrustManager");
            } catch (Exception e2) {
                throw new X509Exception.TrustManagerException(e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                }
            }
            throw th;
        }
    }
}
