package nl.wldelft.fews.common.security.truststore;

import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.log4j.Logger;

/* loaded from: input_file:nl/wldelft/fews/common/security/truststore/TrustStoreHandler.class */
public final class TrustStoreHandler {
    private static final Logger log = Logger.getLogger(TrustStoreHandler.class);

    private TrustStoreHandler() {
    }

    public static void setHttpsSessionPropertiesTrustStoreOnly(File file) {
        if (file != null && file.exists()) {
            setClientTrustStoreProperties(file);
            createHostnameVerifier();
        } else if (log.isDebugEnabled()) {
            log.debug("client truststore file " + file + " not found, so not setting system properties for https session.");
        }
    }

    public static void setHttpsSessionProperties(File file, File file2) {
        if (file == null || !file.exists()) {
            if (log.isDebugEnabled()) {
                log.debug("client keystore file " + file + " not found, so not setting system properties for https session.");
            }
        } else if (file2 == null || !file2.exists()) {
            if (log.isDebugEnabled()) {
                log.debug("client truststore file " + file2 + " not found, so not setting system properties for https session.");
            }
        } else {
            setClientKeyStoreProperties(file);
            setClientTrustStoreProperties(file2);
            createHostnameVerifier();
        }
    }

    private static void setClientKeyStoreProperties(File file) {
        if (file == null) {
            throw new IllegalArgumentException("clientKeyStore is null.");
        }
        if (System.getProperty("javax.net.ssl.keyStore") == null) {
            System.setProperty("javax.net.ssl.keyStore", file.getAbsolutePath());
        }
        if (System.getProperty("javax.net.ssl.keyStorePassword") == null) {
            System.setProperty("javax.net.ssl.keyStorePassword", "d3lftf3ws");
        }
        if (log.isDebugEnabled()) {
            log.debug("Using client keystore file: " + System.getProperty("javax.net.ssl.keyStore"));
        }
    }

    private static void setClientTrustStoreProperties(File file) {
        if (file == null) {
            throw new IllegalArgumentException("clientTrustStore is null.");
        }
        String property = System.getProperty("javax.net.ssl.trustStorePassword");
        if (property == null) {
            property = "d3lftf3ws";
        }
        initializeTrustStoreHandler(file.getAbsolutePath(), property);
        System.setProperty("javax.net.ssl.trustStore", file.getAbsolutePath());
        System.setProperty("javax.net.ssl.trustStorePassword", property);
        if (log.isDebugEnabled()) {
            log.debug("Using client truststore file: " + System.getProperty("javax.net.ssl.trustStore"));
        }
    }

    private static void createHostnameVerifier() {
        HttpsURLConnection.setDefaultHostnameVerifier((str, sSLSession) -> {
            if (str.equalsIgnoreCase(sSLSession.getPeerHost())) {
                return true;
            }
            log.warn("The host name in the https URL (" + str + ") does not match the one from the https session (" + sSLSession.getPeerHost() + "); this is usually due to failing reverse DNS lookups, which means you can ignore it.");
            return true;
        });
    }

    private static void initializeTrustStoreHandler(String str, String str2) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            X509TrustManager x509TrustManager = null;
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i < length) {
                    TrustManager trustManager = trustManagers[i];
                    if (trustManager != null && (trustManager instanceof X509TrustManager)) {
                        x509TrustManager = (X509TrustManager) trustManager;
                        break;
                    }
                    i++;
                } else {
                    break;
                }
            }
            FileInputStream fileInputStream = new FileInputStream(str);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(fileInputStream, str2.toCharArray());
            fileInputStream.close();
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory2.init(keyStore);
            X509TrustManager x509TrustManager2 = null;
            TrustManager[] trustManagers2 = trustManagerFactory2.getTrustManagers();
            int length2 = trustManagers2.length;
            int i2 = 0;
            while (true) {
                if (i2 < length2) {
                    TrustManager trustManager2 = trustManagers2[i2];
                    if (trustManager2 != null && (trustManager2 instanceof X509TrustManager)) {
                        x509TrustManager2 = (X509TrustManager) trustManager2;
                        break;
                    }
                    i2++;
                } else {
                    break;
                }
            }
            TrustManager trustManager3 = new 1(x509TrustManager, x509TrustManager2);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{trustManager3}, null);
            SSLContext.setDefault(sSLContext);
        } catch (Exception e) {
            throw new IllegalStateException("Couldn't initialize truststore,", e);
        }
    }

    public static void init(File file, File file2) {
        if (file2 == null && file != null) {
            setHttpsSessionPropertiesTrustStoreOnly(file);
        }
        if (file2 == null || file == null) {
            return;
        }
        setHttpsSessionProperties(file2, file);
    }
}
