package net.bluemind.utils;

import java.net.HttpURLConnection;
import java.net.Socket;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;
import net.bluemind.system.api.SysConfKeys;
import net.bluemind.system.sysconf.helper.LocalSysconfCache;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/bluemind/utils/Trust.class */
public class Trust {
    private static SSLSocketFactory defaultSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) Trust.class);
    private static final X509ExtendedTrustManager trustAll = new X509ExtendedTrustManager() { // from class: net.bluemind.utils.Trust.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
        }
    };
    private static final TrustManager[] trustManagers = {trustAll};

    public void prepareConnection(String str, HttpURLConnection httpURLConnection) {
        if ((httpURLConnection instanceof HttpsURLConnection) && trustall(str)) {
            ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(getSSLSocketFactory(true));
            ((HttpsURLConnection) httpURLConnection).setHostnameVerifier(getHostNameVerifier(true));
        }
    }

    public SSLSocketFactory getSSLSocketFactory(String str) {
        return getSSLSocketFactory(trustall(str));
    }

    public SSLSocketFactory getSSLSocketFactory(boolean z) {
        return z ? createSSLContext().getSocketFactory() : defaultSocketFactory;
    }

    public SSLContext getSSLContext(String str) {
        return getSSLContext(trustall(str));
    }

    public SSLContext getSSLContext(boolean z) {
        if (z) {
            return createSSLContext();
        }
        try {
            return SSLContext.getDefault();
        } catch (NoSuchAlgorithmException e) {
            throw new Error("Failed to initialize the SSLContext", e);
        }
    }

    private SSLContext createSSLContext() {
        try {
            SecureRandom secureRandom = new SecureRandom();
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagers, secureRandom);
            return sSLContext;
        } catch (Exception e) {
            throw new Error("Failed to initialize the SSLContext", e);
        }
    }

    public final HostnameVerifier getHostNameVerifier(String str) {
        return getHostNameVerifier(trustall(str));
    }

    private final HostnameVerifier getHostNameVerifier(boolean z) {
        return z ? (str, sSLSession) -> {
            return true;
        } : HttpsURLConnection.getDefaultHostnameVerifier();
    }

    private boolean trustall(String str) {
        List<String> trustAllModules = getTrustAllModules();
        if (trustAllModules.isEmpty()) {
            return false;
        }
        if (trustAllModules.size() == 1 && trustAllModules.get(0).equals("ALL")) {
            return true;
        }
        return trustAllModules.contains(str);
    }

    protected List<String> getTrustAllModules() {
        return LocalSysconfCache.get().stringList(SysConfKeys.tls_trust_allcertificates.name());
    }
}
