package org.glassfish.jersey;

import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.AccessController;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Properties;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.glassfish.jersey.internal.LocalizationMessages;
import org.glassfish.jersey.internal.util.PropertiesHelper;
import org.hsqldb.Tokens;

/* loaded from: input_file:WEB-INF/lib/jersey-common-2.27.jar:org/glassfish/jersey/SslConfigurator.class */
public final class SslConfigurator {
    public static final String TRUST_STORE_PROVIDER = "javax.net.ssl.trustStoreProvider";
    public static final String KEY_STORE_PROVIDER = "javax.net.ssl.keyStoreProvider";
    public static final String TRUST_STORE_FILE = "javax.net.ssl.trustStore";
    public static final String KEY_STORE_FILE = "javax.net.ssl.keyStore";
    public static final String TRUST_STORE_PASSWORD = "javax.net.ssl.trustStorePassword";
    public static final String KEY_STORE_PASSWORD = "javax.net.ssl.keyStorePassword";
    public static final String TRUST_STORE_TYPE = "javax.net.ssl.trustStoreType";
    public static final String KEY_STORE_TYPE = "javax.net.ssl.keyStoreType";
    public static final String KEY_MANAGER_FACTORY_ALGORITHM = "ssl.keyManagerFactory.algorithm";
    public static final String KEY_MANAGER_FACTORY_PROVIDER = "ssl.keyManagerFactory.provider";
    public static final String TRUST_MANAGER_FACTORY_ALGORITHM = "ssl.trustManagerFactory.algorithm";
    public static final String TRUST_MANAGER_FACTORY_PROVIDER = "ssl.trustManagerFactory.provider";
    private static final SslConfigurator DEFAULT_CONFIG_NO_PROPS = new SslConfigurator(false);
    private static final Logger LOGGER = Logger.getLogger(SslConfigurator.class.getName());
    private KeyStore keyStore;
    private KeyStore trustStore;
    private String trustStoreProvider;
    private String keyStoreProvider;
    private String trustStoreType;
    private String keyStoreType;
    private char[] trustStorePass;
    private char[] keyStorePass;
    private char[] keyPass;
    private String trustStoreFile;
    private String keyStoreFile;
    private byte[] trustStoreBytes;
    private byte[] keyStoreBytes;
    private String trustManagerFactoryAlgorithm;
    private String keyManagerFactoryAlgorithm;
    private String trustManagerFactoryProvider;
    private String keyManagerFactoryProvider;
    private String securityProtocol;

    public static SSLContext getDefaultContext() {
        return getDefaultContext(true);
    }

    public static SSLContext getDefaultContext(boolean z) {
        return z ? new SslConfigurator(true).createSSLContext() : DEFAULT_CONFIG_NO_PROPS.createSSLContext();
    }

    public static SslConfigurator newInstance() {
        return new SslConfigurator(false);
    }

    public static SslConfigurator newInstance(boolean z) {
        return new SslConfigurator(z);
    }

    private SslConfigurator(boolean z) {
        this.securityProtocol = "TLS";
        if (z) {
            retrieve((Properties) AccessController.doPrivileged(PropertiesHelper.getSystemProperties()));
        }
    }

    private SslConfigurator(SslConfigurator sslConfigurator) {
        this.securityProtocol = "TLS";
        this.keyStore = sslConfigurator.keyStore;
        this.trustStore = sslConfigurator.trustStore;
        this.trustStoreProvider = sslConfigurator.trustStoreProvider;
        this.keyStoreProvider = sslConfigurator.keyStoreProvider;
        this.trustStoreType = sslConfigurator.trustStoreType;
        this.keyStoreType = sslConfigurator.keyStoreType;
        this.trustStorePass = sslConfigurator.trustStorePass;
        this.keyStorePass = sslConfigurator.keyStorePass;
        this.keyPass = sslConfigurator.keyPass;
        this.trustStoreFile = sslConfigurator.trustStoreFile;
        this.keyStoreFile = sslConfigurator.keyStoreFile;
        this.trustStoreBytes = sslConfigurator.trustStoreBytes;
        this.keyStoreBytes = sslConfigurator.keyStoreBytes;
        this.trustManagerFactoryAlgorithm = sslConfigurator.trustManagerFactoryAlgorithm;
        this.keyManagerFactoryAlgorithm = sslConfigurator.keyManagerFactoryAlgorithm;
        this.trustManagerFactoryProvider = sslConfigurator.trustManagerFactoryProvider;
        this.keyManagerFactoryProvider = sslConfigurator.keyManagerFactoryProvider;
        this.securityProtocol = sslConfigurator.securityProtocol;
    }

