package org.reficio.ws.client.ssl;

import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.ArrayList;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.reficio.ws.client.core.Security;

/* loaded from: input_file:org/reficio/ws/client/ssl/SSLUtils.class */
public class SSLUtils {
    public static X509TrustManager getTrustManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
    }

    public static X509KeyManager getKeyManager(KeyStore keyStore, char[] cArr) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, cArr);
        return (X509KeyManager) keyManagerFactory.getKeyManagers()[0];
    }

    public static X509TrustManager getMultiTrustManager(X509TrustManager... x509TrustManagerArr) {
        ArrayList arrayList = new ArrayList();
        for (X509TrustManager x509TrustManager : x509TrustManagerArr) {
            arrayList.add(x509TrustManager);
        }
        return new MultiX509TrustManager(arrayList);
    }

    public static SSLSocketFactory getMergedSocketFactory(Security security, Security security2) throws GeneralSecurityException {
        X509KeyManager keyManager = getKeyManager(security.getKeyStore(), security.getKeyStorePassword());
        X509KeyManager keyManager2 = getKeyManager(security2.getKeyStore(), security2.getKeyStorePassword());
        X509TrustManager multiTrustManager = getMultiTrustManager(getTrustManager(security.getTrustStore()), getTrustManager(security2.getTrustStore()));
        SSLContext sSLContext = SSLContext.getInstance(security.getSslContextProtocol());
        boolean z = security.isStrictHostVerification() && security2.isStrictHostVerification();
        sSLContext.init(new KeyManager[]{keyManager, keyManager2}, new TrustManager[]{multiTrustManager}, new SecureRandom());
        return new SSLSocketFactory(sSLContext, z ? SSLSocketFactory.STRICT_HOSTNAME_VERIFIER : SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }

    public static SSLSocketFactory getFactory(Security security) throws GeneralSecurityException {
        return new SSLSocketFactory(security.getSslContextProtocol(), security.getKeyStore(), security.getKeyStorePasswordAsString(), security.getTrustStore(), new SecureRandom(), null, security.isStrictHostVerification() ? SSLSocketFactory.STRICT_HOSTNAME_VERIFIER : SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }
}
