package org.jboss.remoting.security;

import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.ServerSocket;
import java.net.URL;
import java.security.AccessController;
import java.security.InvalidParameterException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedAction;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ServerSocketFactory;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:jbossall-client.jar:org/jboss/remoting/security/SSLSocketBuilder.class */
public class SSLSocketBuilder implements SSLSocketBuilderMBean {
    public static final String DEFAULT_SECURE_SOCKET_PROTOCOL = "TLS";
    public static final String DEFAULT_KEY_MANAGEMENT_ALGORITHM = "SunX509";
    public static final String DEFAULT_KEY_STORE_TYPE = "JKS";
    private String secureSocketProtocol = DEFAULT_SECURE_SOCKET_PROTOCOL;
    private String keyManagementAlgorithm = "SunX509";
    private String keyStoreType = "JKS";
    private boolean useSSLServerSocketFactory = true;
    private boolean useSSLSocketFactory = true;
    private char[] keyStorePassword = null;
    private char[] keyPassword = null;
    private URL keyStoreURL = null;
    private URL trustStoreURL = null;
    private boolean useClientMode;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jbossall-client.jar:org/jboss/remoting/security/SSLSocketBuilder$GetTCLAction.class */
    public static class GetTCLAction implements PrivilegedAction {
        static PrivilegedAction ACTION = new GetTCLAction();

        private GetTCLAction() {
        }

        @Override // java.security.PrivilegedAction
        public Object run() {
            return Thread.currentThread().getContextClassLoader();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jbossall-client.jar:org/jboss/remoting/security/SSLSocketBuilder$UserModeSSLServerSocketFactory.class */
    public static class UserModeSSLServerSocketFactory extends ServerSocketFactory {
        SSLServerSocketFactory serverSocketFactory;

        public UserModeSSLServerSocketFactory(SSLServerSocketFactory sSLServerSocketFactory) {
            this.serverSocketFactory = sSLServerSocketFactory;
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket() throws IOException {
            SSLServerSocket sSLServerSocket = (SSLServerSocket) this.serverSocketFactory.createServerSocket();
            sSLServerSocket.setUseClientMode(true);
            return sSLServerSocket;
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i) throws IOException {
            SSLServerSocket sSLServerSocket = (SSLServerSocket) this.serverSocketFactory.createServerSocket(i);
            sSLServerSocket.setUseClientMode(true);
            return sSLServerSocket;
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i, int i2) throws IOException {
            SSLServerSocket sSLServerSocket = (SSLServerSocket) this.serverSocketFactory.createServerSocket(i, i2);
            sSLServerSocket.setUseClientMode(true);
            return sSLServerSocket;
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
            SSLServerSocket sSLServerSocket = (SSLServerSocket) this.serverSocketFactory.createServerSocket(i, i2, inetAddress);
            sSLServerSocket.setUseClientMode(true);
            return sSLServerSocket;
        }

        public boolean equals(Object obj) {
            return this.serverSocketFactory.equals(obj);
        }

        public String[] getDefaultCipherSuites() {
            return this.serverSocketFactory.getDefaultCipherSuites();
        }

        public String[] getSupportedCipherSuites() {
            return this.serverSocketFactory.getSupportedCipherSuites();
        }

        public int hashCode() {
            return this.serverSocketFactory.hashCode();
        }

        public String toString() {
            return this.serverSocketFactory.toString();
        }
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setUseSSLServerSocketFactory(boolean z) {
        this.useSSLServerSocketFactory = z;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean getUseSSLServerSocketFactory() {
        return this.useSSLServerSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setUseSSLSocketFactory(boolean z) {
        this.useSSLSocketFactory = z;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean getUseSSLSocketFactory() {
        return this.useSSLSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getSecureSocketProtocol() {
        return this.secureSocketProtocol;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setSecureSocketProtocol(String str) {
        this.secureSocketProtocol = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getKeyManagementAlgorithm() {
        return this.keyManagementAlgorithm;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyManagementAlgorithm(String str) {
        this.keyManagementAlgorithm = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyStoreType(String str) {
        this.keyStoreType = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyStorePassword(String str) {
        if (str == null || str.length() <= 0) {
            throw new InvalidParameterException("Must enter a non null key store passphrase with at least one character.");
        }
        this.keyStorePassword = str.toCharArray();
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyPassword(String str) {
        if (str == null || str.length() <= 0) {
            throw new InvalidParameterException("Must enter a non null key passphrase with at least one character.");
        }
        this.keyPassword = str.toCharArray();
    }

    public void setUseClientMode(boolean z) {
        this.useClientMode = z;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public ServerSocketFactory createSSLServerSocketFactory() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException, UnrecoverableKeyException, KeyManagementException {
        return this.useSSLServerSocketFactory ? SSLServerSocketFactory.getDefault() : createCustomServerSocketFactory();
    }

    private ServerSocketFactory createCustomServerSocketFactory() throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, UnrecoverableKeyException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance(this.secureSocketProtocol);
        sSLContext.init(getKeyManagerFactory().getKeyManagers(), null, null);
        SSLServerSocketFactory serverSocketFactory = sSLContext.getServerSocketFactory();
        return this.useClientMode ? new UserModeSSLServerSocketFactory(serverSocketFactory) : serverSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public SocketFactory createSSLSocketFactory() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException, KeyManagementException {
        return this.useSSLSocketFactory ? SSLSocketFactory.getDefault() : createCustomSocketFactory();
    }

    private SocketFactory createCustomSocketFactory() throws NoSuchAlgorithmException, IOException, CertificateException, KeyStoreException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance(this.secureSocketProtocol);
        sSLContext.init(null, getTrustManagerFactory().getTrustManagers(), null);
        return sSLContext.getSocketFactory();
    }

    private TrustManagerFactory getTrustManagerFactory() throws NoSuchAlgorithmException, IOException, CertificateException, KeyStoreException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.keyManagementAlgorithm);
        trustManagerFactory.init(getKeyStore(this.trustStoreURL));
        return trustManagerFactory;
    }

    private KeyManagerFactory getKeyManagerFactory() throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, UnrecoverableKeyException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.keyManagementAlgorithm);
        keyManagerFactory.init(getKeyStore(this.keyStoreURL), this.keyPassword);
        return keyManagerFactory;
    }

    private KeyStore getKeyStore(URL url) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(this.keyStoreType);
        if (url == null) {
            throw new IOException("Can not create SSL Server Socket Factory due to the url to the key store not being set.");
        }
        keyStore.load(url.openStream(), this.keyStorePassword);
        if (this.keyPassword == null || this.keyPassword.length > 0) {
            this.keyPassword = this.keyStorePassword;
        }
        return keyStore;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyStoreURL(String str) throws IOException {
        this.keyStoreURL = validateStoreURL(str);
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setTrustStoreURL(String str) throws IOException {
        this.trustStoreURL = validateStoreURL(str);
    }

    private URL validateStoreURL(String str) throws IOException {
        URL url = null;
        try {
            url = new URL(str);
        } catch (MalformedURLException e) {
        }
        if (url == null) {
            File file = new File(str);
            if (file.exists()) {
                url = file.toURL();
            }
        }
        if (url == null) {
            url = getContextClassLoader().getResource(str);
        }
        if (url == null) {
            throw new MalformedURLException(new StringBuffer().append("Failed to find url=").append(str).append(" as a URL, file or resource").toString());
        }
        return url;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void create() throws Exception {
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void start() throws Exception {
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void stop() {
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void destroy() {
    }

    static ClassLoader getContextClassLoader() {
        return (ClassLoader) AccessController.doPrivileged(GetTCLAction.ACTION);
    }
}