    public SslConfigurator copy() {
        return new SslConfigurator(this);
    }

    public SslConfigurator trustStoreProvider(String str) {
        this.trustStoreProvider = str;
        return this;
    }

    public SslConfigurator keyStoreProvider(String str) {
        this.keyStoreProvider = str;
        return this;
    }

    public SslConfigurator trustStoreType(String str) {
        this.trustStoreType = str;
        return this;
    }

    public SslConfigurator keyStoreType(String str) {
        this.keyStoreType = str;
        return this;
    }

    public SslConfigurator trustStorePassword(String str) {
        this.trustStorePass = str.toCharArray();
        return this;
    }

    public SslConfigurator keyStorePassword(String str) {
        this.keyStorePass = str.toCharArray();
        return this;
    }

    public SslConfigurator keyStorePassword(char[] cArr) {
        this.keyStorePass = (char[]) cArr.clone();
        return this;
    }

    public SslConfigurator keyPassword(String str) {
        this.keyPass = str.toCharArray();
        return this;
    }

    public SslConfigurator keyPassword(char[] cArr) {
        this.keyPass = (char[]) cArr.clone();
        return this;
    }

    public SslConfigurator trustStoreFile(String str) {
        this.trustStoreFile = str;
        this.trustStoreBytes = null;
        this.trustStore = null;
        return this;
    }

    public SslConfigurator trustStoreBytes(byte[] bArr) {
        this.trustStoreBytes = (byte[]) bArr.clone();
        this.trustStoreFile = null;
        this.trustStore = null;
        return this;
    }

    public SslConfigurator keyStoreFile(String str) {
        this.keyStoreFile = str;
        this.keyStoreBytes = null;
        this.keyStore = null;
        return this;
    }

    public SslConfigurator keyStoreBytes(byte[] bArr) {
        this.keyStoreBytes = (byte[]) bArr.clone();
        this.keyStoreFile = null;
        this.keyStore = null;
        return this;
    }

    public SslConfigurator trustManagerFactoryAlgorithm(String str) {
        this.trustManagerFactoryAlgorithm = str;
        return this;
    }

    public SslConfigurator keyManagerFactoryAlgorithm(String str) {
        this.keyManagerFactoryAlgorithm = str;
        return this;
    }

    public SslConfigurator trustManagerFactoryProvider(String str) {
        this.trustManagerFactoryProvider = str;
        return this;
    }

    public SslConfigurator keyManagerFactoryProvider(String str) {
        this.keyManagerFactoryProvider = str;
        return this;
    }

    public SslConfigurator securityProtocol(String str) {
        this.securityProtocol = str;
        return this;
    }

    KeyStore getKeyStore() {
        return this.keyStore;
    }

    public SslConfigurator keyStore(KeyStore keyStore) {
        this.keyStore = keyStore;
        this.keyStoreFile = null;
        this.keyStoreBytes = null;
        return this;
    }

    KeyStore getTrustStore() {
        return this.trustStore;
    }

    public SslConfigurator trustStore(KeyStore keyStore) {
        this.trustStore = keyStore;
        this.trustStoreFile = null;
        this.trustStoreBytes = null;
        return this;
    }

