package com.enginframe.common.rmi.ssl;

import com.enginframe.common.utils.Utils;
import com.enginframe.common.utils.log.Log;
import com.enginframe.common.utils.log.LogFactory;
import com.enginframe.server.DBKeyStoreReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;
import org.apache.tomcat.websocket.Constants;

/* JADX WARN: Classes with same name are omitted:
  input_file:kernel/ef_root/WEBAPP/WEB-INF/lib/ef.jar:com/enginframe/common/rmi/ssl/SSLSocketFactoryUtils.class
  input_file:kernel/ef_root/agent/agent.jar:com/enginframe/common/rmi/ssl/SSLSocketFactoryUtils.class
 */
/* loaded from: input_file:com/enginframe/common/rmi/ssl/SSLSocketFactoryUtils.class */
public final class SSLSocketFactoryUtils {
    private static final String EF_KEY_STORE_TYPE_DEFAULT = "JKS";
    private static final String EF_KEY_STORE_PASSWORD_DEFAULT = "changeit";
    private static final String EF_TRUST_STORE_TYPE_DEFAULT = "JKS";
    private static final String EF_TRUST_STORE_PASSWORD_DEFAULT = "changeit";
    private static SSLSocketFactory socketFactory = null;
    private static Log itsLog;

    private SSLSocketFactoryUtils() {
    }

    private static KeyStore getStore(String str, String str2, String str3) throws IOException, GeneralSecurityException {
        if (itsLog.isInfoEnabled()) {
            itsLog.info("Reading key- or truststore '" + str + "' (type: " + str3 + ").");
        }
        if (itsLog.isDebugEnabled()) {
            itsLog.debug("Using password: " + str2);
        }
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            KeyStore keyStore = KeyStore.getInstance(str3);
            keyStore.load(fileInputStream, str2.toCharArray());
            return keyStore;
        } finally {
            fileInputStream.close();
        }
    }

    private static KeyManager[] getKeyManagers() throws IOException, GeneralSecurityException {
        String property = Utils.getProperty("EF_KEY_STORE_ALGORITHM");
        if (Utils.isVoid(property)) {
            property = KeyManagerFactory.getDefaultAlgorithm();
        }
        if (itsLog.isInfoEnabled()) {
            itsLog.info("Using keystore algorith: " + property);
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(property);
        String expand = Utils.expand(Utils.getProperty("EF_KEY_STORE"));
        if (Utils.isVoid(expand)) {
            itsLog.fatalError("No keystore file specified. A value for the EF_KEY_STORE parameter must be specified.");
            throw new KeyStoreException("No keystore file specified, please set the EF_KEY_STORE parameter.");
        }
        String property2 = Utils.getProperty(DBKeyStoreReader.EF_DB_KEY_STORE_PASSWORD);
        if (Utils.isVoid(property2)) {
            property2 = Constants.SSL_TRUSTSTORE_PWD_DEFAULT;
        }
        String property3 = Utils.getProperty("EF_KEY_STORE_TYPE");
        if (Utils.isVoid(property3)) {
            property3 = SslConfigurationDefaults.KEYSTORE_TYPE;
        }
        KeyStore store = getStore(expand, property2, property3);
        String property4 = Utils.getProperty("EF_KEY_ALIAS");
        if (Utils.isVoid(property4)) {
            property4 = null;
        } else if (itsLog.isInfoEnabled()) {
            itsLog.info("Using key alias: " + property4);
        }
        if (property4 != null && !store.isKeyEntry(property4)) {
            itsLog.fatalError("Alias name " + property4 + " does not identify a key entry, a valid value for the EF_KEY_ALIAS parameter must be specified.");
            throw new IOException("Alias name " + property4 + " does not identify a key entry, please modify the EF_KEY_ALIAS parameter.");
        }
        keyManagerFactory.init(store, property2.toCharArray());
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (property4 != null) {
            if (SslConfigurationDefaults.KEYSTORE_TYPE.equals(property3)) {
                property4 = property4.toLowerCase();
            }
            for (int i = 0; i < keyManagers.length; i++) {
                keyManagers[i] = new EFKeyManager((X509KeyManager) keyManagers[i], property4);
            }
        }
        return keyManagers;
    }

    private static TrustManager[] getTrustManagers() throws IOException, GeneralSecurityException {
        String property = Utils.getProperty("EF_TRUST_STORE_ALGORITHM");
        if (Utils.isVoid(property)) {
            property = KeyManagerFactory.getDefaultAlgorithm();
        }
        if (itsLog.isInfoEnabled()) {
            itsLog.info("Using truststore algorith: " + property);
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(property);
        String expand = Utils.expand(Utils.getProperty("EF_TRUST_STORE"));
        if (Utils.isVoid(expand)) {
            itsLog.fatalError("No truststore file specified. A value for the EF_TRUST_STORE parameter must be specified.");
            throw new KeyStoreException("No truststore file specified, please set the EF_TRUST_STORE parameter.");
        }
        String property2 = Utils.getProperty("EF_TRUST_STORE_PASSWORD");
        if (Utils.isVoid(property2)) {
            property2 = Constants.SSL_TRUSTSTORE_PWD_DEFAULT;
        }
        String property3 = Utils.getProperty("EF_TRUST_STORE_TYPE");
        if (Utils.isVoid(property3)) {
            property3 = SslConfigurationDefaults.KEYSTORE_TYPE;
        }
        trustManagerFactory.init(getStore(expand, property2, property3));
        return trustManagerFactory.getTrustManagers();
    }

    public static synchronized SSLSocketFactory getSSLSocketFactory() throws IOException {
        if (socketFactory != null) {
            if (itsLog.isDebugEnabled()) {
                itsLog.debug("Returning the pre-built SSLSocketFactory");
            }
            return socketFactory;
        }
        itsLog = LogFactory.getLog((Class<?>) SSLSocketFactoryUtils.class);
        try {
            if (itsLog.isDebugEnabled()) {
                itsLog.debug("Creating the SSL context");
            }
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(getKeyManagers(), getTrustManagers(), new SecureRandom());
            socketFactory = sSLContext.getSocketFactory();
            if (itsLog.isDebugEnabled()) {
                itsLog.debug("SSLSocketFactory built successfully");
            }
            return socketFactory;
        } catch (GeneralSecurityException e) {
            itsLog.fatalError("GeneralSecurityException trying to initializing the SSLSocketFactory.", e);
            IOException iOException = new IOException("Error while initializing RMI/SSL: " + e.getLocalizedMessage());
            iOException.initCause(e);
            throw iOException;
        }
    }
}
