package org.gluu.oxtrust.util;

import java.io.FileInputStream;
import java.security.KeyStore;
import javax.inject.Inject;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.apache.commons.httpclient.HttpClientError;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.oxtrust.ldap.service.EncryptionService;
import org.gluu.util.EasySSLProtocolSocketFactory;
import org.gluu.util.EasyX509TrustManager;
import org.slf4j.Logger;

/* loaded from: input_file:org/gluu/oxtrust/util/EasyCASSLProtocolSocketFactory.class */
public class EasyCASSLProtocolSocketFactory extends EasySSLProtocolSocketFactory {

    @Inject
    private Logger log;

    @Inject
    private EncryptionService encryptionService;

    @Inject
    private AppConfiguration appConfiguration;

    protected SSLContext createEasySSLContext(AppConfiguration appConfiguration) {
        try {
            String caCertsPassphrase = appConfiguration.getCaCertsPassphrase();
            char[] cArr = null;
            if (caCertsPassphrase != null) {
                cArr = this.encryptionService.decrypt(caCertsPassphrase).toCharArray();
            }
            KeyStore keyStore = null;
            String caCertsLocation = appConfiguration.getCaCertsLocation();
            if (caCertsLocation != null) {
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                FileInputStream fileInputStream = new FileInputStream(caCertsLocation);
                keyStore.load(fileInputStream, cArr);
                fileInputStream.close();
            }
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, new TrustManager[]{new EasyX509TrustManager(keyStore)}, null);
            return sSLContext;
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
            throw new HttpClientError(e.toString());
        }
    }
}
