package br.com.esec.icpm.signer.ws.rest;

import br.com.esec.icpm.signer.security.SecurityConfig;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.ws.rs.client.ClientBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.X509HostnameVerifier;

/* loaded from: input_file:br/com/esec/icpm/signer/ws/rest/SslUtils.class */
public class SslUtils {
    public static void config(ClientBuilder clientBuilder) {
        clientBuilder.sslContext(buildSslContext());
        clientBuilder.hostnameVerifier(getHostNameVerifier());
    }

    public static SSLContext buildSslContext() {
        try {
            SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
            if (SecurityConfig.getKeystore() != null) {
                sSLContextBuilder.loadKeyMaterial(SecurityConfig.getKeystore(), SecurityConfig.getKeystorePassword().toCharArray());
            }
            sSLContextBuilder.loadTrustMaterial((KeyStore) null);
            if (SecurityConfig.getTruststore() != null) {
                sSLContextBuilder.loadTrustMaterial(SecurityConfig.getTruststore());
            }
            return sSLContextBuilder.build();
        } catch (IOException e) {
            throw new IllegalStateException(e);
        } catch (KeyManagementException e2) {
            throw new IllegalStateException(e2);
        } catch (KeyStoreException e3) {
            throw new IllegalStateException(e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new IllegalStateException(e4);
        } catch (UnrecoverableKeyException e5) {
            throw new IllegalStateException(e5);
        } catch (CertificateException e6) {
            throw new IllegalStateException(e6);
        }
    }

    public static X509HostnameVerifier getHostNameVerifier() {
        return SecurityConfig.isAllowAllHosts() ? SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER : SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
    }
}