    public SSLContext createSSLContext() {
        InputStream inputStream;
        TrustManagerFactory trustManagerFactory = null;
        KeyManagerFactory keyManagerFactory = null;
        KeyStore keyStore = this.keyStore;
        if (keyStore == null && (this.keyStoreBytes != null || this.keyStoreFile != null)) {
            try {
                if (this.keyStoreProvider != null) {
                    keyStore = KeyStore.getInstance(this.keyStoreType != null ? this.keyStoreType : KeyStore.getDefaultType(), this.keyStoreProvider);
                } else {
                    keyStore = KeyStore.getInstance(this.keyStoreType != null ? this.keyStoreType : KeyStore.getDefaultType());
                }
                InputStream inputStream2 = null;
                try {
                    if (this.keyStoreBytes != null) {
                        inputStream2 = new ByteArrayInputStream(this.keyStoreBytes);
                    } else if (!this.keyStoreFile.equals(Tokens.T_NONE)) {
                        inputStream2 = new FileInputStream(this.keyStoreFile);
                    }
                    keyStore.load(inputStream2, this.keyStorePass);
                } finally {
                    if (inputStream != null) {
                        try {
                        } catch (IOException e) {
                        }
                    }
                }
            } catch (FileNotFoundException e2) {
                throw new IllegalStateException(LocalizationMessages.SSL_KS_FILE_NOT_FOUND(this.keyStoreFile), e2);
            } catch (IOException e3) {
                throw new IllegalStateException(LocalizationMessages.SSL_KS_LOAD_ERROR(this.keyStoreFile), e3);
            } catch (KeyStoreException e4) {
                throw new IllegalStateException(LocalizationMessages.SSL_KS_IMPL_NOT_FOUND(), e4);
            } catch (NoSuchAlgorithmException e5) {
                throw new IllegalStateException(LocalizationMessages.SSL_KS_INTEGRITY_ALGORITHM_NOT_FOUND(), e5);
            } catch (NoSuchProviderException e6) {
                throw new IllegalStateException(LocalizationMessages.SSL_KS_PROVIDERS_NOT_REGISTERED(), e6);
            } catch (CertificateException e7) {
                throw new IllegalStateException(LocalizationMessages.SSL_KS_CERT_LOAD_ERROR(), e7);
            }
        }
        if (keyStore != null) {
            String str = this.keyManagerFactoryAlgorithm;
            if (str == null) {
                str = (String) AccessController.doPrivileged(PropertiesHelper.getSystemProperty(KEY_MANAGER_FACTORY_ALGORITHM, KeyManagerFactory.getDefaultAlgorithm()));
            }
            try {
                keyManagerFactory = this.keyManagerFactoryProvider != null ? KeyManagerFactory.getInstance(str, this.keyManagerFactoryProvider) : KeyManagerFactory.getInstance(str);
                char[] cArr = this.keyPass != null ? this.keyPass : this.keyStorePass;
                if (cArr != null) {
                    keyManagerFactory.init(keyStore, cArr);
                } else {
                    LOGGER.config(LocalizationMessages.SSL_KMF_NO_PASSWORD_SET(this.keyStoreProvider != null ? LocalizationMessages.SSL_KMF_NO_PASSWORD_FOR_PROVIDER_BASED_KS() : this.keyStoreBytes != null ? LocalizationMessages.SSL_KMF_NO_PASSWORD_FOR_BYTE_BASED_KS() : this.keyStoreFile));
                    keyManagerFactory = null;
                }
            } catch (KeyStoreException e8) {
                throw new IllegalStateException(LocalizationMessages.SSL_KMF_INIT_FAILED(), e8);
            } catch (NoSuchAlgorithmException e9) {
                throw new IllegalStateException(LocalizationMessages.SSL_KMF_ALGORITHM_NOT_SUPPORTED(), e9);
            } catch (NoSuchProviderException e10) {
                throw new IllegalStateException(LocalizationMessages.SSL_KMF_PROVIDER_NOT_REGISTERED(), e10);
            } catch (UnrecoverableKeyException e11) {
                throw new IllegalStateException(LocalizationMessages.SSL_KMF_UNRECOVERABLE_KEY(), e11);
            }
        }
        KeyStore keyStore2 = this.trustStore;
        if (keyStore2 == null && (this.trustStoreBytes != null || this.trustStoreFile != null)) {
            try {
                if (this.trustStoreProvider != null) {
                    keyStore2 = KeyStore.getInstance(this.trustStoreType != null ? this.trustStoreType : KeyStore.getDefaultType(), this.trustStoreProvider);
                } else {
                    keyStore2 = KeyStore.getInstance(this.trustStoreType != null ? this.trustStoreType : KeyStore.getDefaultType());
                }
                InputStream inputStream3 = null;
                try {
                    if (this.trustStoreBytes != null) {
                        inputStream3 = new ByteArrayInputStream(this.trustStoreBytes);
                    } else if (!this.trustStoreFile.equals(Tokens.T_NONE)) {
                        inputStream3 = new FileInputStream(this.trustStoreFile);
                    }
                    keyStore2.load(inputStream3, this.trustStorePass);
                    if (inputStream3 != null) {
                        try {
                            inputStream3.close();
                        } catch (IOException e12) {
                        }
                    }
                } finally {
                    if (inputStream3 != null) {
                        try {
                            inputStream3.close();
                        } catch (IOException e13) {
                        }
                    }
                }
            } catch (FileNotFoundException e14) {
                throw new IllegalStateException(LocalizationMessages.SSL_TS_FILE_NOT_FOUND(this.trustStoreFile), e14);
            } catch (IOException e15) {
                throw new IllegalStateException(LocalizationMessages.SSL_TS_LOAD_ERROR(this.trustStoreFile), e15);
            } catch (KeyStoreException e16) {
                throw new IllegalStateException(LocalizationMessages.SSL_TS_IMPL_NOT_FOUND(), e16);
            } catch (NoSuchAlgorithmException e17) {
                throw new IllegalStateException(LocalizationMessages.SSL_TS_INTEGRITY_ALGORITHM_NOT_FOUND(), e17);
            } catch (NoSuchProviderException e18) {
                throw new IllegalStateException(LocalizationMessages.SSL_TS_PROVIDERS_NOT_REGISTERED(), e18);
            } catch (CertificateException e19) {
                throw new IllegalStateException(LocalizationMessages.SSL_TS_CERT_LOAD_ERROR(), e19);
            }
        }
        if (keyStore2 != null) {
            String str2 = this.trustManagerFactoryAlgorithm;
            if (str2 == null) {
                str2 = (String) AccessController.doPrivileged(PropertiesHelper.getSystemProperty(TRUST_MANAGER_FACTORY_ALGORITHM, TrustManagerFactory.getDefaultAlgorithm()));
            }
            try {
                trustManagerFactory = this.trustManagerFactoryProvider != null ? TrustManagerFactory.getInstance(str2, this.trustManagerFactoryProvider) : TrustManagerFactory.getInstance(str2);
                trustManagerFactory.init(keyStore2);
            } catch (KeyStoreException e20) {
                throw new IllegalStateException(LocalizationMessages.SSL_TMF_INIT_FAILED(), e20);
            } catch (NoSuchAlgorithmException e21) {
                throw new IllegalStateException(LocalizationMessages.SSL_TMF_ALGORITHM_NOT_SUPPORTED(), e21);
            } catch (NoSuchProviderException e22) {
                throw new IllegalStateException(LocalizationMessages.SSL_TMF_PROVIDER_NOT_REGISTERED(), e22);
            }
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance(this.securityProtocol != null ? this.securityProtocol : "TLS");
            sSLContext.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, trustManagerFactory != null ? trustManagerFactory.getTrustManagers() : null, null);
            return sSLContext;
        } catch (KeyManagementException e23) {
            throw new IllegalStateException(LocalizationMessages.SSL_CTX_INIT_FAILED(), e23);
        } catch (NoSuchAlgorithmException e24) {
            throw new IllegalStateException(LocalizationMessages.SSL_CTX_ALGORITHM_NOT_SUPPORTED(), e24);
        }
    }

