package org.exist.util;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:WEB-INF/lib/exist-core-3.0.RC1.jar:org/exist/util/SSLHelper.class */
public class SSLHelper {
    private static final Logger LOG = LogManager.getLogger((Class<?>) SSLHelper.class);
    private static TrustManager[] nonvalidatingTrustManager = null;
    private static HostnameVerifier dummyHostnameVerifier = null;

    private SSLHelper() {
    }

    private static void createTrustManager() {
        if (nonvalidatingTrustManager == null) {
            nonvalidatingTrustManager = new TrustManager[]{new X509TrustManager() { // from class: org.exist.util.SSLHelper.1
                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }
            }};
        }
    }

    private static void createHostnameVerifier() {
        if (dummyHostnameVerifier == null) {
            dummyHostnameVerifier = new HostnameVerifier() { // from class: org.exist.util.SSLHelper.2
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }
            };
        }
    }

    public static boolean initialize(boolean z, boolean z2) {
        createTrustManager();
        createHostnameVerifier();
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            if (z) {
                try {
                    LOG.debug("Installing SSL trust manager");
                    sSLContext.init(null, nonvalidatingTrustManager, new SecureRandom());
                } catch (KeyManagementException e) {
                    LOG.error("Unable to initialize keychain validation.", (Throwable) e);
                    return false;
                }
            }
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
            if (z2) {
                return true;
            }
            LOG.debug("Registering hostname verifier");
            HttpsURLConnection.setDefaultHostnameVerifier(dummyHostnameVerifier);
            return true;
        } catch (NoSuchAlgorithmException e2) {
            LOG.error("Unable to initialize SSL.", (Throwable) e2);
            return false;
        }
    }

    public static boolean initialize() {
        return initialize(true, false);
    }
}
