package org.mockserver.socket;

import com.google.common.annotations.VisibleForTesting;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.net.Socket;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/mockserver/socket/SSLFactory.class */
public class SSLFactory {
    public static final String KEY_STORE_CERT_ALIAS = "certAlias";
    public static final String KEY_STORE_CA_ALIAS = "caAlias";
    public static final String KEY_STORE_PASSWORD = "changeit";
    public static final String KEY_STORE_FILENAME = "keystore.jks";
    private static final SSLFactory sslFactory = new SSLFactory();
    private static final Logger logger = LoggerFactory.getLogger(SSLFactory.class);
    private static final TrustManager DUMMY_TRUST_MANAGER = new X509TrustManager() { // from class: org.mockserver.socket.SSLFactory.1
        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            SSLFactory.logger.trace("Approving client certificate for: " + x509CertificateArr[0].getSubjectDN());
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            SSLFactory.logger.trace("Approving server certificate for: " + x509CertificateArr[0].getSubjectDN());
        }
    };
    private KeyStore keystore;

    @VisibleForTesting
    SSLFactory() {
    }

    public static SSLFactory getInstance() {
        return sslFactory;
    }

    public SSLContext sslContext() {
        try {
            KeyManagerFactory keyManagerFactoryInstance = getKeyManagerFactoryInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactoryInstance.init(buildKeyStore(), "changeit".toCharArray());
            SSLContext sSLContextInstance = getSSLContextInstance("TLS");
            sSLContextInstance.init(keyManagerFactoryInstance.getKeyManagers(), new TrustManager[]{DUMMY_TRUST_MANAGER}, null);
            return sSLContextInstance;
        } catch (Exception e) {
            throw new RuntimeException("Failed to initialize the SSLContext", e);
        }
    }

    public SSLSocket wrapSocket(Socket socket) throws Exception {
        SSLSocket sSLSocket = (SSLSocket) sslContext().getSocketFactory().createSocket(socket, socket.getInetAddress().getHostAddress(), socket.getPort(), true);
        sSLSocket.setUseClientMode(true);
        sSLSocket.startHandshake();
        return sSLSocket;
    }

    public KeyStore buildKeyStore() {
        if (this.keystore == null) {
            File file = new File(KEY_STORE_FILENAME);
            if (file.exists()) {
                loadKeyStore(file);
            } else {
                dynamicallyCreateKeyStore();
                saveKeyStore();
            }
        }
        return this.keystore;
    }

    @VisibleForTesting
    SSLContext getSSLContextInstance(String str) throws NoSuchAlgorithmException {
        return SSLContext.getInstance(str);
    }

    @VisibleForTesting
    KeyManagerFactory getKeyManagerFactoryInstance(String str) throws NoSuchAlgorithmException {
        return KeyManagerFactory.getInstance(str);
    }

    private void dynamicallyCreateKeyStore() {
        try {
            this.keystore = new KeyStoreFactory().generateCertificate(KEY_STORE_CERT_ALIAS, KEY_STORE_CA_ALIAS, "changeit".toCharArray(), "localhost", null, null);
        } catch (Exception e) {
            throw new RuntimeException("Exception while building KeyStore dynamically", e);
        }
    }

    private void loadKeyStore(File file) {
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(KEY_STORE_FILENAME);
                logger.trace("Loading key store from file [" + file + "]");
                this.keystore = KeyStore.getInstance(KeyStore.getDefaultType());
                this.keystore.load(fileInputStream, "changeit".toCharArray());
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        } catch (Exception e) {
            throw new RuntimeException("Exception while loading KeyStore from " + file.getAbsolutePath(), e);
        }
    }

    private void saveKeyStore() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            this.keystore.store(byteArrayOutputStream, "changeit".toCharArray());
            File file = new File(KEY_STORE_FILENAME);
            logger.trace("Saving key store to file [" + file + "]");
            FileOutputStream fileOutputStream = null;
            try {
                fileOutputStream = new FileOutputStream(file);
                fileOutputStream.write(byteArrayOutputStream.toByteArray());
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                file.deleteOnExit();
            } catch (Throwable th) {
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                throw th;
            }
        } catch (Exception e) {
            throw new RuntimeException("Exception while saving KeyStore", e);
        }
    }
}
