package com.google.dataconnector.util;

import com.google.dataconnector.client.testing.TrustAllTrustManager;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.log4j.Logger;

@Singleton
/* loaded from: input_file:com/google/dataconnector/util/SSLSocketFactoryInit.class */
public class SSLSocketFactoryInit {
    private static final Logger LOG = Logger.getLogger(SSLSocketFactoryInit.class);
    private final FileUtil fileUtil;

    @Inject
    public SSLSocketFactoryInit(FileUtil fileUtil) {
        this.fileUtil = fileUtil;
    }

    public SSLSocketFactory getSslSocketFactory(LocalConf localConf) {
        LOG.info("Using SSL for client connections.");
        String sslKeyStoreFile = localConf.getSslKeyStoreFile();
        char[] cArr = (char[]) null;
        if (sslKeyStoreFile != null) {
            cArr = localConf.getSslKeyStorePassword().toCharArray();
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLSv1");
            if (sslKeyStoreFile != null) {
                initializeSslEngineWithCustomKeystore(localConf, cArr, sslKeyStoreFile, sSLContext);
            } else {
                initializeSslEngineWithDefaultKeystore(localConf, sSLContext);
            }
            if (sSLContext.getSocketFactory() == null) {
                throw new GeneralSecurityException("socketFactory not created");
            }
            return sSLContext.getSocketFactory();
        } catch (IOException e) {
            LOG.fatal("Error reading Keystore file", e);
            return null;
        } catch (GeneralSecurityException e2) {
            LOG.fatal("SSL setup error", e2);
            return null;
        }
    }

    private void initializeSslEngineWithDefaultKeystore(LocalConf localConf, SSLContext sSLContext) throws KeyManagementException {
        if (localConf.getAllowUnverifiedCertificates().booleanValue()) {
            sSLContext.init(null, new TrustManager[]{new TrustAllTrustManager()}, null);
        } else {
            sSLContext.init(null, null, null);
        }
    }

    private void initializeSslEngineWithCustomKeystore(LocalConf localConf, char[] cArr, String str, SSLContext sSLContext) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, KeyManagementException {
        if (localConf.getAllowUnverifiedCertificates().booleanValue()) {
            sSLContext.init(null, new TrustManager[]{new TrustAllTrustManager()}, null);
            return;
        }
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(this.fileUtil.getFileInputStream(str), cArr);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
        trustManagerFactory.init(keyStore);
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
    }
}
