package com.ibm.rational.rit.rtcpclient.http;

import com.ghc.ssl.SSLUtils;
import com.ghc.utils.password.Password;
import com.ghc.utils.password.UnknownAlgorithmException;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.hc.client5.http.ssl.DefaultHostnameVerifier;
import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;

/* loaded from: input_file:com/ibm/rational/rit/rtcpclient/http/RTCPSSLConfigurations.class */
public class RTCPSSLConfigurations {
    private RTCPSSLConfigurations() {
    }

    public static RTCPSSLConfiguration createTrustAllConfiguration() throws GeneralSecurityException {
        return createTrustAllConfiguration(null);
    }

    public static RTCPSSLConfiguration createTrustAllConfiguration(Iterable<String> iterable) throws GeneralSecurityException {
        final SSLContext sSLContext = SSLUtils.getSSLContext(iterable);
        final X509TrustManager x509TrustManager = new X509TrustManager() { // from class: com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfigurations.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
        sSLContext.init(null, new TrustManager[]{x509TrustManager}, new SecureRandom());
        return new RTCPSSLConfiguration() { // from class: com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfigurations.2
            @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
            public HostnameVerifier getHostnameVerifier() {
                return NoopHostnameVerifier.INSTANCE;
            }

            @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
            public SSLContext getSSLContext() {
                return sSLContext;
            }

            @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
            public X509TrustManager getTrustManager() {
                return x509TrustManager;
            }
        };
    }

    public static RTCPSSLConfiguration create(String str, String str2, String str3, List<String> list) throws GeneralSecurityException, IOException {
        final SSLContext sSLContext = SSLUtils.getSSLContext(list);
        final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance(str3);
        Throwable th = null;
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            try {
                keyStore.load(fileInputStream, decryptPassword(str2));
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                trustManagerFactory.init(keyStore);
                sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
                return new RTCPSSLConfiguration() { // from class: com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfigurations.3
                    @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
                    public HostnameVerifier getHostnameVerifier() {
                        return new DefaultHostnameVerifier();
                    }

                    @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
                    public SSLContext getSSLContext() {
                        return sSLContext;
                    }

                    @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
                    public X509TrustManager getTrustManager() {
                        return (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
                    }
                };
            } catch (Throwable th2) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    private static char[] decryptPassword(String str) {
        if (str == null) {
            return null;
        }
        try {
            return Password.decrypt(str).toCharArray();
        } catch (UnknownAlgorithmException unused) {
            return str.toCharArray();
        }
    }

    public static RTCPSSLConfiguration create(String str, String str2) throws GeneralSecurityException, IOException {
        return create(str, str2, "jks", null);
    }

    public static RTCPSSLConfiguration createTrustNoneConfiguration() throws GeneralSecurityException {
        final SSLContext sSLContext = SSLUtils.getSSLContext((Iterable) null);
        final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(KeyStore.getInstance("jks"));
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
        return new RTCPSSLConfiguration() { // from class: com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfigurations.4
            @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
            public HostnameVerifier getHostnameVerifier() {
                return new DefaultHostnameVerifier();
            }

            @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
            public SSLContext getSSLContext() {
                return sSLContext;
            }

            @Override // com.ibm.rational.rit.rtcpclient.http.RTCPSSLConfiguration
            public X509TrustManager getTrustManager() {
                return (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
            }
        };
    }
}
