package org.eclipse.net4j.tcp.ssl;

import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.util.Enumeration;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.security.cert.X509Certificate;
import org.eclipse.net4j.internal.tcp.ssl.SSLAcceptorFactory;
import org.eclipse.net4j.internal.tcp.ssl.SSLConnectorFactory;
import org.eclipse.net4j.internal.tcp.ssl.SSLProperties;
import org.eclipse.net4j.tcp.ITCPAcceptor;
import org.eclipse.net4j.tcp.ITCPConnector;
import org.eclipse.net4j.tcp.TCPUtil;
import org.eclipse.net4j.util.container.IManagedContainer;
import org.eclipse.net4j.util.io.IOUtil;
import org.eclipse.net4j.util.om.OMPlatform;

/* loaded from: input_file:org/eclipse/net4j/tcp/ssl/SSLUtil.class */
public class SSLUtil {
    private static final String PROTOCOL = "TLSv1.2";
    private static final String X509_CERTIFICATE_TYPE = "X.509";
    private static String configFile;
    private static String keyPathVar;
    private static String trustPathVar;
    private static String passPhraseVar;
    private static int handShakeTimeOutVar = 12;
    private static int handShakeWaitTimeVar = 60;

    public static synchronized void setDefaultSSLConfiguration(String str, String str2, String str3) {
        keyPathVar = str;
        trustPathVar = str2;
        passPhraseVar = str3;
    }

    public static synchronized void setDefaultSSLConfiguration(String str, String str2, String str3, int i, int i2) {
        setDefaultSSLConfiguration(str, str2, str3);
        handShakeTimeOutVar = i;
        handShakeWaitTimeVar = i2;
    }

    public static synchronized void setSSLConfigurationFile(String str) {
        configFile = str;
    }

    public static synchronized void prepareContainer(IManagedContainer iManagedContainer) {
        TCPUtil.prepareContainer(iManagedContainer);
        iManagedContainer.registerFactory(new SSLAcceptorFactory());
        iManagedContainer.registerFactory(new SSLConnectorFactory());
    }

    public static synchronized ITCPAcceptor getAcceptor(IManagedContainer iManagedContainer, String str) {
        return (ITCPAcceptor) iManagedContainer.getElement("org.eclipse.net4j.acceptors", "ssl", str);
    }

    public static synchronized ITCPConnector getConnector(IManagedContainer iManagedContainer, String str) {
        return (ITCPConnector) iManagedContainer.getElement("org.eclipse.net4j.connectors", "ssl", str);
    }

    public static synchronized SSLEngine createSSLEngine(boolean z, String str, int i) throws Exception {
        SSLProperties sSLProperties = new SSLProperties();
        String keyPath = sSLProperties.getKeyPath();
        String trustPath = sSLProperties.getTrustPath();
        String passPhrase = sSLProperties.getPassPhrase();
        if ((keyPath == null || trustPath == null || passPhrase == null) && configFile != null) {
            sSLProperties.load(configFile);
        }
        if (keyPath == null) {
            keyPath = sSLProperties.getKeyPath();
            if (keyPath == null) {
                keyPath = keyPathVar;
            }
        }
        if (trustPath == null) {
            trustPath = sSLProperties.getTrustPath();
            if (trustPath == null) {
                trustPath = trustPathVar;
            }
        }
        if (passPhrase == null) {
            passPhrase = sSLProperties.getPassPhrase();
            if (passPhrase == null) {
                passPhrase = passPhraseVar;
            }
        }
        String handShakeTimeOut = sSLProperties.getHandShakeTimeOut();
        if (handShakeTimeOut != null) {
            handShakeTimeOutVar = Integer.parseInt(handShakeTimeOut);
        }
        String handShakeWaitTime = sSLProperties.getHandShakeWaitTime();
        if (handShakeWaitTime != null) {
            handShakeWaitTimeVar = Integer.parseInt(handShakeWaitTime);
        }
        if ((keyPath == null && !z) || ((trustPath == null && z) || passPhrase == null)) {
            if (z) {
                throw new KeyStoreException("Trust Store[" + (trustPath != null) + "] or Pass Phrase[" + (passPhrase != null) + "] is not provided. [false] means it does not exist.");
            }
            throw new KeyStoreException("Key Store[" + (keyPath != null) + "] or Pass Phrase[" + (passPhrase != null) + "] is not provided. [false] means it does not exist.");
        }
        char[] charArray = passPhrase.toCharArray();
        KeyManager[] keyManagerArr = null;
        TrustManager[] trustManagerArr = null;
        String property = OMPlatform.INSTANCE.getProperty(SSLProperties.CHECK_VALIDITY_CERTIFICATE);
        boolean z2 = property == null || Boolean.valueOf(property).booleanValue();
        if (z) {
            KeyStore createKeyStore = createKeyStore(trustPath, charArray, z2);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(createKeyStore);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        } else {
            KeyStore createKeyStore2 = createKeyStore(keyPath, charArray, z2);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(createKeyStore2, charArray);
            keyManagerArr = keyManagerFactory.getKeyManagers();
        }
        SSLContext sSLContext = SSLContext.getInstance(PROTOCOL);
        sSLContext.init(keyManagerArr, trustManagerArr, null);
        SSLEngine createSSLEngine = sSLContext.createSSLEngine(str, i);
        createSSLEngine.setUseClientMode(z);
        return createSSLEngine;
    }

    private static KeyStore createKeyStore(String str, char[] cArr, boolean z) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        InputStream inputStream = null;
        try {
            inputStream = new URL(str).openStream();
            keyStore.load(inputStream, cArr);
            if (z) {
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    Certificate certificate = keyStore.getCertificate(aliases.nextElement());
                    if (certificate.getType() == X509_CERTIFICATE_TYPE) {
                        X509Certificate.getInstance(certificate.getEncoded()).checkValidity();
                    }
                }
            }
            IOUtil.close(inputStream);
            return keyStore;
        } catch (Throwable th) {
            IOUtil.close(inputStream);
            throw th;
        }
    }

    public static synchronized int getHandShakeTimeOut() {
        return handShakeTimeOutVar;
    }

    public static synchronized int getHandShakeWaitTime() {
        return handShakeWaitTimeVar;
    }
}
