package me.andpay.ti.lnk.transport.wsock.client.light;

import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class SslContextHelper {
    public static final String DEFAULT_KEYMANAGERFACTORY_ALGORITHM;
    public static final String DEFAULT_TRUSTMANAGERFACTORY_ALGORITHM;
    public static final TrustManager[] TRUST_ALL_CERTS = {new X509TrustManager() { // from class: me.andpay.ti.lnk.transport.wsock.client.light.SslContextHelper.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }};
    private boolean enableCRLDP;
    private boolean enableOCSP;
    private String keyManagerPassword;
    private KeyManager[] keyManagers;
    private InputStream keyStoreInputStream;
    private String keyStorePassword;
    private String keyStorePath;
    private boolean trustAll;
    private TrustManager[] trustManagers;
    private InputStream trustStoreInputStream;
    private String trustStorePassword;
    private String trustStorePath;
    private boolean validatePeerCerts;
    private String trustKeyStoreType = KeyStore.getDefaultType();
    private String keyStoreType = KeyStore.getDefaultType();

    static {
        DEFAULT_KEYMANAGERFACTORY_ALGORITHM = Security.getProperty("ssl.KeyManagerFactory.algorithm") == null ? "SunX509" : Security.getProperty("ssl.KeyManagerFactory.algorithm");
        DEFAULT_TRUSTMANAGERFACTORY_ALGORITHM = Security.getProperty("ssl.TrustManagerFactory.algorithm") == null ? "SunX509" : Security.getProperty("ssl.TrustManagerFactory.algorithm");
    }

    protected static KeyStore loadKeyStore(String str, InputStream inputStream, String str2, String str3) throws Exception {
        KeyStore keyStore = null;
        if (inputStream != null || str != null) {
            InputStream inputStream2 = inputStream;
            if (inputStream2 == null) {
                try {
                    inputStream2 = new FileInputStream(str);
                } finally {
                    if (inputStream2 != null) {
                        inputStream2.close();
                    }
                }
            }
            keyStore = KeyStore.getInstance(str2);
            keyStore.load(inputStream2, str3 == null ? null : str3.toCharArray());
        }
        return keyStore;
    }

    public void build() {
        try {
            buildKeyManagers();
            buildTrustManagers();
        } catch (Exception e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }

    protected void buildKeyManagers() throws Exception {
        KeyManager[] keyManagerArr = null;
        KeyStore loadKeyStore = loadKeyStore(this.keyStorePath, this.keyStoreInputStream, this.keyStoreType, this.keyStorePassword);
        if (loadKeyStore != null) {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(DEFAULT_KEYMANAGERFACTORY_ALGORITHM);
            keyManagerFactory.init(loadKeyStore, this.keyManagerPassword == null ? this.keyStorePassword == null ? null : this.keyStorePassword.toString().toCharArray() : this.keyManagerPassword.toString().toCharArray());
            keyManagerArr = keyManagerFactory.getKeyManagers();
        }
        this.keyManagers = keyManagerArr;
    }

    protected void buildTrustManagers() throws Exception {
        if (this.trustAll) {
            this.trustManagers = TRUST_ALL_CERTS;
            return;
        }
        TrustManager[] trustManagerArr = null;
        KeyStore loadKeyStore = loadKeyStore(this.trustStorePath, this.trustStoreInputStream, this.trustKeyStoreType, this.trustStorePassword);
        if (loadKeyStore != null) {
            if (this.validatePeerCerts && DEFAULT_TRUSTMANAGERFACTORY_ALGORITHM.equalsIgnoreCase("PKIX")) {
                PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(loadKeyStore, new X509CertSelector());
                pKIXBuilderParameters.setMaxPathLength(-1);
                pKIXBuilderParameters.setRevocationEnabled(true);
                if (this.enableCRLDP) {
                    System.setProperty("com.sun.security.enableCRLDP", "true");
                }
                if (this.enableOCSP) {
                    Security.setProperty("ocsp.enable", "true");
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(DEFAULT_TRUSTMANAGERFACTORY_ALGORITHM);
                trustManagerFactory.init(new CertPathTrustManagerParameters(pKIXBuilderParameters));
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } else {
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(DEFAULT_TRUSTMANAGERFACTORY_ALGORITHM);
                trustManagerFactory2.init(loadKeyStore);
                trustManagerArr = trustManagerFactory2.getTrustManagers();
            }
        }
        this.trustManagers = trustManagerArr;
    }

    public String getKeyManagerPassword() {
        return this.keyManagerPassword;
    }

    public KeyManager[] getKeyManagers() {
        return this.keyManagers;
    }

    public InputStream getKeyStoreInputStream() {
        return this.keyStoreInputStream;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public String getKeyStorePath() {
        return this.keyStorePath;
    }

    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    public String getTrustKeyStoreType() {
        return this.trustKeyStoreType;
    }

    public TrustManager[] getTrustManagers() {
        return this.trustManagers;
    }

    public InputStream getTrustStoreInputStream() {
        return this.trustStoreInputStream;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public String getTrustStorePath() {
        return this.trustStorePath;
    }

    public boolean isEnableCRLDP() {
        return this.enableCRLDP;
    }

    public boolean isEnableOCSP() {
        return this.enableOCSP;
    }

    public boolean isTrustAll() {
        return this.trustAll;
    }

    public boolean isValidatePeerCerts() {
        return this.validatePeerCerts;
    }

    public void setEnableCRLDP(boolean z) {
        this.enableCRLDP = z;
    }

    public void setEnableOCSP(boolean z) {
        this.enableOCSP = z;
    }

    public void setKeyManagerPassword(String str) {
        this.keyManagerPassword = str;
    }

    public void setKeyStoreInputStream(InputStream inputStream) {
        this.keyStoreInputStream = inputStream;
    }

    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    public void setKeyStorePath(String str) {
        this.keyStorePath = str;
    }

    public void setKeyStoreType(String str) {
        this.keyStoreType = str;
    }

    public void setTrustAll(boolean z) {
        this.trustAll = z;
    }

    public void setTrustKeyStoreType(String str) {
        this.trustKeyStoreType = str;
    }

    public void setTrustStoreInputStream(InputStream inputStream) {
        this.trustStoreInputStream = inputStream;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    public void setTrustStorePath(String str) {
        this.trustStorePath = str;
    }

    public void setValidatePeerCerts(boolean z) {
        this.validatePeerCerts = z;
    }
}
