package com.adobe.forms.foundation.wsdl;

import com.adobe.granite.keystore.KeyStoreService;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.HashMap;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.lang3.StringUtils;
import org.apache.sling.api.resource.LoginException;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/adobe/forms/foundation/wsdl/SSLUtils.class */
public class SSLUtils {
    protected static final Logger logger = LoggerFactory.getLogger(SSLUtils.class);
    static TrustManagerFactory trustManagerFactory;

    private static KeyManager[] getKeyManager(KeyStoreService keyStoreService, ResourceResolver resourceResolver, String str) {
        try {
            if (StringUtils.isEmpty(str)) {
                return new KeyManager[]{keyStoreService.getKeyManager(resourceResolver)};
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStoreService.getKeyStoreEntry(resourceResolver, resourceResolver.getUserID(), str);
            Certificate certificate = privateKeyEntry.getCertificate();
            PrivateKey privateKey = privateKeyEntry.getPrivateKey();
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("client-cert", certificate);
            keyStore.setKeyEntry("client-key", privateKey, "changeit".toCharArray(), new Certificate[]{certificate});
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, "changeit".toCharArray());
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            logger.error("error occurred while creating keymanager: ", e);
            return null;
        }
    }

    private static TrustManager[] getTrustManager(KeyStoreService keyStoreService, ResourceResolver resourceResolver) {
        try {
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            TrustManager trustManager = keyStoreService.getTrustManager(resourceResolver);
            TrustManager trustManager2 = null;
            for (TrustManager trustManager3 : trustManagers) {
                if (trustManager3 instanceof X509TrustManager) {
                    trustManager2 = trustManager3;
                }
            }
            return trustManager != null ? new TrustManager[]{new CustomTrustManager((X509TrustManager) trustManager2, (X509TrustManager) trustManager)} : trustManagers;
        } catch (Exception e) {
            logger.error("error occurred while creating trustmanager: ", e);
            return null;
        }
    }

    private static ResourceResolver getResourceResolver(ResourceResolverFactory resourceResolverFactory, String str) throws LoginException {
        HashMap hashMap = new HashMap();
        hashMap.put("sling.service.subservice", str);
        return resourceResolverFactory.getServiceResourceResolver(hashMap);
    }

    public static SSLContext getSSLContext(ResourceResolverFactory resourceResolverFactory, String str, String str2, KeyStoreService keyStoreService, KeyStoreService keyStoreService2, String str3) throws LoginException, NoSuchAlgorithmException, KeyManagementException {
        long nanoTime = System.nanoTime();
        ResourceResolver resourceResolver = getResourceResolver(resourceResolverFactory, str);
        ResourceResolver resourceResolver2 = getResourceResolver(resourceResolverFactory, str2);
        KeyManager[] keyManager = getKeyManager(keyStoreService, resourceResolver, str3);
        TrustManager[] trustManager = getTrustManager(keyStoreService2, resourceResolver2);
        SSLContext sSLContext = SSLContext.getInstance(WSDLConstants.SSL);
        sSLContext.init(keyManager, trustManager, new SecureRandom());
        logger.trace("SSL context performance measure : " + (System.nanoTime() - nanoTime));
        return sSLContext;
    }

    static {
        try {
            trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }
}
