package com.kingbase8.ssl;

import com.kingbase8.util.GT;
import com.kingbase8.util.TraceLogger;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.UUID;
import java.util.logging.Level;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.tomcat.util.net.Constants;
import org.codehaus.groovy.control.CompilerConfiguration;

/* loaded from: input_file:BOOT-INF/lib/kingbase8-8.6.0.jar:com/kingbase8/ssl/SingleCertValidatingFactory.class */
public class SingleCertValidatingFactory extends WrappedFactory {
    private static final String CLASSPATH_PREFIX = "classpath:";
    private static final String SYS_PROP_PREFIX = "sys:";
    private static final String ENV_PREFIX = "env:";
    private static final String FILE_PREFIX = "file:";

    /* loaded from: input_file:BOOT-INF/lib/kingbase8-8.6.0.jar:com/kingbase8/ssl/SingleCertValidatingFactory$SingleCertTrustManager.class */
    public static class SingleCertTrustManager implements X509TrustManager {
        X509TrustManager trustMg;
        X509Certificate certificate;

        public SingleCertTrustManager(InputStream inputStream) throws IOException, GeneralSecurityException {
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            keyStore.load(null);
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            this.certificate = (X509Certificate) certificateFactory.generateCertificate(inputStream);
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            keyStore.setCertificateEntry(UUID.randomUUID().toString(), this.certificate);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    this.trustMg = (X509TrustManager) trustManager;
                    break;
                }
                i++;
            }
            if (this.trustMg == null) {
                TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                throw new GeneralSecurityException(GT.tr("No X509TrustManager found", new Object[0]));
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            this.trustMg.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            return new X509Certificate[]{this.certificate};
        }
    }

    /* JADX WARN: Finally extract failed */
    public SingleCertValidatingFactory(String str) throws GeneralSecurityException {
        InputStream byteArrayInputStream;
        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
        if (str == null || str.equals("")) {
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            throw new GeneralSecurityException(GT.tr("The sslfactoryarg prop may not be empty.", new Object[0]));
        }
        InputStream inputStream = null;
        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
        try {
            try {
                TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                if (str.startsWith("file:")) {
                    String substring = str.substring("file:".length());
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    byteArrayInputStream = new BufferedInputStream(new FileInputStream(substring));
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                } else if (str.startsWith("classpath:")) {
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    String substring2 = str.substring("classpath:".length());
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    byteArrayInputStream = new BufferedInputStream(Thread.currentThread().getContextClassLoader().getResourceAsStream(substring2));
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                } else if (str.startsWith(ENV_PREFIX)) {
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    String str2 = System.getenv(str.substring(ENV_PREFIX.length()));
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    if (str2 == null || "".equals(str2)) {
                        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                        throw new GeneralSecurityException(GT.tr("The environment variable containing the server's SSL certificateificate must not be empty.", new Object[0]));
                    }
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    byteArrayInputStream = new ByteArrayInputStream(str2.getBytes(CompilerConfiguration.DEFAULT_SOURCE_ENCODING));
                } else if (str.startsWith(SYS_PROP_PREFIX)) {
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    String property = System.getProperty(str.substring(SYS_PROP_PREFIX.length()));
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    if (property == null || "".equals(property)) {
                        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                        throw new GeneralSecurityException(GT.tr("The system prop containing the server's SSL certificateificate must not be empty.", new Object[0]));
                    }
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    byteArrayInputStream = new ByteArrayInputStream(property.getBytes(CompilerConfiguration.DEFAULT_SOURCE_ENCODING));
                } else {
                    if (!str.startsWith("-----BEGIN CERTIFICATE-----")) {
                        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                        throw new GeneralSecurityException(GT.tr("The sslfactoryarg prop must start with the prefix file:, classpath:, env:, sys:, or -----BEGIN CERTIFICATE-----.", new Object[0]));
                    }
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    byteArrayInputStream = new ByteArrayInputStream(str.getBytes(CompilerConfiguration.DEFAULT_SOURCE_ENCODING));
                }
                TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                SSLContext sSLContext = SSLContext.getInstance(Constants.SSL_PROTO_TLS);
                TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                sSLContext.init(null, new TrustManager[]{new SingleCertTrustManager(byteArrayInputStream)}, null);
                TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                this.sslSocketFactory = sSLContext.getSocketFactory();
                TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                if (byteArrayInputStream != null) {
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    try {
                        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                        byteArrayInputStream.close();
                    } catch (Exception e) {
                        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    }
                }
            } catch (Throwable th) {
                TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                if (0 != 0) {
                    TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    try {
                        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                        inputStream.close();
                    } catch (Exception e2) {
                        TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                    }
                }
                throw th;
            }
        } catch (RuntimeException e3) {
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            throw e3;
        } catch (Exception e4) {
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            if (e4 instanceof GeneralSecurityException) {
                TraceLogger.logLineInfo(Level.ALL, "lineInfo");
                throw ((GeneralSecurityException) e4);
            }
            TraceLogger.logLineInfo(Level.ALL, "lineInfo");
            throw new GeneralSecurityException(GT.tr("An error occurred reading the certificateificate", new Object[0]), e4);
        }
    }
}
