package com.datastax.oss.driver.internal.core.ssl;

import ch.qos.logback.core.net.ssl.SSL;
import com.datastax.oss.driver.api.core.config.DefaultDriverOption;
import com.datastax.oss.driver.api.core.config.DriverExecutionProfile;
import com.datastax.oss.driver.api.core.context.DriverContext;
import com.datastax.oss.driver.api.core.metadata.EndPoint;
import com.datastax.oss.driver.api.core.ssl.SslEngineFactory;
import edu.umd.cs.findbugs.annotations.NonNull;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManagerFactory;
import net.jcip.annotations.ThreadSafe;

/* JADX WARN: Classes with same name are omitted:
  input_file:com/datastax/oss/driver/internal/core/ssl/DefaultSslEngineFactory.class
 */
@ThreadSafe
/* loaded from: input_file:java-driver-core-4.9.0.jar:com/datastax/oss/driver/internal/core/ssl/DefaultSslEngineFactory.class */
public class DefaultSslEngineFactory implements SslEngineFactory {
    private final SSLContext sslContext;
    private final String[] cipherSuites;
    private final boolean requireHostnameValidation;

    public DefaultSslEngineFactory(DriverContext driverContext) {
        DriverExecutionProfile defaultProfile = driverContext.getConfig().getDefaultProfile();
        try {
            this.sslContext = buildContext(defaultProfile);
            if (defaultProfile.isDefined(DefaultDriverOption.SSL_CIPHER_SUITES)) {
                List<String> stringList = defaultProfile.getStringList(DefaultDriverOption.SSL_CIPHER_SUITES);
                this.cipherSuites = (String[]) stringList.toArray(new String[stringList.size()]);
            } else {
                this.cipherSuites = null;
            }
            this.requireHostnameValidation = defaultProfile.getBoolean(DefaultDriverOption.SSL_HOSTNAME_VALIDATION, true);
        } catch (Exception e) {
            throw new IllegalStateException("Cannot initialize SSL Context", e);
        }
    }

    @Override // com.datastax.oss.driver.api.core.ssl.SslEngineFactory
    @NonNull
    public SSLEngine newSslEngine(@NonNull EndPoint endPoint) {
        SSLEngine createSSLEngine;
        SocketAddress resolve = endPoint.resolve();
        if (resolve instanceof InetSocketAddress) {
            InetSocketAddress inetSocketAddress = (InetSocketAddress) resolve;
            createSSLEngine = this.sslContext.createSSLEngine(inetSocketAddress.getHostName(), inetSocketAddress.getPort());
        } else {
            createSSLEngine = this.sslContext.createSSLEngine();
        }
        createSSLEngine.setUseClientMode(true);
        if (this.cipherSuites != null) {
            createSSLEngine.setEnabledCipherSuites(this.cipherSuites);
        }
        if (this.requireHostnameValidation) {
            SSLParameters sSLParameters = createSSLEngine.getSSLParameters();
            sSLParameters.setEndpointIdentificationAlgorithm("HTTPS");
            createSSLEngine.setSSLParameters(sSLParameters);
        }
        return createSSLEngine;
    }

    protected SSLContext buildContext(DriverExecutionProfile driverExecutionProfile) throws Exception {
        InputStream newInputStream;
        if (!driverExecutionProfile.isDefined(DefaultDriverOption.SSL_KEYSTORE_PATH) && !driverExecutionProfile.isDefined(DefaultDriverOption.SSL_TRUSTSTORE_PATH)) {
            return SSLContext.getDefault();
        }
        SSLContext sSLContext = SSLContext.getInstance(SSL.DEFAULT_PROTOCOL);
        TrustManagerFactory trustManagerFactory = null;
        if (driverExecutionProfile.isDefined(DefaultDriverOption.SSL_TRUSTSTORE_PATH)) {
            newInputStream = Files.newInputStream(Paths.get(driverExecutionProfile.getString(DefaultDriverOption.SSL_TRUSTSTORE_PATH), new String[0]), new OpenOption[0]);
            Throwable th = null;
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
                    keyStore.load(newInputStream, driverExecutionProfile.isDefined(DefaultDriverOption.SSL_TRUSTSTORE_PASSWORD) ? driverExecutionProfile.getString(DefaultDriverOption.SSL_TRUSTSTORE_PASSWORD).toCharArray() : null);
                    trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    if (newInputStream != null) {
                        $closeResource(null, newInputStream);
                    }
                } finally {
                }
            } finally {
            }
        }
        KeyManagerFactory keyManagerFactory = null;
        if (driverExecutionProfile.isDefined(DefaultDriverOption.SSL_KEYSTORE_PATH)) {
            newInputStream = Files.newInputStream(Paths.get(driverExecutionProfile.getString(DefaultDriverOption.SSL_KEYSTORE_PATH), new String[0]), new OpenOption[0]);
            Throwable th2 = null;
            try {
                try {
                    KeyStore keyStore2 = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
                    char[] charArray = driverExecutionProfile.isDefined(DefaultDriverOption.SSL_KEYSTORE_PASSWORD) ? driverExecutionProfile.getString(DefaultDriverOption.SSL_KEYSTORE_PASSWORD).toCharArray() : null;
                    keyStore2.load(newInputStream, charArray);
                    keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(keyStore2, charArray);
                    if (newInputStream != null) {
                        $closeResource(null, newInputStream);
                    }
                } finally {
                }
            } finally {
            }
        }
        sSLContext.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, trustManagerFactory != null ? trustManagerFactory.getTrustManagers() : null, new SecureRandom());
        return sSLContext;
    }

    @Override // java.lang.AutoCloseable
    public void close() throws Exception {
    }

    private static /* synthetic */ void $closeResource(Throwable th, AutoCloseable autoCloseable) {
        if (th == null) {
            autoCloseable.close();
            return;
        }
        try {
            autoCloseable.close();
        } catch (Throwable th2) {
            th.addSuppressed(th2);
        }
    }
}
