package com.sun.enterprise.iiop;

import com.sun.corba.ee.connection.EndPointInfo;
import com.sun.corba.ee.connection.GetEndPointInfoAgainException;
import com.sun.corba.ee.connection.ORBSocketFactory;
import com.sun.corba.ee.internal.core.IOR;
import com.sun.corba.ee.internal.ior.IIOPAddress;
import com.sun.ejb.ejbql.CodeGeneratingVisitor;
import com.sun.enterprise.iiop.security.ConnectionContext;
import com.sun.enterprise.iiop.security.SecurityMechanismSelector;
import com.sun.enterprise.security.J2EEKeyManager;
import com.sun.enterprise.security.KeyTool;
import com.sun.enterprise.security.SSLUtils;
import com.sun.net.ssl.KeyManager;
import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;
import com.sun.net.ssl.TrustManager;
import com.sun.net.ssl.TrustManagerFactory;
import com.sun.net.ssl.X509KeyManager;
import java.io.IOException;
import java.io.Serializable;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.SecureRandom;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.omg.CORBA.ORB;

/* loaded from: input_file:com/sun/enterprise/iiop/IIOPSSLSocketFactory.class */
public class IIOPSSLSocketFactory implements ORBSocketFactory, Serializable {
    public static final boolean debug;
    private static final String SSL = "SSL";
    private static final String SSL_MUTUALAUTH = "SSL_MUTUALAUTH";
    private static final String PERSISTENT_SSL = "PERSISTENT_SSL";
    private static final String CLEAR = "IIOP_CLEAR_TEXT";
    private static String[] cipherSuites;
    private static boolean clientAuth;
    private static KeyManagerFactory keyManagerFactory;
    private static TrustManagerFactory trustManagerFactory;
    private String type = null;
    private int sslPort = 0;
    private SSLContext ctx = null;
    private SecureRandom sr = new SecureRandom();

    private void init() {
        try {
            if (keyManagerFactory == null) {
                SSLUtils.initKeyStore();
            }
            this.ctx = SSLContext.getInstance("TLS");
            KeyManagerFactory keyManagerFactory2 = keyManagerFactory;
            TrustManagerFactory trustManagerFactory2 = trustManagerFactory;
            if (keyManagerFactory2 == null && trustManagerFactory2 == null) {
                this.ctx.init((KeyManager[]) null, (TrustManager[]) null, this.sr);
            } else if (trustManagerFactory2 == null) {
                this.ctx.init(keyManagerFactory2.getKeyManagers(), (TrustManager[]) null, (SecureRandom) null);
            } else {
                this.ctx.init(keyManagerFactory2.getKeyManagers(), trustManagerFactory2.getTrustManagers(), this.sr);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private void clientInit() {
        try {
            if (keyManagerFactory == null) {
                SSLUtils.initKeyStore();
            }
            this.ctx = SSLContext.getInstance("TLS");
            KeyManagerFactory keyManagerFactory2 = keyManagerFactory;
            TrustManagerFactory trustManagerFactory2 = trustManagerFactory;
            if (keyManagerFactory2 == null && trustManagerFactory2 == null) {
                this.ctx.init((KeyManager[]) null, (TrustManager[]) null, this.sr);
            } else {
                J2EEKeyManager[] j2EEKeyManagerArr = null;
                if (keyManagerFactory2 != null) {
                    X509KeyManager[] keyManagers = keyManagerFactory2.getKeyManagers();
                    j2EEKeyManagerArr = new J2EEKeyManager[keyManagers.length];
                    for (int i = 0; i < keyManagers.length; i++) {
                        if (debug) {
                            System.out.println("Setting J2EEKeyManager...");
                        }
                        j2EEKeyManagerArr[i] = new J2EEKeyManager(keyManagers[i]);
                    }
                }
                this.ctx.init(j2EEKeyManagerArr, trustManagerFactory2 != null ? trustManagerFactory2.getTrustManagers() : null, this.sr);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public ServerSocket createServerSocket(String str, int i) throws IOException {
        return (str.equals(SSL_MUTUALAUTH) || str.equals(SSL) || str.equals(PERSISTENT_SSL)) ? createSSLServerSocket(str, i) : new ServerSocket(i);
    }

    private ServerSocket createSSLServerSocket(String str, int i) throws IOException {
        if (this.ctx == null) {
            init();
        }
        if (keyManagerFactory == null) {
            System.out.println("Keystore may not have been specified - It is needed when starting up the server");
            throw new RuntimeException("Keystore may not have been specified - It is needed when starting up the server");
        }
        SSLServerSocketFactory serverSocketFactory = this.ctx.getServerSocketFactory();
        if (debug) {
            System.out.println(new StringBuffer().append("Creating server socket for :").append(i).toString());
            for (String str2 : serverSocketFactory.getSupportedCipherSuites()) {
                System.out.println(new StringBuffer().append("Cipher Suite: ").append(str2).toString());
            }
        }
        ServerSocket createServerSocket = serverSocketFactory.createServerSocket(i);
        try {
            if (cipherSuites != null) {
                if (debug) {
                    System.out.println(new StringBuffer().append("Enable client auth:").append(clientAuth).toString());
                    System.out.println("Enabling the following cipher suites:");
                    for (int i2 = 0; i2 < cipherSuites.length; i2++) {
                        System.out.println(new StringBuffer().append("Cipher Suite: ").append(cipherSuites[i2]).toString());
                    }
                }
                if (cipherSuites != null) {
                    ((SSLServerSocket) createServerSocket).setEnabledCipherSuites(cipherSuites);
                }
            }
            if (str.equals(SSL_MUTUALAUTH)) {
                if (debug) {
                    System.out.println("Setting Mutual auth");
                }
                ((SSLServerSocket) createServerSocket).setNeedClientAuth(true);
            }
            if (debug) {
                System.out.println(new StringBuffer().append("Created server socket:").append(createServerSocket).toString());
            }
            return createServerSocket;
        } catch (Exception e) {
            if (debug) {
                e.printStackTrace();
            }
            throw new IOException(e.getMessage());
        }
    }

