package org.gradle.internal.resource.transport.http;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.security.KeyStore;
import javax.annotation.Nullable;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.gradle.api.NonNullApi;
import org.gradle.api.logging.Logger;
import org.gradle.api.logging.Logging;
import org.gradle.launcher.daemon.configuration.DaemonJvmOptions;

@NonNullApi
/* loaded from: input_file:org/gradle/internal/resource/transport/http/SystemDefaultSSLContextFactory.class */
public class SystemDefaultSSLContextFactory {
    private static final String NONE = "NONE";
    private static final String P11KEYSTORE = "PKCS11";
    private static final Logger LOGGER = Logging.getLogger(SystemDefaultSSLContextFactory.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSLContext create() throws Exception {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(getKeyManagers(), getTrustManagers(), null);
        return sSLContext;
    }

    private static KeyManager[] getKeyManagers() throws Exception {
        String property = System.getProperty(DaemonJvmOptions.SSL_KEYSTORE_KEY, "");
        String property2 = System.getProperty(DaemonJvmOptions.SSL_KEYSTORETYPE_KEY, KeyStore.getDefaultType());
        String property3 = System.getProperty("javax.net.ssl.keyStoreProvider", "");
        String property4 = System.getProperty(DaemonJvmOptions.SSL_KEYSTOREPASSWORD_KEY, "");
        if (P11KEYSTORE.equals(property2) && !"NONE".equals(property)) {
            throw new IllegalArgumentException("if keyStoreType is PKCS11, then keyStore must be NONE");
        }
        char[] cArr = null;
        if (!property4.isEmpty()) {
            cArr = property4.toCharArray();
        }
        KeyStore loadKeyStore = loadKeyStore(property, property2, property3, cArr, true);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        if (P11KEYSTORE.equals(property2)) {
            keyManagerFactory.init(loadKeyStore, null);
        } else {
            keyManagerFactory.init(loadKeyStore, cArr);
        }
        return keyManagerFactory.getKeyManagers();
    }

    @Nullable
    private static KeyStore loadKeyStore(String str, String str2, String str3, @Nullable char[] cArr, boolean z) throws Exception {
        if (str2.isEmpty()) {
            return null;
        }
        KeyStore keyStore = str3.isEmpty() ? KeyStore.getInstance(str2) : KeyStore.getInstance(str2, str3);
        if (str.isEmpty() || "NONE".equals(str)) {
            keyStore.load(null, cArr);
        } else {
            try {
                FileInputStream fileInputStream = new FileInputStream(str);
                try {
                    keyStore.load(fileInputStream, cArr);
                    fileInputStream.close();
                } finally {
                }
            } catch (FileNotFoundException e) {
                if (z) {
                    throw e;
                }
                return null;
            }
        }
        return keyStore;
    }

    private static String getDefaultSecurityPath() {
        return System.getProperty("java.home") + File.separator + "lib" + File.separator + "security";
    }

    private static String getDefaultTrustStore() {
        return getDefaultSecurityPath() + File.separator + "cacerts";
    }

    private static String getDefaultJsseTrustStore() {
        return getDefaultSecurityPath() + File.separator + "jssecacerts";
    }

    private static TrustManager[] getTrustManagers() throws Exception {
        String property = System.getProperty(DaemonJvmOptions.SSL_TRUSTSTORE_KEY, getDefaultJsseTrustStore());
        String property2 = System.getProperty(DaemonJvmOptions.SSL_TRUSTSTORETYPE_KEY, KeyStore.getDefaultType());
        String property3 = System.getProperty("javax.net.ssl.trustStoreProvider", "");
        String property4 = System.getProperty(DaemonJvmOptions.SSL_TRUSTPASSWORD_KEY, "");
        KeyStore keyStore = null;
        if (!"NONE".equals(property)) {
            String[] strArr = {property, getDefaultTrustStore()};
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str = strArr[i];
                File file = new File(str);
                if (file.isFile() && file.canRead()) {
                    property = str;
                    break;
                }
                if (!str.equals(getDefaultJsseTrustStore())) {
                    LOGGER.warn("Trust store file {} does not exist or is not readable. This may lead to SSL connection failures.", str);
                }
                i++;
            }
            char[] cArr = null;
            if (!property4.isEmpty()) {
                cArr = property4.toCharArray();
            }
            keyStore = loadKeyStore(property, property2, property3, cArr, false);
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }
}
