package org.thingsboard.rule.engine.mqtt.azure;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Optional;
import javax.net.ssl.TrustManagerFactory;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.thingsboard.common.util.AzureIotHubUtil;
import org.thingsboard.mqtt.MqttClientConfig;
import org.thingsboard.rule.engine.mqtt.credentials.MqttClientCredentials;

@JsonIgnoreProperties(ignoreUnknown = true)
/* loaded from: input_file:org/thingsboard/rule/engine/mqtt/azure/AzureIotHubSasCredentials.class */
public class AzureIotHubSasCredentials implements MqttClientCredentials {
    private static final Logger log = LoggerFactory.getLogger(AzureIotHubSasCredentials.class);
    private String sasKey;
    private String caCert;

    @Override // org.thingsboard.rule.engine.mqtt.credentials.MqttClientCredentials
    public Optional<SslContext> initSslContext() {
        try {
            Security.addProvider(new BouncyCastleProvider());
            if (this.caCert == null || this.caCert.isEmpty()) {
                this.caCert = AzureIotHubUtil.getDefaultCaCert();
            }
            return Optional.of(SslContextBuilder.forClient().trustManager(createAndInitTrustManagerFactory()).clientAuth(ClientAuth.REQUIRE).build());
        } catch (Exception e) {
            log.error("[{}] Creating TLS factory failed!", this.caCert, e);
            throw new RuntimeException("Creating TLS factory failed!", e);
        }
    }

    @Override // org.thingsboard.rule.engine.mqtt.credentials.MqttClientCredentials
    public void configure(MqttClientConfig mqttClientConfig) {
    }

    private TrustManagerFactory createAndInitTrustManagerFactory() throws Exception {
        X509Certificate readCertFile = readCertFile(this.caCert);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry("caCert-cert", readCertFile);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    private X509Certificate readCertFile(String str) throws Exception {
        X509Certificate x509Certificate = null;
        if (str != null && !str.trim().isEmpty()) {
            x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decodeBase64(str.replace("-----BEGIN CERTIFICATE-----", "").replace("-----END CERTIFICATE-----", "").replaceAll("\\s", ""))));
        }
        return x509Certificate;
    }

    public String getSasKey() {
        return this.sasKey;
    }

    public String getCaCert() {
        return this.caCert;
    }

    public void setSasKey(String str) {
        this.sasKey = str;
    }

    public void setCaCert(String str) {
        this.caCert = str;
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof AzureIotHubSasCredentials)) {
            return false;
        }
        AzureIotHubSasCredentials azureIotHubSasCredentials = (AzureIotHubSasCredentials) obj;
        if (!azureIotHubSasCredentials.canEqual(this)) {
            return false;
        }
        String sasKey = getSasKey();
        String sasKey2 = azureIotHubSasCredentials.getSasKey();
        if (sasKey == null) {
            if (sasKey2 != null) {
                return false;
            }
        } else if (!sasKey.equals(sasKey2)) {
            return false;
        }
        String caCert = getCaCert();
        String caCert2 = azureIotHubSasCredentials.getCaCert();
        return caCert == null ? caCert2 == null : caCert.equals(caCert2);
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof AzureIotHubSasCredentials;
    }

    public int hashCode() {
        String sasKey = getSasKey();
        int hashCode = (1 * 59) + (sasKey == null ? 43 : sasKey.hashCode());
        String caCert = getCaCert();
        return (hashCode * 59) + (caCert == null ? 43 : caCert.hashCode());
    }

    public String toString() {
        return "AzureIotHubSasCredentials(sasKey=" + getSasKey() + ", caCert=" + getCaCert() + ")";
    }
}
