package com.bes.mq;

import com.bes.enterprise.gmssl.GMKeyStore;
import com.bes.mq.broker.JSSEKeyManager;
import com.bes.mq.broker.SslContext;
import com.bes.mq.org.apache.http.conn.ssl.SSLSocketFactory;
import com.bes.mq.transport.Transport;
import com.bes.mq.util.JMSExceptionSupport;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Locale;
import javax.jms.JMSException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:com/bes/mq/BESMQSslConnectionFactory.class */
public class BESMQSslConnectionFactory extends BESMQConnectionFactory {
    protected String protocol;
    protected String secureRandomAlgorithm;
    protected String keyStoreType;
    protected String trustStoreType;
    protected KeyManager[] keyManager;
    protected TrustManager[] trustManager;
    protected SecureRandom secureRandom;
    protected String trustStore;
    protected String trustStorePassword;
    protected String keyStore;
    protected String keyStorePassword;
    protected String keyStoreKeyPassword;
    protected String certNickName;

    public BESMQSslConnectionFactory() {
        this.protocol = SSLSocketFactory.TLS;
        this.secureRandomAlgorithm = "SHA1PRNG";
        this.keyStoreType = "jks";
        this.trustStoreType = "jks";
    }

    public BESMQSslConnectionFactory(String str) {
        super(str);
        this.protocol = SSLSocketFactory.TLS;
        this.secureRandomAlgorithm = "SHA1PRNG";
        this.keyStoreType = "jks";
        this.trustStoreType = "jks";
    }

    public BESMQSslConnectionFactory(URI uri) {
        super(uri);
        this.protocol = SSLSocketFactory.TLS;
        this.secureRandomAlgorithm = "SHA1PRNG";
        this.keyStoreType = "jks";
        this.trustStoreType = "jks";
    }

    public void setKeyAndTrustManagers(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, SecureRandom secureRandom) {
        this.keyManager = keyManagerArr;
        this.trustManager = trustManagerArr;
        this.secureRandom = secureRandom;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.bes.mq.BESMQConnectionFactory
    public Transport createTransport() throws JMSException {
        SslContext currentSslContext = SslContext.getCurrentSslContext();
        try {
            try {
                if (this.keyStore != null || this.trustStore != null) {
                    this.keyManager = createKeyManager();
                    this.trustManager = createTrustManager();
                }
                if (this.secureRandom == null) {
                    this.secureRandom = createSecureRandom();
                }
                if (this.keyManager != null || this.trustManager != null) {
                    SslContext sslContext = new SslContext(this.keyManager, this.trustManager, this.secureRandom);
                    sslContext.setKeyAlias(this.certNickName);
                    sslContext.setProtocol(this.protocol);
                    sslContext.setSecureRandom(this.secureRandom);
                    SslContext.setCurrentSslContext(sslContext);
                }
                Transport createTransport = super.createTransport();
                SslContext.setCurrentSslContext(currentSslContext);
                return createTransport;
            } catch (Exception e) {
                throw JMSExceptionSupport.create("Could not create Transport. Reason: " + e, e);
            }
        } catch (Throwable th) {
            SslContext.setCurrentSslContext(currentSslContext);
            throw th;
        }
    }

    protected TrustManager[] createTrustManager() throws Exception {
        TrustManager[] trustManagerArr = null;
        KeyStore gMKeyStore = "bks".equalsIgnoreCase(this.trustStoreType) ? GMKeyStore.getInstance() : KeyStore.getInstance(this.trustStoreType);
        if (this.trustStore != null) {
            gMKeyStore.load(getUrlOrResourceAsStream(this.trustStore), this.trustStorePassword.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(gMKeyStore);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        }
        return trustManagerArr;
    }

    protected KeyManager[] createKeyManager() throws Exception {
        byte[] loadClientCredential;
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        KeyStore gMKeyStore = "bks".equalsIgnoreCase(this.keyStoreType) ? GMKeyStore.getInstance() : KeyStore.getInstance(this.keyStoreType);
        KeyManager[] keyManagerArr = null;
        if (this.keyStore != null && (loadClientCredential = loadClientCredential(this.keyStore)) != null && loadClientCredential.length > 0) {
            gMKeyStore.load(new ByteArrayInputStream(loadClientCredential), !isOk(this.keyStorePassword) ? null : this.keyStorePassword.toCharArray());
            keyManagerFactory.init(gMKeyStore, !isOk(this.keyStoreKeyPassword) ? null : this.keyStoreKeyPassword.toCharArray());
            keyManagerArr = keyManagerFactory.getKeyManagers();
        }
        if (keyManagerArr != null && "bks".equalsIgnoreCase(this.keyStoreType)) {
            String str = this.certNickName;
            if ("JKS".equalsIgnoreCase(this.keyStoreType)) {
                str = str.toLowerCase(Locale.ENGLISH);
            }
            for (int i = 0; i < keyManagerArr.length; i++) {
                keyManagerArr[i] = new JSSEKeyManager((X509KeyManager) keyManagerArr[i], str);
            }
        }
        return keyManagerArr;
    }

    protected byte[] loadClientCredential(String str) throws IOException {
        if (str == null) {
            return null;
        }
        InputStream urlOrResourceAsStream = getUrlOrResourceAsStream(str);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[512];
        int read = urlOrResourceAsStream.read(bArr);
        while (true) {
            int i = read;
            if (i <= 0) {
                urlOrResourceAsStream.close();
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, i);
            read = urlOrResourceAsStream.read(bArr);
        }
    }

    protected InputStream getUrlOrResourceAsStream(String str) throws IOException {
        return Utils.tryGetInputStream(str);
    }

    private SecureRandom createSecureRandom() throws NoSuchAlgorithmException {
        return SecureRandom.getInstance(this.secureRandomAlgorithm);
    }

    public String getTrustStore() {
        return this.trustStore;
    }

    public void setTrustStore(String str) throws Exception {
        this.trustStore = str;
        this.trustManager = null;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    public String getKeyStore() {
        return this.keyStore;
    }

    public void setKeyStore(String str) throws Exception {
        this.keyStore = str;
        this.keyManager = null;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    public String getCertNickName() {
        return this.certNickName;
    }

    public void setCertNickName(String str) {
        this.certNickName = str;
    }

    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    public void setKeyStoreType(String str) {
        this.keyStoreType = str;
    }

    public String getTrustStoreType() {
        return this.trustStoreType;
    }

    public void setTrustStoreType(String str) {
        this.trustStoreType = str;
    }

    public String getProtocol() {
        return this.protocol;
    }

    public void setProtocol(String str) {
        this.protocol = str;
    }

    public String getSecureRandomAlgorithm() {
        return this.secureRandomAlgorithm;
    }

    public void setSecureRandomAlgorithm(String str) {
        this.secureRandomAlgorithm = str;
    }

    public String getKeyStoreKeyPassword() {
        return this.keyStoreKeyPassword;
    }

    public void setKeyStoreKeyPassword(String str) {
        this.keyStoreKeyPassword = str;
    }

    private boolean isOk(String str) {
        return str != null && str.length() > 0;
    }
}