    public SslConfigurator retrieve(Properties properties) {
        this.trustStoreProvider = properties.getProperty(TRUST_STORE_PROVIDER);
        this.keyStoreProvider = properties.getProperty(KEY_STORE_PROVIDER);
        this.trustManagerFactoryProvider = properties.getProperty(TRUST_MANAGER_FACTORY_PROVIDER);
        this.keyManagerFactoryProvider = properties.getProperty(KEY_MANAGER_FACTORY_PROVIDER);
        this.trustStoreType = properties.getProperty(TRUST_STORE_TYPE);
        this.keyStoreType = properties.getProperty(KEY_STORE_TYPE);
        if (properties.getProperty(TRUST_STORE_PASSWORD) != null) {
            this.trustStorePass = properties.getProperty(TRUST_STORE_PASSWORD).toCharArray();
        } else {
            this.trustStorePass = null;
        }
        if (properties.getProperty(KEY_STORE_PASSWORD) != null) {
            this.keyStorePass = properties.getProperty(KEY_STORE_PASSWORD).toCharArray();
        } else {
            this.keyStorePass = null;
        }
        this.trustStoreFile = properties.getProperty(TRUST_STORE_FILE);
        this.keyStoreFile = properties.getProperty(KEY_STORE_FILE);
        this.trustStoreBytes = null;
        this.keyStoreBytes = null;
        this.trustStore = null;
        this.keyStore = null;
        this.securityProtocol = "TLS";
        return this;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        SslConfigurator sslConfigurator = (SslConfigurator) obj;
        if (this.keyManagerFactoryAlgorithm != null) {
            if (!this.keyManagerFactoryAlgorithm.equals(sslConfigurator.keyManagerFactoryAlgorithm)) {
                return false;
            }
        } else if (sslConfigurator.keyManagerFactoryAlgorithm != null) {
            return false;
        }
        if (this.keyManagerFactoryProvider != null) {
            if (!this.keyManagerFactoryProvider.equals(sslConfigurator.keyManagerFactoryProvider)) {
                return false;
            }
        } else if (sslConfigurator.keyManagerFactoryProvider != null) {
            return false;
        }
        if (!Arrays.equals(this.keyPass, sslConfigurator.keyPass)) {
            return false;
        }
        if (this.keyStore != null) {
            if (!this.keyStore.equals(sslConfigurator.keyStore)) {
                return false;
            }
        } else if (sslConfigurator.keyStore != null) {
            return false;
        }
        if (!Arrays.equals(this.keyStoreBytes, sslConfigurator.keyStoreBytes)) {
            return false;
        }
        if (this.keyStoreFile != null) {
            if (!this.keyStoreFile.equals(sslConfigurator.keyStoreFile)) {
                return false;
            }
        } else if (sslConfigurator.keyStoreFile != null) {
            return false;
        }
        if (!Arrays.equals(this.keyStorePass, sslConfigurator.keyStorePass)) {
            return false;
        }
        if (this.keyStoreProvider != null) {
            if (!this.keyStoreProvider.equals(sslConfigurator.keyStoreProvider)) {
                return false;
            }
        } else if (sslConfigurator.keyStoreProvider != null) {
            return false;
        }
        if (this.keyStoreType != null) {
            if (!this.keyStoreType.equals(sslConfigurator.keyStoreType)) {
                return false;
            }
        } else if (sslConfigurator.keyStoreType != null) {
            return false;
        }
        if (this.securityProtocol != null) {
            if (!this.securityProtocol.equals(sslConfigurator.securityProtocol)) {
                return false;
            }
        } else if (sslConfigurator.securityProtocol != null) {
            return false;
        }
        if (this.trustManagerFactoryAlgorithm != null) {
            if (!this.trustManagerFactoryAlgorithm.equals(sslConfigurator.trustManagerFactoryAlgorithm)) {
                return false;
            }
        } else if (sslConfigurator.trustManagerFactoryAlgorithm != null) {
            return false;
        }
        if (this.trustManagerFactoryProvider != null) {
            if (!this.trustManagerFactoryProvider.equals(sslConfigurator.trustManagerFactoryProvider)) {
                return false;
            }
        } else if (sslConfigurator.trustManagerFactoryProvider != null) {
            return false;
        }
        if (this.trustStore != null) {
            if (!this.trustStore.equals(sslConfigurator.trustStore)) {
                return false;
            }
        } else if (sslConfigurator.trustStore != null) {
            return false;
        }
        if (!Arrays.equals(this.trustStoreBytes, sslConfigurator.trustStoreBytes)) {
            return false;
        }
        if (this.trustStoreFile != null) {
            if (!this.trustStoreFile.equals(sslConfigurator.trustStoreFile)) {
                return false;
            }
        } else if (sslConfigurator.trustStoreFile != null) {
            return false;
        }
        if (!Arrays.equals(this.trustStorePass, sslConfigurator.trustStorePass)) {
            return false;
        }
        if (this.trustStoreProvider != null) {
            if (!this.trustStoreProvider.equals(sslConfigurator.trustStoreProvider)) {
                return false;
            }
        } else if (sslConfigurator.trustStoreProvider != null) {
            return false;
        }
        return this.trustStoreType != null ? this.trustStoreType.equals(sslConfigurator.trustStoreType) : sslConfigurator.trustStoreType == null;
    }

