package org.wcc.framework.business.ssl;

import io.netty.util.internal.SystemPropertyUtil;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.wcc.framework.AppProperties;
import org.wcc.framework.AppRuntimeException;
import org.wcc.framework.log.AppLogger;
import org.wcc.framework.util.OtherUtil;
import org.wcc.framework.util.encrypt.PasswordUtil;

/* loaded from: input_file:org/wcc/framework/business/ssl/SecureSslClientContextFactory.class */
public class SecureSslClientContextFactory {
    private static final AppLogger LOGGER = AppLogger.getInstance((Class<?>) SecureSslClientContextFactory.class);
    private static final String PROTOCOL = "TLS";
    private static final SSLContext CLIENT_CONTEXT;

    public static SSLContext getClientContext() {
        return CLIENT_CONTEXT;
    }

    static {
        InputStream inputStream;
        String str = SystemPropertyUtil.get("ssl.KeyManagerFactory.algorithm");
        if (str == null) {
            str = "SunX509";
        }
        try {
            try {
                FileInputStream fileInputStream = new FileInputStream(OtherUtil.getFileAbsPath(AppProperties.get("ssl_client_trust_key_store")));
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(fileInputStream, PasswordUtil.decryptByAes256(AppProperties.get("ssl_client_trust_key_store_password")).toCharArray());
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                if (Boolean.parseBoolean(AppProperties.get("ssl_need_client_auth", "false"))) {
                    String fileAbsPath = OtherUtil.getFileAbsPath(AppProperties.get("ssl_client_key_store"));
                    fileInputStream.close();
                    fileInputStream = new FileInputStream(fileAbsPath);
                    KeyStore keyStore2 = KeyStore.getInstance("JKS");
                    keyStore2.load(fileInputStream, PasswordUtil.decryptByAes256(AppProperties.get("ssl_client_key_store_password")).toCharArray());
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(str);
                    keyManagerFactory.init(keyStore2, PasswordUtil.decryptByAes256(AppProperties.get("ssl_client_key_store_password")).toCharArray());
                    sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                } else {
                    sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                }
                if (null != fileInputStream) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        LOGGER.error("Failed to Close InputStream");
                    }
                }
                CLIENT_CONTEXT = sSLContext;
            } catch (Exception e2) {
                LOGGER.error("Failed to initialize the client-side SSLContext");
                throw new AppRuntimeException("Failed to initialize the client-side SSLContext");
            }
        } finally {
            if (null != inputStream) {
                try {
                    inputStream.close();
                } catch (IOException e3) {
                    LOGGER.error("Failed to Close InputStream");
                }
            }
        }
    }
}
