package com.cloudera.keytrustee.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/keytrustee/util/SSLClientChannelInitializer.class */
public class SSLClientChannelInitializer {
    public static final String KEYSTORE_TYPE = "jks";
    private static Logger LOG = LoggerFactory.getLogger(SSLClientChannelInitializer.class);
    private boolean realTrust;
    private boolean verifyHostname;
    private SecureRandom secureRandom;
    private String sslVersion;
    private String trustManagerFactoryName;
    private KeyStore truststore;

    public boolean isRealTrust() {
        return this.realTrust;
    }

    public boolean isVerifyHostname() {
        return this.verifyHostname;
    }

    public SecureRandom getSecureRandom() {
        return this.secureRandom;
    }

    public String getSslVersion() {
        return this.sslVersion;
    }

    public KeyStore getTruststore() {
        return this.truststore;
    }

    public String getTrustManagerFactoryName() {
        return this.trustManagerFactoryName;
    }

    public SSLClientChannelInitializer(boolean z, boolean z2, SecureRandom secureRandom, String str, String str2, KeyStore keyStore) {
        this.realTrust = false;
        this.verifyHostname = false;
        this.secureRandom = null;
        this.sslVersion = null;
        this.trustManagerFactoryName = null;
        this.truststore = null;
        this.realTrust = z;
        this.verifyHostname = z2;
        this.secureRandom = secureRandom;
        this.sslVersion = str;
        this.trustManagerFactoryName = str2;
        this.truststore = keyStore;
    }

    public SSLClientChannelInitializer(TLSConfiguration tLSConfiguration) {
        this.realTrust = false;
        this.verifyHostname = false;
        this.secureRandom = null;
        this.sslVersion = null;
        this.trustManagerFactoryName = null;
        this.truststore = null;
        if (null == tLSConfiguration) {
            this.realTrust = false;
            this.verifyHostname = false;
            this.secureRandom = new SecureRandom();
            this.sslVersion = "TLSv1.2";
            this.trustManagerFactoryName = "SunX509";
            return;
        }
        this.realTrust = tLSConfiguration.isTLSEnabledInCM();
        this.verifyHostname = tLSConfiguration.isTLSHostnameVerificationDesired();
        this.secureRandom = tLSConfiguration.getSecureRandom();
        this.sslVersion = tLSConfiguration.getSSLVersion();
        this.trustManagerFactoryName = tLSConfiguration.getTrustManagerFactoryName();
        this.truststore = createTrustStore(tLSConfiguration.getTLSTrustStoreFile());
    }

    private KeyStore createTrustStore(String str) {
        KeyStore keyStore = null;
        try {
            keyStore = KeyStore.getInstance("jks");
        } catch (KeyStoreException e) {
            LOG.error("Could not create client trust store object", e);
        }
        File file = new File(str);
        if (file.exists()) {
            LOG.info("Using client truststore found at [" + str + "].");
            try {
                keyStore.load(new FileInputStream(file), null);
            } catch (IOException | NoSuchAlgorithmException | CertificateException e2) {
                LOG.error("Could not load trust store file [" + file + "].", e2);
            }
        }
        return keyStore;
    }
}
