package be.ehealth.technicalconnector.config.impl;

import be.ehealth.technicalconnector.config.Configuration;
import be.ehealth.technicalconnector.config.ConfigurationModule;
import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.exception.TechnicalConnectorExceptionValues;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/ehealth/technicalconnector/config/impl/ConfigurationModuleSSLVerifier.class */
public class ConfigurationModuleSSLVerifier implements ConfigurationModule {
    private static final Logger LOG = LoggerFactory.getLogger(ConfigurationModuleSSLVerifier.class);
    private SSLSocketFactory oldSSLSocketFactory;

    /* loaded from: input_file:be/ehealth/technicalconnector/config/impl/ConfigurationModuleSSLVerifier$ConnectorTrustManager.class */
    private static class ConnectorTrustManager implements X509TrustManager {
        private ConnectorTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            ConfigurationModuleSSLVerifier.LOG.warn("SSL verifcation disabled! DO NOT USE THIS IN PRODUCTION.");
            ConfigurationModuleSSLVerifier.LOG.debug("getAcceptedIssuers() : empty list");
            return null;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            ConfigurationModuleSSLVerifier.LOG.debug("checkClientTrusted() : authType=" + str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            ConfigurationModuleSSLVerifier.LOG.debug("checkServerTrusted() : authType=" + str);
            for (int i = 0; i < x509CertificateArr.length; i++) {
                ConfigurationModuleSSLVerifier.LOG.debug("Server Certificate to be checked " + i + " : " + x509CertificateArr[i].getSubjectX500Principal().getName("RFC1779") + "with issuer:" + x509CertificateArr[i].getIssuerX500Principal().getName("RFC1779"));
            }
        }
    }

    @Override // be.ehealth.technicalconnector.config.ConfigurationModule
    public void init(Configuration configuration) throws TechnicalConnectorException {
        LOG.debug("Initializing ConfigurationModule " + getClass().getName());
        LOG.warn("Activating bypass: SSL verifcation. DO NOT USE THIS IN PRODUCTION.");
        TrustManager[] trustManagerArr = {new ConnectorTrustManager()};
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            this.oldSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        } catch (Exception e) {
            throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.ERROR_GENERAL, e, e.getMessage());
        }
    }

    @Override // be.ehealth.technicalconnector.config.ConfigurationModule
    public void unload() throws TechnicalConnectorException {
        LOG.debug("Unloading ConfigurationModule " + getClass().getName());
        HttpsURLConnection.setDefaultSSLSocketFactory(this.oldSSLSocketFactory);
    }
}
