package de.betterform.connector.http.ssl;

import de.betterform.connector.http.AbstractHTTPConnector;
import de.betterform.xml.config.Config;
import de.betterform.xml.config.XFormsConfigException;
import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.apache.batik.apps.svgbrowser.Main;
import org.apache.commons.httpclient.contrib.ssl.AuthSSLInitializationError;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/betterform-exist-5.1-SNAPSHOT-20160615.jar:de/betterform/connector/http/ssl/KeyStoreSSLContext.class */
public class KeyStoreSSLContext {
    private SSLContext sslcontext = null;
    private static String keyStorePath = null;
    private static String keyStorePasswd = null;
    private static Log LOGGER = LogFactory.getLog(KeyStoreSSLContext.class);

    public KeyStoreSSLContext() {
        try {
            keyStorePath = Config.getInstance().getProperty(AbstractHTTPConnector.HTTPCLIENT_SSL_KEYSTORE_PATH, null);
            keyStorePasswd = Config.getInstance().getProperty(AbstractHTTPConnector.HTTPCLIENT_SSL_KEYSTORE_PASSWD, null);
        } catch (XFormsConfigException e) {
            LOGGER.warn(e.getLocalizedMessage(), e);
        }
    }

    private URL getKeyStoreURL() throws AuthSSLInitializationError {
        if (keyStorePath == null) {
            throw new AuthSSLInitializationError("You must configure httpclient.ssl.keystore.path in betterform-config.xml!");
        }
        try {
            return (keyStorePath.startsWith(File.separator) ? new File(keyStorePath) : new File(System.getProperty(Main.PROPERTY_USER_HOME) + File.separator + keyStorePath)).toURI().toURL();
        } catch (MalformedURLException e) {
            LOGGER.error("Wrong Syntax in httpclient.ssl.keystore.path", e);
            throw new AuthSSLInitializationError("Wrong Syntax in httpclient.ssl.keystore.path");
        }
    }

    private String getKeyStorePasswd() throws AuthSSLInitializationError {
        if (keyStorePasswd != null) {
            return keyStorePasswd;
        }
        throw new AuthSSLInitializationError("You must configure httpclient.ssl.keystore.passwd in betterform-config.xml!");
    }

    private SSLContext createSSLContext() {
        try {
            TrustManager[] trustManagerArr = null;
            KeyManager[] keyManagerArr = null;
            if (getKeyStoreURL() != null) {
                BetterFORMKeyStoreManager betterFORMKeyStoreManager = new BetterFORMKeyStoreManager();
                betterFORMKeyStoreManager.addCustomX509KeyManager(getKeyStoreURL(), getKeyStorePasswd());
                keyManagerArr = new KeyManager[]{betterFORMKeyStoreManager};
                BetterFORMTrustManager betterFORMTrustManager = new BetterFORMTrustManager();
                betterFORMTrustManager.addCustomX509TrustManager(getKeyStoreURL(), getKeyStorePasswd());
                trustManagerArr = betterFORMTrustManager.getTrustManagers();
            }
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(keyManagerArr, trustManagerArr, null);
            return sSLContext;
        } catch (IOException e) {
            LOGGER.error(e.getMessage(), e);
            throw new AuthSSLInitializationError("I/O error reading keystore/truststore file: " + e.getMessage());
        } catch (KeyStoreException e2) {
            LOGGER.error(e2.getMessage(), e2);
            throw new AuthSSLInitializationError("Keystore exception: " + e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            LOGGER.error(e3.getMessage(), e3);
            throw new AuthSSLInitializationError("Unsupported algorithm exception: " + e3.getMessage());
        } catch (GeneralSecurityException e4) {
            LOGGER.error(e4.getMessage(), e4);
            throw new AuthSSLInitializationError("Key management exception: " + e4.getMessage());
        }
    }

    public SSLContext getSSLContext() {
        if (this.sslcontext == null) {
            this.sslcontext = createSSLContext();
        }
        return this.sslcontext;
    }
}
