package co.elastic.apm.agent.report.ssl;

import co.elastic.apm.agent.shaded.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;
import co.elastic.apm.agent.shaded.slf4j.Logger;
import co.elastic.apm.agent.shaded.slf4j.LoggerFactory;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.annotation.Nullable;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:elastic-apm-agent.jar:co/elastic/apm/agent/report/ssl/SslUtils.class */
public class SslUtils {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) SslUtils.class);
    private static final HostnameVerifier hostnameVerifier;

    @Nullable
    private static final SSLSocketFactory validateSocketFactory;

    @Nullable
    private static final SSLSocketFactory trustAllSocketFactory;

    public static HostnameVerifier getTrustAllHostnameVerifyer() {
        return hostnameVerifier;
    }

    @Nullable
    public static SSLSocketFactory getSSLSocketFactory(boolean z) {
        return z ? validateSocketFactory : trustAllSocketFactory;
    }

    @Nullable
    private static SSLSocketFactory createTrustAllSocketFactory(X509TrustManager x509TrustManager) {
        return createSocketFactory(new TrustManager[]{x509TrustManager});
    }

    @Nullable
    private static SSLSocketFactory createSocketFactory(TrustManager[] trustManagerArr) {
        try {
            SSLContext sSLContext = SSLContext.getInstance(SslConfigurationDefaults.PROTOCOL);
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            logger.warn(e.getMessage(), (Throwable) e);
            return null;
        }
    }

    private static X509TrustManager createTrustAllTrustManager() {
        return new X509TrustManager() { // from class: co.elastic.apm.agent.report.ssl.SslUtils.2
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
    }

    static {
        X509TrustManager createTrustAllTrustManager = createTrustAllTrustManager();
        validateSocketFactory = TLSFallbackSSLSocketFactory.wrapFactory(createSocketFactory(null));
        trustAllSocketFactory = TLSFallbackSSLSocketFactory.wrapFactory(createSocketFactory(new TrustManager[]{createTrustAllTrustManager}));
        hostnameVerifier = new HostnameVerifier() { // from class: co.elastic.apm.agent.report.ssl.SslUtils.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        };
    }
}
