package org.coodex.ssl;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Set;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.coodex.util.Common;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/coodex/ssl/X509CertsSSLContextFactory.class */
public class X509CertsSSLContextFactory implements SSLContextFactory {
    private static final Logger log = LoggerFactory.getLogger(X509CertsSSLContextFactory.class);
    private static final String CERT_PATH = "certPath:".toLowerCase();
    private static final String CLASS_PATH = "classpath:";
    private static final String ALIAS = "concrete-certs-alias-";

    @Override // org.coodex.ssl.SSLContextFactory
    public SSLContext getSSLContext(String str) throws Throwable {
        Set<String> arrayToSet = Common.arrayToSet(Common.toArray(Common.trim(str.substring(CERT_PATH.length()), ',', ' ', ':', ';'), ";", new String[0]));
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        int i = 1;
        for (String str2 : arrayToSet) {
            if (!Common.isBlank(str2)) {
                if (str2.toLowerCase().startsWith(CLASS_PATH)) {
                    for (String str3 : Common.toArray(str2.substring(CLASS_PATH.length()), ",", new String[0])) {
                        int i2 = i;
                        i++;
                        loadCertFromInputStream(keyStore, getCertFromResource(str3), ALIAS + i2);
                    }
                } else {
                    int i3 = i;
                    i++;
                    loadCertFromInputStream(keyStore, getCertFromFile(str2), ALIAS + i3);
                }
            }
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    private void loadCertFromInputStream(KeyStore keyStore, InputStream inputStream, String str) throws CertificateException, KeyStoreException, IOException {
        if (inputStream == null) {
            return;
        }
        try {
            keyStore.setCertificateEntry(str, CertificateFactory.getInstance("X.509").generateCertificate(inputStream));
            inputStream.close();
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }

    private InputStream getCertFromResource(String str) throws IOException {
        if (Common.isBlank(str)) {
            return null;
        }
        URL resource = Common.getResource(Common.trim(str, ' ', '/'), new ClassLoader[0]);
        if (resource != null) {
            return resource.openStream();
        }
        log.warn("cert resource not found: classpath:{}", str);
        return null;
    }

    private InputStream getCertFromFile(String str) throws IOException {
        if (Common.isBlank(str)) {
            return null;
        }
        File file = new File(str);
        if (file.exists() && file.isFile()) {
            return new FileInputStream(file);
        }
        log.warn("cert file {} not exists.", str);
        return null;
    }

    @Override // org.coodex.util.AcceptableService
    public boolean accept(String str) {
        return !Common.isBlank(str) && str.toLowerCase().startsWith(CERT_PATH);
    }
}
