package dm.jdbc.a.c;

import dm.jdbc.driver.DmdbConnection;
import dm.jdbc.util.StringUtil;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.tomcat.util.net.Constants;

/* loaded from: input_file:BOOT-INF/lib/DmJdbcDriver8-8.1.4.93.jar:dm/jdbc/a/c/a.class */
public class a extends d {
    public static String fB = "SunX509";
    public static String gj = "JKS";
    public static List<String> gk = new ArrayList();
    public static String gl;
    private KeyStore gm = null;
    private String gn = "changeit";

    static {
        gl = "TLSv1";
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, null, null);
            String[] supportedProtocols = ((SSLSocket) sSLContext.getSocketFactory().createSocket()).getSupportedProtocols();
            String property = Security.getProperty("jdk.tls.disabledAlgorithms");
            String[] split = StringUtil.isNotEmpty(property) ? property.split(", ") : null;
            for (String str : new String[]{"TLSv1", "TLSv1.1", "TLSv1.2", Constants.SSL_PROTO_TLSv1_3}) {
                if (StringUtil.containsIgnoreCase(supportedProtocols, str) && !StringUtil.containsIgnoreCase(split, str)) {
                    gk.add(str);
                }
            }
            if (gk.size() > 0) {
                gl = gk.get(0);
            }
        } catch (Exception unused) {
        }
    }

    public a(DmdbConnection dmdbConnection) throws Exception {
        if (dmdbConnection.sslEncrypt != 4) {
            i(dmdbConnection);
        }
        j(dmdbConnection);
    }

    private void i(DmdbConnection dmdbConnection) throws Exception {
        FileInputStream fileInputStream = null;
        try {
            this.gm = KeyStore.getInstance(gj);
            String str = dmdbConnection.user;
            if (StringUtil.isNotEmpty(dmdbConnection.sslKeystorePass)) {
                this.gn = dmdbConnection.sslKeystorePass;
            }
            fileInputStream = new FileInputStream(c(dmdbConnection.sslFilesPath, str));
            this.gm.load(fileInputStream, this.gn.toCharArray());
            if (!i(((X509Certificate) this.gm.getCertificate("1")).getSubjectDN().getName()).equals(str)) {
                throw new KeyStoreException();
            }
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private String i(String str) {
        int indexOf = str.indexOf("CN=");
        return str.substring(indexOf + "CN=".length(), str.indexOf(",", indexOf));
    }

    private String c(String str, String str2) {
        if (StringUtil.isEmpty(str)) {
            str = String.valueOf(System.getProperty("DM_HOME")) + File.separator + "bin" + File.separator + "client_ssl" + File.separator + str2;
        }
        if (new File(str).isDirectory()) {
            str = String.valueOf(str) + File.separator + ".keystore";
        }
        return str;
    }

    private void j(DmdbConnection dmdbConnection) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        try {
            Security.addProvider((Provider) Class.forName("com.sun.net.ssl.internal.ssl.Provider").newInstance());
        } catch (Throwable unused) {
        }
        SSLContext sSLContext = SSLContext.getInstance(gl);
        if (dmdbConnection.sslEncrypt == 4) {
            sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: dm.jdbc.a.c.a.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            }}, new SecureRandom());
        } else {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(fB);
            keyManagerFactory.init(this.gm, this.gn.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(fB);
            trustManagerFactory.init(this.gm);
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        }
        this.gr = sSLContext.getSocketFactory();
    }
}