    public EndPointInfo getEndPointInfo(ORB orb, IOR ior, EndPointInfo endPointInfo) {
        int port;
        try {
            SecurityMechanismSelector securityMechanismSelector = new SecurityMechanismSelector(false);
            IIOPAddress primaryAddress = ior.getProfile().getTemplate().getPrimaryAddress();
            String lowerCase = primaryAddress.getHost().toLowerCase();
            ConnectionContext connectionContext = new ConnectionContext();
            EndPointInfo sSLPort = securityMechanismSelector.getSSLPort(ior, connectionContext);
            securityMechanismSelector.setClientConnectionContext(connectionContext);
            if (sSLPort == null) {
                this.type = CLEAR;
                port = primaryAddress.getPort();
            } else {
                this.type = sSLPort.getType();
                port = sSLPort.getPort();
            }
            if (debug) {
                System.out.println(new StringBuffer().append("Connection Context:").append(connectionContext).toString());
                System.out.println(new StringBuffer().append("ENDPOINT INFO:type=").append(this.type).append(",host=").append(lowerCase).append(", port=").append(port).toString());
            }
            return new EndPointInfoImpl(this.type, lowerCase, port);
        } catch (Exception e) {
            if (debug) {
                e.printStackTrace();
            }
            throw new RuntimeException(e.getMessage());
        }
    }

    public Socket createSocket(EndPointInfo endPointInfo) throws IOException, GetEndPointInfoAgainException {
        try {
            String type = endPointInfo.getType();
            String host = endPointInfo.getHost();
            int port = endPointInfo.getPort();
            if (debug) {
                System.out.println(new StringBuffer().append("createSocket(").append(type).append(", ").append(host).append(", ").append(port).append(CodeGeneratingVisitor.SELECT_LIST_OBJECT_TOKEN_END).toString());
            }
            if (type.equals(SSL) || type.equals(SSL_MUTUALAUTH)) {
                return createSSLSocket(host, port);
            }
            if (debug) {
                System.out.println(new StringBuffer().append("Creating CLEAR_TEXT socket for:").append(port).toString());
            }
            return new Socket(host, port);
        } catch (Exception e) {
            if (debug) {
                e.printStackTrace();
            }
            throw new RuntimeException(e.getMessage());
        }
    }

    private Socket createSSLSocket(String str, int i) throws IOException {
        try {
            if (this.ctx == null) {
                clientInit();
            }
            if (clientAuth && keyManagerFactory == null) {
                throw new RuntimeException("When client auth is enabled, keystore should be specified");
            }
            SSLSocketFactory socketFactory = this.ctx != null ? this.ctx.getSocketFactory() : (SSLSocketFactory) SSLSocketFactory.getDefault();
            if (debug) {
                System.out.println(new StringBuffer().append("Creating SSL Socket for host:").append(str).append(" port:").append(i).toString());
            }
            SSLSocket sSLSocket = (SSLSocket) socketFactory.createSocket(str, i);
            _handshake(sSLSocket);
            return sSLSocket;
        } catch (Exception e) {
            if (debug) {
                e.printStackTrace();
            }
            throw new IOException(e.getMessage());
        }
    }

    public static void setFactories(KeyManagerFactory keyManagerFactory2, TrustManagerFactory trustManagerFactory2) {
        keyManagerFactory = keyManagerFactory2;
        trustManagerFactory = trustManagerFactory2;
    }

    public static void setClientAuth(boolean z) {
        clientAuth = z;
    }

    public static void setCipherSuites(String[] strArr) {
        cipherSuites = strArr;
    }

    private void _handshake(SSLSocket sSLSocket) throws Exception {
        try {
            sSLSocket.setUseClientMode(true);
            if (debug) {
                System.out.println("About to call handshake");
            }
            sSLSocket.startHandshake();
            if (debug) {
                System.out.println("handshake returned");
            }
            SSLSession session = sSLSocket.getSession();
            if (debug) {
                System.out.println(session.getCipherSuite());
                System.out.println(new StringBuffer().append("Peer cert chain length : ").append(session.getPeerCertificateChain().length).toString());
            }
        } catch (Exception e) {
            throw e;
        }
    }

    static {
        KeyTool.initProvider();
        debug = System.getProperty("connection.factory.debug", "false").equalsIgnoreCase("true");
        cipherSuites = null;
        clientAuth = false;
        keyManagerFactory = null;
        trustManagerFactory = null;
    }
}
