package com.zollsoft.ecardservices;

import com.zollsoft.ecardservices.ECardServiceProvider;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.io.FileUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/zollsoft/ecardservices/ECardTrustAndKeyStoreManager.class */
public class ECardTrustAndKeyStoreManager {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ECardTrustAndKeyStoreManager.class);
    private static final String customtruststorename = "soapui_trust.jks";
    private static final String customtruststorepwd = "abc123";
    private static final String cert_rootca = "864696_RootCA-1.cer";
    private static final String cert_ecs_ca_prod = "864698_ECS_CA-PROD.cer";
    private static final String cert_ca_ecs_v02_prod = "Zert_CA_ECS_V02_Prod.cer";
    private static final String cert_ca_ecs_v02_test = "Zert_CA_ECS_V02_Test.cer";
    private static final String cert_ca_root_v02_prod = "Zert_CA_Root_V02_Prod.cer";
    private static final String cert_ca_root_v02_test = "Zert_CA_Root_V02_Test.cer";

    private static TrustManager[] getTrustManagerFromCertificateChain(ECardServiceProvider.ECardModus eCardModus) throws KeyStoreException, NoSuchAlgorithmException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(getTrustStore(eCardModus));
        return trustManagerFactory.getTrustManagers();
    }

    private static KeyStore getTrustStore(ECardServiceProvider.ECardModus eCardModus) {
        KeyStore keyStore = null;
        try {
            Certificate certificate = null;
            InputStream resourceAsStream = FileUtil.getResourceAsStream("cert/864696_RootCA-1.cer");
            resourceAsStream = FileUtil.getResourceAsStream("cert/864698_ECS_CA-PROD.cer");
            InputStream inputStream = null;
            InputStream inputStream2 = null;
            InputStream inputStream3 = null;
            if (eCardModus == ECardServiceProvider.ECardModus.TEST) {
                inputStream = FileUtil.getResourceAsStream("cert/Zert_CA_Root_V02_Test.cer");
                inputStream2 = FileUtil.getResourceAsStream("cert/Zert_CA_ECS_V02_Test.cer");
                inputStream3 = FileUtil.getResourceAsStream("cert/Zert_CA_Root_V02_Prod.cer");
            } else if (eCardModus == ECardServiceProvider.ECardModus.PRODUCTION) {
                inputStream = FileUtil.getResourceAsStream("cert/Zert_CA_Root_V02_Prod.cer");
                inputStream2 = FileUtil.getResourceAsStream("cert/Zert_CA_ECS_V02_Prod.cer");
            }
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            try {
                Certificate generateCertificate = certificateFactory.generateCertificate(resourceAsStream);
                LOG.debug("ca={}", ((X509Certificate) generateCertificate).getSubjectDN());
                resourceAsStream.close();
                try {
                    Certificate generateCertificate2 = certificateFactory.generateCertificate(resourceAsStream);
                    LOG.debug("ca={}", ((X509Certificate) generateCertificate2).getSubjectDN());
                    resourceAsStream.close();
                    try {
                        Certificate generateCertificate3 = certificateFactory.generateCertificate(inputStream2);
                        LOG.debug("ca={}", ((X509Certificate) generateCertificate3).getSubjectDN());
                        inputStream2.close();
                        if (inputStream != null) {
                            try {
                                certificate = certificateFactory.generateCertificate(inputStream);
                                LOG.debug("ca={}", ((X509Certificate) certificate).getSubjectDN());
                                inputStream.close();
                            } finally {
                            }
                        }
                        try {
                            Certificate generateCertificate4 = certificateFactory.generateCertificate(inputStream2);
                            LOG.debug("ca={}", ((X509Certificate) generateCertificate4).getSubjectDN());
                            inputStream2.close();
                            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                            keyStore.load(null, null);
                            keyStore.setCertificateEntry("ca", generateCertificate);
                            keyStore.setCertificateEntry("ecs", generateCertificate2);
                            keyStore.setCertificateEntry("caecsv02", generateCertificate3);
                            keyStore.setCertificateEntry("ecsv02", generateCertificate4);
                            if (certificate != null) {
                                keyStore.setCertificateEntry("ecsv02_PROD", certificate);
                            }
                        } finally {
                            inputStream2.close();
                        }
                    } finally {
                    }
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
        }
        return keyStore;
    }

    public static SSLSocketFactory getSSLSocketFactory(ECardServiceProvider.ECardModus eCardModus) {
        if (eCardModus == ECardServiceProvider.ECardModus.SOAPUI) {
            return getCustomTrust();
        }
        TrustManager[] trustManagerArr = null;
        KeyManager[] keyManagerArr = null;
        try {
            trustManagerArr = getTrustManagerFromCertificateChain(eCardModus);
            keyManagerArr = null;
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        SSLSocketFactory sSLSocketFactory = null;
        try {
            SSLContext sSLContext = SSLContext.getInstance(org.apache.http.conn.ssl.SSLSocketFactory.SSL);
            sSLContext.init(keyManagerArr, trustManagerArr, null);
            sSLSocketFactory = sSLContext.getSocketFactory();
        } catch (KeyManagementException | NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        }
        return sSLSocketFactory;
    }

    private static SSLSocketFactory getCustomTrust() {
        KeyStore keyStore;
        FileInputStream openInputStream;
        SSLSocketFactory sSLSocketFactory = null;
        String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        try {
            keyStore = KeyStore.getInstance("JKS");
            openInputStream = FileUtils.openInputStream(new File(FileUtil.getResourceURL("cert/soapui_trust.jks").getFile()));
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyManagementException e2) {
            e2.printStackTrace();
        } catch (KeyStoreException e3) {
            e3.printStackTrace();
        } catch (NoSuchAlgorithmException e4) {
            e4.printStackTrace();
        } catch (CertificateException e5) {
            e5.printStackTrace();
        }
        if (openInputStream == null) {
            LOG.error("keystore empty");
            return null;
        }
        keyStore.load(openInputStream, customtruststorepwd.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
        trustManagerFactory.init(keyStore);
        X509TrustManager x509TrustManager = null;
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if ((trustManager instanceof X509TrustManager) && x509TrustManager == null) {
                x509TrustManager = (X509TrustManager) trustManager;
            }
        }
        SSLContext sSLContext = SSLContext.getInstance(org.apache.http.conn.ssl.SSLSocketFactory.SSL);
        sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
        sSLSocketFactory = sSLContext.getSocketFactory();
        return sSLSocketFactory;
    }
}
