package emissary.client;

import com.google.common.annotations.VisibleForTesting;
import emissary.config.ConfigUtil;
import emissary.config.Configurator;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.ConnectionReuseStrategy;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.DefaultConnectionReuseStrategy;
import org.apache.http.impl.NoConnectionReuseStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.log4j.Logger;

/* loaded from: input_file:emissary/client/HTTPConnectionFactory.class */
public class HTTPConnectionFactory {
    static final String CFG_TRUST_STORE = "javax.net.ssl.trustStore";
    static final String CFG_TRUST_STORE_TYPE = "javax.net.ssl.trustStoreType";
    static final String CFG_TRUST_STORE_PW = "javax.net.ssl.trustStorePassword";
    static final String CFG_KEY_STORE = "javax.net.ssl.keyStore";
    static final String CFG_KEY_STORE_TYPE = "javax.net.ssl.keyStoreType";
    static final String CFG_KEY_STORE_PW = "javax.net.ssl.keyStorePassword";
    static final String CFG_HTTP_KEEPALIVE = "http.keepAlive";
    static final String CFG_HTTP_MAXCONNS = "http.maxConnections";
    static final String CFG_HTTP_AGENT = "http.agent";
    static final String CFG_NOOP_VERIFIER = "https.useNoopHostnameVerifier";
    static final String CFG_SSLCONTEXT_TYPE = "emissary.sslcontext.type";
    static final String DEFAULT_HTTP_AGENT = "emissary";
    static final int DFLT_MAXCONNS = 200;
    static final boolean DFLT_KEEPALIVE = true;
    static final String DFLT_STORE_TYPE = "JKS";
    static final String DFLT_CONTEXT_TYPE = "TLS";
    private static final String HTTP = "http";
    private static final String HTTPS = "https";
    private static final String FILE_PRE = "file://";
    private static final Pattern ENV_VARIABLE_PATTERN = Pattern.compile("\\$\\{(\\w+)}");
    private static final Logger log = Logger.getLogger(HTTPConnectionFactory.class);
    private static final HTTPConnectionFactory FACTORY = new HTTPConnectionFactory();
    final PoolingHttpClientConnectionManager connMan;
    private ConnectionReuseStrategy connReuseStrategy;
    int maxConns;
    String userAgent;

    private HTTPConnectionFactory() {
        this(null);
    }

    @VisibleForTesting
    HTTPConnectionFactory(Configurator configurator) {
        Configurator configInfo;
        this.connReuseStrategy = DefaultConnectionReuseStrategy.INSTANCE;
        this.maxConns = DFLT_MAXCONNS;
        this.userAgent = "emissary";
        Registry registry = null;
        if (configurator == null) {
            try {
                configInfo = ConfigUtil.getConfigInfo((Class<?>) HTTPConnectionFactory.class);
            } catch (IOException | GeneralSecurityException e) {
                log.error("Error configuring HTTPConnectionFactory. The connection factory will use HTTP Client default settings", e);
            }
        } else {
            configInfo = configurator;
        }
        Configurator configurator2 = configInfo;
        if (!configurator2.findBooleanEntry(CFG_HTTP_KEEPALIVE, true)) {
            this.connReuseStrategy = NoConnectionReuseStrategy.INSTANCE;
        }
        this.maxConns = configurator2.findIntEntry(CFG_HTTP_MAXCONNS, DFLT_MAXCONNS);
        this.userAgent = configurator2.findStringEntry(CFG_HTTP_AGENT, "emissary");
        registry = RegistryBuilder.create().register(HTTP, PlainConnectionSocketFactory.getSocketFactory()).register(HTTPS, new SSLConnectionSocketFactory(build(configurator2), configurator2.findBooleanEntry(CFG_NOOP_VERIFIER, false) ? new NoopHostnameVerifier() : new DefaultHostnameVerifier())).build();
        if (registry == null) {
            this.connMan = new PoolingHttpClientConnectionManager();
        } else {
            this.connMan = new PoolingHttpClientConnectionManager(registry);
        }
        this.connMan.setMaxTotal(this.maxConns);
    }

    SSLContext build(Configurator configurator) throws IOException, GeneralSecurityException {
        char[] loadPW = loadPW(configurator.findStringEntry(CFG_KEY_STORE_PW));
        char[] loadPW2 = loadPW(configurator.findStringEntry(CFG_TRUST_STORE_PW));
        KeyStore buildStore = buildStore(configurator.findStringEntry(CFG_KEY_STORE), loadPW, configurator.findStringEntry(CFG_KEY_STORE_TYPE, DFLT_STORE_TYPE));
        KeyStore buildStore2 = buildStore(configurator.findStringEntry(CFG_TRUST_STORE), loadPW2, configurator.findStringEntry(CFG_TRUST_STORE_TYPE, DFLT_STORE_TYPE));
        if (buildStore2 == null && buildStore == null) {
            log.debug("Trust Store and Key Store are null. Using JDK default SSLContext");
            return SSLContext.getDefault();
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(buildStore2);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(buildStore, loadPW);
        SSLContext sSLContext = SSLContext.getInstance(configurator.findStringEntry(CFG_SSLCONTEXT_TYPE, DFLT_CONTEXT_TYPE));
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    static char[] loadPW(String str) throws IOException {
        String str2;
        if (str == null) {
            return null;
        }
        if (str.startsWith(FILE_PRE)) {
            String substring = str.substring(FILE_PRE.length());
            log.debug("Loading key password from file " + substring);
            BufferedReader bufferedReader = new BufferedReader(new FileReader(substring));
            Throwable th = null;
            try {
                try {
                    str2 = bufferedReader.readLine();
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    if (str2 == null) {
                        throw new IOException("Unable to load store password from " + str);
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (bufferedReader != null) {
                    if (th != null) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        bufferedReader.close();
                    }
                }
                throw th3;
            }
        } else {
            Matcher matcher = ENV_VARIABLE_PATTERN.matcher(str);
            str2 = matcher.matches() ? System.getenv(matcher.group(1)) : str;
        }
        return str2.toCharArray();
    }

    private static KeyStore buildStore(String str, char[] cArr, String str2) throws IOException, GeneralSecurityException {
        if (str == null || str.isEmpty()) {
            return null;
        }
        KeyStore keyStore = KeyStore.getInstance(str2);
        InputStream newInputStream = Files.newInputStream(Paths.get(str, new String[0]), new OpenOption[0]);
        Throwable th = null;
        try {
            try {
                keyStore.load(newInputStream, cArr);
                if (newInputStream != null) {
                    if (0 != 0) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
                return keyStore;
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (newInputStream != null) {
                if (th != null) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    newInputStream.close();
                }
            }
            throw th4;
        }
    }

    public PoolingHttpClientConnectionManager getDefaultConnectionManager() {
        return this.connMan;
    }

    public CloseableHttpClient buildDefaultClient() {
        return HttpClientBuilder.create().setConnectionManager(this.connMan).setConnectionManagerShared(true).setUserAgent(this.userAgent).setConnectionReuseStrategy(this.connReuseStrategy).build();
    }

    public static HTTPConnectionFactory getFactory() {
        return FACTORY;
    }
}
