package io.hops.hudi.org.apache.http.nio.conn.ssl;

import io.hops.hudi.org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import io.hops.hudi.org.apache.http.conn.ssl.SSLContexts;
import io.hops.hudi.org.apache.http.conn.ssl.TrustStrategy;
import io.hops.hudi.org.apache.http.conn.ssl.X509HostnameVerifier;
import io.hops.hudi.org.apache.http.nio.conn.scheme.LayeringStrategy;
import io.hops.hudi.org.apache.http.nio.reactor.IOSession;
import io.hops.hudi.org.apache.http.nio.reactor.ssl.SSLIOSession;
import io.hops.hudi.org.apache.http.nio.reactor.ssl.SSLMode;
import io.hops.hudi.org.apache.http.nio.reactor.ssl.SSLSetupHandler;
import java.net.InetSocketAddress;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

@Deprecated
/* loaded from: input_file:io/hops/hudi/org/apache/http/nio/conn/ssl/SSLLayeringStrategy.class */
public class SSLLayeringStrategy implements LayeringStrategy {
    public static final String TLS = "TLS";
    public static final String SSL = "SSL";
    public static final String SSLV2 = "SSLv2";
    private final SSLContext sslContext;
    private final X509HostnameVerifier hostnameVerifier;

    public static SSLLayeringStrategy getDefaultStrategy() {
        return new SSLLayeringStrategy(SSLContexts.createDefault());
    }

    public static SSLLayeringStrategy getSystemDefaultStrategy() {
        return new SSLLayeringStrategy(SSLContexts.createSystemDefault());
    }

    private static SSLContext createSSLContext(String str, KeyStore keyStore, String str2, KeyStore keyStore2, SecureRandom secureRandom, TrustStrategy trustStrategy) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, KeyManagementException {
        String str3 = str != null ? str : "TLS";
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, str2 != null ? str2.toCharArray() : null);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore2);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers != null && trustStrategy != null) {
            for (int i = 0; i < trustManagers.length; i++) {
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    trustManagers[i] = new TrustManagerDecorator((X509TrustManager) trustManager, trustStrategy);
                }
            }
        }
        SSLContext sSLContext = SSLContext.getInstance(str3);
        sSLContext.init(keyManagers, trustManagers, secureRandom);
        return sSLContext;
    }

    public SSLLayeringStrategy(String str, KeyStore keyStore, String str2, KeyStore keyStore2, SecureRandom secureRandom, X509HostnameVerifier x509HostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this(createSSLContext(str, keyStore, str2, keyStore2, secureRandom, null), x509HostnameVerifier);
    }

    public SSLLayeringStrategy(String str, KeyStore keyStore, String str2, KeyStore keyStore2, SecureRandom secureRandom, TrustStrategy trustStrategy, X509HostnameVerifier x509HostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this(createSSLContext(str, keyStore, str2, keyStore2, secureRandom, trustStrategy), x509HostnameVerifier);
    }

    public SSLLayeringStrategy(KeyStore keyStore, String str, KeyStore keyStore2) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this("TLS", keyStore, str, keyStore2, null, null, new BrowserCompatHostnameVerifier());
    }

    public SSLLayeringStrategy(KeyStore keyStore, String str) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this("TLS", keyStore, str, null, null, null, new BrowserCompatHostnameVerifier());
    }

    public SSLLayeringStrategy(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this("TLS", null, null, keyStore, null, null, new BrowserCompatHostnameVerifier());
    }

    public SSLLayeringStrategy(TrustStrategy trustStrategy, X509HostnameVerifier x509HostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this("TLS", null, null, null, null, trustStrategy, x509HostnameVerifier);
    }

    public SSLLayeringStrategy(TrustStrategy trustStrategy) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        this("TLS", null, null, null, null, trustStrategy, new BrowserCompatHostnameVerifier());
    }

    public SSLLayeringStrategy(SSLContext sSLContext, X509HostnameVerifier x509HostnameVerifier) {
        this.sslContext = sSLContext;
        this.hostnameVerifier = x509HostnameVerifier;
    }

    public SSLLayeringStrategy(SSLContext sSLContext) {
        this(sSLContext, new BrowserCompatHostnameVerifier());
    }

    @Override // io.hops.hudi.org.apache.http.nio.conn.scheme.LayeringStrategy
    public boolean isSecure() {
        return true;
    }

    @Override // io.hops.hudi.org.apache.http.nio.conn.scheme.LayeringStrategy
    public SSLIOSession layer(IOSession iOSession) {
        SSLIOSession sSLIOSession = new SSLIOSession(iOSession, SSLMode.CLIENT, this.sslContext, new SSLSetupHandler() { // from class: io.hops.hudi.org.apache.http.nio.conn.ssl.SSLLayeringStrategy.1
            @Override // io.hops.hudi.org.apache.http.nio.reactor.ssl.SSLSetupHandler
            public void initalize(SSLEngine sSLEngine) throws SSLException {
                SSLLayeringStrategy.this.initializeEngine(sSLEngine);
            }

            @Override // io.hops.hudi.org.apache.http.nio.reactor.ssl.SSLSetupHandler
            public void verify(IOSession iOSession2, SSLSession sSLSession) throws SSLException {
                SSLLayeringStrategy.this.verifySession(iOSession2, sSLSession);
            }
        });
        iOSession.setAttribute(SSLIOSession.SESSION_KEY, sSLIOSession);
        return sSLIOSession;
    }

    protected void initializeEngine(SSLEngine sSLEngine) {
    }

    protected void verifySession(IOSession iOSession, SSLSession sSLSession) throws SSLException {
        InetSocketAddress inetSocketAddress = (InetSocketAddress) iOSession.getRemoteAddress();
        this.hostnameVerifier.verify(inetSocketAddress.getHostName(), (X509Certificate) sSLSession.getPeerCertificates()[0]);
    }
}
