package org.voovan.network;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.voovan.tools.TString;

/* loaded from: input_file:org/voovan/network/SSLManager.class */
public class SSLManager {
    private KeyManagerFactory keyManagerFactory;
    private TrustManagerFactory trustManagerFactory;
    private SSLContext context;
    private SSLEngine engine;
    private boolean needClientAuth;
    private String protocol;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/voovan/network/SSLManager$DefaultTrustManager.class */
    public static class DefaultTrustManager implements X509TrustManager {
        private DefaultTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public SSLManager(String str) throws NoSuchAlgorithmException {
        this.needClientAuth = true;
        this.protocol = str;
    }

    public SSLManager(String str, boolean z) throws SSLException {
        this.needClientAuth = z;
        this.protocol = str;
    }

    public SSLEngine getSSLEngine() {
        return this.engine;
    }

    public void loadCertificate(String str, String str2, String str3) throws SSLException {
        FileInputStream fileInputStream = null;
        try {
            try {
                this.keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                this.trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                fileInputStream = new FileInputStream(str);
                keyStore.load(fileInputStream, str2.toCharArray());
                this.keyManagerFactory.init(keyStore, str3.toCharArray());
                this.trustManagerFactory.init(keyStore);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
                throw th;
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e3) {
            throw new SSLException("Init SSLContext Error: " + e3.getMessage(), e3);
        }
    }

    private synchronized void init(String str) throws SSLException {
        if (TString.isNullOrEmpty(str)) {
            this.protocol = "SSL";
        }
        try {
            this.context = SSLContext.getInstance(str, "SunJSSE");
            if (this.keyManagerFactory == null || this.trustManagerFactory == null) {
                this.context.init(null, new TrustManager[]{new DefaultTrustManager()}, new SecureRandom());
            } else {
                this.context.init(this.keyManagerFactory.getKeyManagers(), this.trustManagerFactory.getTrustManagers(), new SecureRandom());
            }
        } catch (Exception e) {
            throw new SSLException("Init SSLContext Error: " + e.getMessage(), e);
        }
    }

    private synchronized void createSSLEngine(String str) throws SSLException {
        init(str);
        this.engine = this.context.createSSLEngine();
    }

    public SSLParser createClientSSLParser(IoSession ioSession) throws SSLException {
        createSSLEngine(this.protocol);
        this.engine.setUseClientMode(true);
        return new SSLParser(this.engine, ioSession);
    }

    public SSLParser createServerSSLParser(IoSession ioSession) throws SSLException {
        createSSLEngine(this.protocol);
        this.engine.setUseClientMode(false);
        this.engine.setNeedClientAuth(this.needClientAuth);
        return new SSLParser(this.engine, ioSession);
    }
}
