package com.koalii.svs.client.util.loadbalancer;

import com.koalii.kgsp.core.util.StringUtil;
import com.koalii.lib.com.google.common.base.Preconditions;
import com.koalii.lib.com.google.common.base.Strings;
import com.koalii.lib.com.netflix.client.ssl.AbstractSslContextFactory;
import com.koalii.lib.com.netflix.client.ssl.ClientSslSocketFactoryException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/koalii/svs/client/util/loadbalancer/KoalSSLSocketFactory.class */
public class KoalSSLSocketFactory extends AbstractSslContextFactory {
    private KeyStore keyStore;
    private KeyStore trustStore;
    private URL keyStoreUrl;
    private URL trustStoreUrl;
    private String keyStorePassword;

    public KoalSSLSocketFactory(URL url, String str, URL url2, String str2) throws ClientSslSocketFactoryException {
        super(createKeyStore(url, str), str, createKeyStore(url2, str2), str2);
        this.keyStore = createKeyStore(url2, str2);
        this.trustStore = createKeyStore(url, str);
        this.keyStoreUrl = url2;
        this.trustStoreUrl = url;
        this.keyStorePassword = str2;
    }

    @Override // com.koalii.lib.com.netflix.client.ssl.AbstractSslContextFactory
    public KeyStore getKeyStore() {
        return this.keyStore;
    }

    @Override // com.koalii.lib.com.netflix.client.ssl.AbstractSslContextFactory
    public KeyStore getTrustStore() {
        return this.trustStore;
    }

    @Override // com.koalii.lib.com.netflix.client.ssl.AbstractSslContextFactory
    public SSLContext getSSLContext() throws ClientSslSocketFactoryException {
        return createSSLContext();
    }

    private SSLContext createSSLContext() throws ClientSslSocketFactoryException {
        KeyManager[] createKeyManagers = this.keyStore != null ? createKeyManagers() : null;
        TrustManager[] createTrustManagers = this.trustStore != null ? createTrustManagers() : null;
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(createKeyManagers, createTrustManagers, (SecureRandom) null);
            return sSLContext;
        } catch (KeyManagementException e) {
            throw new ClientSslSocketFactoryException(String.format("Failed to initialize an SSL context: %s", e.getMessage()), e);
        } catch (NoSuchAlgorithmException e2) {
            throw new ClientSslSocketFactoryException(String.format("Failed to create an SSL context that supports algorithm %s: %s", "SSL", e2.getMessage()), e2);
        }
    }

    private KeyManager[] createKeyManagers() throws ClientSslSocketFactoryException {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(this.keyStore, this.keyStorePassword.toCharArray());
            return keyManagerFactory.getKeyManagers();
        } catch (KeyStoreException e) {
            throw new ClientSslSocketFactoryException("KeyStore exception initializing key manager factory; this is probably fatal", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new ClientSslSocketFactoryException(String.format("Failed to create the key store because the algorithm %s is not supported. ", KeyManagerFactory.getDefaultAlgorithm()), e2);
        } catch (UnrecoverableKeyException e3) {
            throw new ClientSslSocketFactoryException("Unrecoverable Key Exception initializing key manager factory; this is probably fatal", e3);
        }
    }

    private TrustManager[] createTrustManagers() throws ClientSslSocketFactoryException {
        return new TrustManager[]{new X509TrustManager() { // from class: com.koalii.svs.client.util.loadbalancer.KoalSSLSocketFactory.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }
        }};
    }

    private static KeyStore createKeyStore(URL url, String str) throws ClientSslSocketFactoryException {
        if (url == null) {
            return null;
        }
        Preconditions.checkArgument(StringUtil.isNotEmpty(str), "Null keystore should have empty password, defined keystore must have password");
        try {
            KeyStore keyStore = KeyStore.getInstance("jks");
            InputStream openStream = url.openStream();
            try {
                try {
                    keyStore.load(openStream, str.toCharArray());
                    return keyStore;
                } finally {
                    try {
                        openStream.close();
                    } catch (IOException e) {
                    }
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new ClientSslSocketFactoryException(String.format("Failed to create a keystore that supports algorithm %s: %s", "SSL", e2.getMessage()), e2);
            } catch (CertificateException e3) {
                throw new ClientSslSocketFactoryException(String.format("Failed to create keystore with algorithm %s due to certificate exception: %s", "SSL", e3.getMessage()), e3);
            }
        } catch (IOException e4) {
            throw new ClientSslSocketFactoryException(String.format("IO exception creating keystore: %s", e4.getMessage()), e4);
        } catch (KeyStoreException e5) {
            throw new ClientSslSocketFactoryException(String.format("KeyStore exception creating keystore: %s", e5.getMessage()), e5);
        }
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("ClientSslSocketFactory [trustStoreUrl=").append(this.trustStoreUrl);
        if (this.trustStoreUrl != null) {
            sb.append(", trustStorePassword=");
            sb.append(Strings.repeat("*", getTrustStorePasswordLength()));
        }
        sb.append(", keyStoreUrl=").append(this.keyStoreUrl);
        if (this.keyStoreUrl != null) {
            sb.append(", keystorePassword = ");
            sb.append(Strings.repeat("*", getKeyStorePasswordLength()));
        }
        sb.append(']');
        return sb.toString();
    }
}
