package io.ballerina.messaging.broker.amqp;

import io.netty.channel.ChannelHandler;
import io.netty.handler.ssl.SslHandler;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:io/ballerina/messaging/broker/amqp/SslHandlerFactory.class */
public class SslHandlerFactory {
    private SSLContext sslContext;

    public SslHandlerFactory(AmqpServerConfiguration amqpServerConfiguration) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        KeyStore keyStore = getKeyStore(amqpServerConfiguration.getSsl().getKeyStore().getType(), amqpServerConfiguration.getSsl().getKeyStore().getLocation(), amqpServerConfiguration.getSsl().getKeyStore().getPassword());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(amqpServerConfiguration.getSsl().getKeyStore().getCertType());
        keyManagerFactory.init(keyStore, amqpServerConfiguration.getSsl().getKeyStore().getPassword().toCharArray());
        KeyStore keyStore2 = getKeyStore(amqpServerConfiguration.getSsl().getTrustStore().getType(), amqpServerConfiguration.getSsl().getTrustStore().getLocation(), amqpServerConfiguration.getSsl().getTrustStore().getPassword());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(amqpServerConfiguration.getSsl().getTrustStore().getCertType());
        trustManagerFactory.init(keyStore2);
        this.sslContext = SSLContext.getInstance(amqpServerConfiguration.getSsl().getProtocol());
        this.sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
    }

    private KeyStore getKeyStore(String str, String str2, String str3) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(str);
        InputStream inputStream = null;
        try {
            inputStream = Files.newInputStream(getPath(str2), new OpenOption[0]);
            keyStore.load(inputStream, str3.toCharArray());
            if (inputStream != null) {
                inputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (inputStream != null) {
                inputStream.close();
            }
            throw th;
        }
    }

    private Path getPath(String str) {
        Path path = Paths.get(str, new String[0]);
        if (Files.notExists(path, new LinkOption[0])) {
            path = Paths.get(System.getProperty("message.broker.home") + File.separator + str, new String[0]);
        }
        return path;
    }

    public ChannelHandler create() {
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine();
        createSSLEngine.setUseClientMode(false);
        return new SslHandler(createSSLEngine);
    }
}
