package com.hazelcast.internal.nio.ssl;

import com.hazelcast.internal.nio.IOUtil;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Objects;
import java.util.Properties;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:com/hazelcast/internal/nio/ssl/SSLEngineFactorySupport.class */
public abstract class SSLEngineFactorySupport {
    public static final String JAVA_NET_SSL_PREFIX = "javax.net.ssl.";
    protected static final String PROP_KEY_MATERIAL_DURATION = "keyMaterialDuration";
    protected static final String PROP_PROTOCOL = "protocol";
    protected static final String PROP_TRUST_STORE_TYPE = "trustStoreType";
    protected static final String PROP_TRUST_MANAGER_ALGORITHM = "trustManagerAlgorithm";
    protected static final String PROP_TRUST_STORE_PASSWORD = "trustStorePassword";
    protected static final String PROP_TRUST_STORE = "trustStore";
    protected static final String PROP_KEY_STORE_TYPE = "keyStoreType";
    protected static final String PROP_KEY_MANAGER_ALGORITHM = "keyManagerAlgorithm";
    protected static final String PROP_KEY_STORE = "keyStore";
    protected static final String PROP_KEY_STORE_PASSWORD = "keyStorePassword";
    protected static final String PROP_FORCE_CERT_VALIDATION = "forceCertValidation";
    protected final Properties properties = new Properties();
    protected volatile String protocol;
    protected volatile Duration keyMaterialDuration;
    protected volatile String keyStorePassword;
    protected volatile String keyStore;
    protected volatile String keyManagerAlgorithm;
    protected volatile String keyStoreType;
    protected volatile String trustStore;
    protected volatile String trustStorePassword;
    protected volatile String trustManagerAlgorithm;
    protected volatile String trustStoreType;
    private volatile KeyMaterialHolder keyMaterial;

    /* loaded from: input_file:com/hazelcast/internal/nio/ssl/SSLEngineFactorySupport$KeyMaterial.class */
    public interface KeyMaterial {
        KeyManagerFactory getKeyManagerFactory();

        TrustManagerFactory getTrustManagerFactory();
    }

    /* loaded from: input_file:com/hazelcast/internal/nio/ssl/SSLEngineFactorySupport$KeyMaterialHolder.class */
    protected static final class KeyMaterialHolder implements KeyMaterial {
        private final Instant validityEnd;
        private final KeyManagerFactory keyManagerFactory;
        private final TrustManagerFactory trustManagerFactory;

        public KeyMaterialHolder(Instant instant, KeyManagerFactory keyManagerFactory, TrustManagerFactory trustManagerFactory) {
            this.validityEnd = (Instant) Objects.requireNonNull(instant);
            this.keyManagerFactory = keyManagerFactory;
            this.trustManagerFactory = trustManagerFactory;
        }

        private boolean isValid() {
            return Instant.now().isBefore(this.validityEnd);
        }

        @Override // com.hazelcast.internal.nio.ssl.SSLEngineFactorySupport.KeyMaterial
        public KeyManagerFactory getKeyManagerFactory() {
            return this.keyManagerFactory;
        }

        @Override // com.hazelcast.internal.nio.ssl.SSLEngineFactorySupport.KeyMaterial
        public TrustManagerFactory getTrustManagerFactory() {
            return this.trustManagerFactory;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void load(Properties properties) throws Exception {
        this.properties.clear();
        this.properties.putAll(properties);
        this.keyStorePassword = getProperty(properties, PROP_KEY_STORE_PASSWORD);
        this.keyStore = getProperty(properties, PROP_KEY_STORE);
        this.keyManagerAlgorithm = getProperty(properties, PROP_KEY_MANAGER_ALGORITHM, KeyManagerFactory.getDefaultAlgorithm());
        String defaultType = KeyStore.getDefaultType();
        this.keyStoreType = getProperty(properties, PROP_KEY_STORE_TYPE, defaultType);
        this.trustStore = getProperty(properties, PROP_TRUST_STORE);
        this.trustStorePassword = getProperty(properties, PROP_TRUST_STORE_PASSWORD);
        this.trustManagerAlgorithm = getProperty(properties, PROP_TRUST_MANAGER_ALGORITHM, TrustManagerFactory.getDefaultAlgorithm());
        this.trustStoreType = getProperty(properties, PROP_TRUST_STORE_TYPE, defaultType);
        this.protocol = getProperty(properties, PROP_PROTOCOL, "TLS");
        this.keyMaterialDuration = Duration.parse(getProperty(properties, PROP_KEY_MATERIAL_DURATION, "PT-1S"));
        if (this.keyMaterialDuration.isNegative()) {
            this.keyMaterial = new KeyMaterialHolder(Instant.MAX, loadKeyManagerFactory(this.keyStorePassword, this.keyStore, this.keyManagerAlgorithm, this.keyStoreType), loadTrustManagerFactory(this.trustStorePassword, this.trustStore, this.trustManagerAlgorithm, this.trustStoreType));
        } else {
            this.keyMaterial = new KeyMaterialHolder(Instant.MIN, null, null);
        }
    }

    public KeyMaterial getKeyMaterial() throws IOException, GeneralSecurityException {
        if (this.keyMaterialDuration.isNegative()) {
            return this.keyMaterial;
        }
        KeyMaterialHolder keyMaterialHolder = this.keyMaterial;
        if (!keyMaterialHolder.isValid()) {
            keyMaterialHolder = new KeyMaterialHolder(Instant.now().plus((TemporalAmount) this.keyMaterialDuration), loadKeyManagerFactory(this.keyStorePassword, this.keyStore, this.keyManagerAlgorithm, this.keyStoreType), loadTrustManagerFactory(this.trustStorePassword, this.trustStore, this.trustManagerAlgorithm, this.trustStoreType));
            if (!this.keyMaterialDuration.isZero()) {
                this.keyMaterial = keyMaterialHolder;
            }
        }
        return keyMaterialHolder;
    }

    public static TrustManagerFactory loadTrustManagerFactory(String str, String str2, String str3, String str4) throws IOException, GeneralSecurityException {
        if (str2 == null) {
            return null;
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(str3);
        KeyStore keyStore = KeyStore.getInstance(str4);
        loadKeyStore(keyStore, str == null ? null : str.toCharArray(), str2);
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    public static KeyManagerFactory loadKeyManagerFactory(String str, String str2, String str3, String str4) throws IOException, GeneralSecurityException {
        if (str2 == null) {
            return null;
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(str3);
        char[] charArray = str == null ? null : str.toCharArray();
        KeyStore keyStore = KeyStore.getInstance(str4);
        loadKeyStore(keyStore, charArray, str2);
        keyManagerFactory.init(keyStore, charArray);
        return keyManagerFactory;
    }

    public static void loadKeyStore(KeyStore keyStore, char[] cArr, String str) throws IOException, NoSuchAlgorithmException, CertificateException {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            keyStore.load(fileInputStream, cArr);
            IOUtil.closeResource(fileInputStream);
        } catch (Throwable th) {
            IOUtil.closeResource(fileInputStream);
            throw th;
        }
    }

    public static String getProperty(Properties properties, String str) {
        String property = properties.getProperty(str);
        if (property == null) {
            property = properties.getProperty("javax.net.ssl." + str);
        }
        if (property == null) {
            property = System.getProperty("javax.net.ssl." + str);
        }
        return property;
    }

    public static String getProperty(Properties properties, String str, String str2) {
        String property = getProperty(properties, str);
        return property != null ? property : str2;
    }
}
