package org.jppf.ssl;

import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.net.Socket;
import java.security.KeyStore;
import java.util.Map;
import java.util.concurrent.Callable;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.jppf.comm.socket.SocketWrapper;
import org.jppf.utils.FileUtils;
import org.jppf.utils.JPPFConfiguration;
import org.jppf.utils.ObjectSerializer;
import org.jppf.utils.StringUtils;
import org.jppf.utils.TypedProperties;
import org.jppf.utils.streams.StreamUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jppf/ssl/SSLHelper.class */
public final class SSLHelper {
    private static Logger log = LoggerFactory.getLogger(SSLHelper.class);
    private static boolean debugEnabled = log.isDebugEnabled();
    private static TypedProperties sslConfig = null;

    private SSLHelper() {
    }

    public static SSLContext getSSLContext() throws Exception {
        if (sslConfig == null) {
            loadSSLProperties();
        }
        char[] password = getPassword("jppf.ssl.keystore.password");
        KeyStore store = getStore("jppf.ssl.keystore", password);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(store, password);
        KeyStore store2 = getStore("jppf.ssl.truststore", getPassword("jppf.ssl.truststore.password"));
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(store2);
        SSLContext sSLContext = SSLContext.getInstance(sslConfig.getString("jppf.ssl.context.protocol"));
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        return sSLContext;
    }

    public static SSLParameters getSSLParameters() throws Exception {
        if (sslConfig == null) {
            loadSSLProperties();
        }
        SSLParameters sSLParameters = new SSLParameters();
        String string = sslConfig.getString("jppf.ssl.cipher.suites");
        sSLParameters.setCipherSuites(string == null ? null : string.trim().split("\\s"));
        String string2 = sslConfig.getString("jppf.ssl.protocols");
        sSLParameters.setProtocols(string2 == null ? null : string2.trim().split("\\s"));
        String lowerCase = sslConfig.getString("jppf.ssl.client.auth", "none").toLowerCase();
        sSLParameters.setNeedClientAuth("need".equals(lowerCase));
        sSLParameters.setWantClientAuth("want".equals(lowerCase));
        if (debugEnabled) {
            log.debug("SSL parameters : cipher suites=" + StringUtils.arrayToString(sSLParameters.getCipherSuites()) + ", protocols=" + StringUtils.arrayToString(sSLParameters.getProtocols()) + ", needCLientAuth=" + sSLParameters.getNeedClientAuth() + ", wantClientAuth=" + sSLParameters.getWantClientAuth());
        }
        return sSLParameters;
    }

    public static SocketWrapper createSSLClientConnection(SocketWrapper socketWrapper) throws Exception {
        SSLSocket sSLSocket = (SSLSocket) getSSLContext().getSocketFactory().createSocket(socketWrapper.getSocket(), socketWrapper.getHost(), socketWrapper.getPort(), true);
        sSLSocket.setSSLParameters(getSSLParameters());
        sSLSocket.setUseClientMode(true);
        ObjectSerializer serializer = socketWrapper.getSerializer();
        SocketWrapper socketWrapper2 = (SocketWrapper) socketWrapper.getClass().getConstructor(Socket.class).newInstance(sSLSocket);
        socketWrapper2.setSerializer(serializer);
        socketWrapper2.setHost(socketWrapper.getHost());
        socketWrapper2.setPort(socketWrapper.getPort());
        return socketWrapper2;
    }

    public static void configureJMXProperties(Map<String, Object> map) throws Exception {
        SSLSocketFactory socketFactory = getSSLContext().getSocketFactory();
        map.put("jmx.remote.profiles", "TLS");
        map.put("jmx.remote.tls.socket.factory", socketFactory);
        SSLParameters sSLParameters = getSSLParameters();
        map.put("jmx.remote.tls.enabled.protocols", StringUtils.arrayToString(" ", null, null, sSLParameters.getProtocols()));
        map.put("jmx.remote.tls.enabled.cipher.suites", StringUtils.arrayToString(" ", null, null, sSLParameters.getCipherSuites()));
        map.put("jmx.remote.tls.need.client.authentication", "" + sSLParameters.getNeedClientAuth());
        map.put("jmx.remote.tls.want.client.authentication", "" + sSLParameters.getWantClientAuth());
    }

    private static KeyStore getKeyOrTrustStore(String str, char[] cArr) throws Exception {
        return getKeyOrTrustStore(new FileStoreSource(str).call(), cArr);
    }

    private static KeyStore getKeyOrTrustStore(InputStream inputStream, char[] cArr) throws Exception {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(inputStream, cArr);
            StreamUtils.close(inputStream, log);
            return keyStore;
        } catch (Throwable th) {
            StreamUtils.close(inputStream, log);
            throw th;
        }
    }

    private static char[] getPassword(String str) throws Exception {
        String string = sslConfig.getString(str, null);
        return string != null ? string.toCharArray() : (char[]) callSource(sslConfig.getString(str + ".source", null));
    }

    private static KeyStore getStore(String str, char[] cArr) throws Exception {
        String string = sslConfig.getString(str + ".file", null);
        return string != null ? getKeyOrTrustStore(string, cArr) : getKeyOrTrustStore((InputStream) callSource(sslConfig.getString(str + ".source", null)), cArr);
    }

    private static <E> E callSource(String str) throws Exception {
        if (str == null) {
            return null;
        }
        String[] split = str.split("\\s");
        Class<?> cls = Class.forName(split[0]);
        String[] strArr = null;
        if (split.length > 1) {
            strArr = new String[split.length - 1];
            System.arraycopy(split, 1, strArr, 0, strArr.length);
        }
        Constructor<?> constructor = null;
        try {
            constructor = cls.getConstructor(String[].class);
        } catch (NoSuchMethodException e) {
        }
        return (E) (constructor == null ? (Callable) cls.newInstance() : (Callable) constructor.newInstance(strArr)).call();
    }

    private static synchronized void loadSSLProperties() throws Exception {
        if (sslConfig == null) {
            sslConfig = new TypedProperties();
            TypedProperties properties = JPPFConfiguration.getProperties();
            String string = properties.getString("jppf.ssl.configuration.source", null);
            InputStream fileInputStream = string != null ? (InputStream) callSource(string) : FileUtils.getFileInputStream(properties.getString("jppf.ssl.configuration.file", null));
            if (fileInputStream == null) {
                throw new SSLConfigurationException("could not load the SSL configuration");
            }
            try {
                sslConfig.load(fileInputStream);
                StreamUtils.closeSilent(fileInputStream);
            } catch (Throwable th) {
                StreamUtils.closeSilent(fileInputStream);
                throw th;
            }
        }
    }
}