    public int hashCode() {
        return (31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * (this.keyStore != null ? this.keyStore.hashCode() : 0)) + (this.trustStore != null ? this.trustStore.hashCode() : 0))) + (this.trustStoreProvider != null ? this.trustStoreProvider.hashCode() : 0))) + (this.keyStoreProvider != null ? this.keyStoreProvider.hashCode() : 0))) + (this.trustStoreType != null ? this.trustStoreType.hashCode() : 0))) + (this.keyStoreType != null ? this.keyStoreType.hashCode() : 0))) + (this.trustStorePass != null ? Arrays.hashCode(this.trustStorePass) : 0))) + (this.keyStorePass != null ? Arrays.hashCode(this.keyStorePass) : 0))) + (this.keyPass != null ? Arrays.hashCode(this.keyPass) : 0))) + (this.trustStoreFile != null ? this.trustStoreFile.hashCode() : 0))) + (this.keyStoreFile != null ? this.keyStoreFile.hashCode() : 0))) + (this.trustStoreBytes != null ? Arrays.hashCode(this.trustStoreBytes) : 0))) + (this.keyStoreBytes != null ? Arrays.hashCode(this.keyStoreBytes) : 0))) + (this.trustManagerFactoryAlgorithm != null ? this.trustManagerFactoryAlgorithm.hashCode() : 0))) + (this.keyManagerFactoryAlgorithm != null ? this.keyManagerFactoryAlgorithm.hashCode() : 0))) + (this.trustManagerFactoryProvider != null ? this.trustManagerFactoryProvider.hashCode() : 0))) + (this.keyManagerFactoryProvider != null ? this.keyManagerFactoryProvider.hashCode() : 0))) + (this.securityProtocol != null ? this.securityProtocol.hashCode() : 0);
    }
}
