package org.jboss.ws.core.client.ssl;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.jboss.logging.Logger;
import org.jboss.ws.core.StubExt;

/* loaded from: input_file:org/jboss/ws/core/client/ssl/SSLContextFactory.class */
public class SSLContextFactory {
    public static final String DEFAULT_SSL_PROTOCOL = "TLS";
    public static final String SSL_USE_CLIENT_MODE = "org.jboss.ws.sslUseClientMode";
    public static final String SERVER_SSL_USE_CLIENT_MODE = "org.jboss.ws.serverSslUseClientMode";
    public static final String SSL_SERVER_AUTH_MODE = "org.jboss.ws.sslServerAuthMode";
    public static final String KEY_PASSWORD = "org.jboss.ws.keyPassword";
    public static final String STANDARD_KEY_STORE_FILE_PATH = "javax.net.ssl.keyStore";
    public static final String STANDARD_KEY_STORE_TYPE = "javax.net.ssl.keyStoreType";
    public static final String STANDARD_KEY_STORE_PASSWORD = "javax.net.ssl.keyStorePassword";
    public static final String DEFAULT_KEY_STORE_TYPE = "JKS";
    public static final String DEFAULT_KEY_STORE_ALGORITHM = "SunX509";
    public static final String STANDARD_TRUST_STORE_FILE_PATH = "javax.net.ssl.trustStore";
    public static final String STANDARD_TRUST_STORE_TYPE = "javax.net.ssl.trustStoreType";
    public static final String STANDARD_TRUST_STORE_PASSWORD = "javax.net.ssl.trustStorePassword";
    private SSLContext sslContextServerSocketFactory;
    private SSLContext sslContextSocketFactory;
    private Provider provider;
    private String providerName;
    private String secureSocketProtocol;
    private KeyManager[] keyManagers;
    private TrustManager[] trustManagers;
    private SecureRandom secureRandom;
    private URL keyStoreFilePath;
    private String keyStoreType;
    private String keyStoreAlgorithm;
    private String keyStorePassword;
    private String keyAlias;
    private String keyPassword;
    private URL trustStoreFilePath;
    private String trustStoreType;
    private String trustStoreAlgorithm;
    private String trustStorePassword;
    private Map<String, Object> config;
    private Boolean socketUseClientMode;
    private Boolean serverSocketUseClientMode;
    private Boolean serverAuthMode;
    private static final Logger log = Logger.getLogger(SSLContextFactory.class);

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/jboss/ws/core/client/ssl/SSLContextFactory$NullStoreURLException.class */
    public class NullStoreURLException extends Exception {
        private static final long serialVersionUID = 1;

        public NullStoreURLException(String str) {
            super(str);
        }
    }

    public SSLContextFactory() {
        this(null);
    }

    public SSLContextFactory(Map<String, Object> map) {
        this.sslContextServerSocketFactory = null;
        this.sslContextSocketFactory = null;
        this.provider = null;
        this.providerName = null;
        this.secureSocketProtocol = null;
        this.keyManagers = null;
        this.trustManagers = null;
        this.secureRandom = null;
        this.keyStoreFilePath = null;
        this.keyStoreType = null;
        this.keyStoreAlgorithm = null;
        this.keyStorePassword = null;
        this.keyAlias = null;
        this.keyPassword = null;
        this.trustStoreFilePath = null;
        this.trustStoreType = null;
        this.trustStoreAlgorithm = null;
        this.trustStorePassword = null;
        this.config = null;
        this.socketUseClientMode = null;
        this.serverSocketUseClientMode = null;
        this.serverAuthMode = null;
        this.config = map;
    }

    public SSLContext getSSLContext() throws IOException {
        if (this.sslContextSocketFactory == null) {
            initializeSocketFactorySSLContext();
        }
        return this.sslContextSocketFactory;
    }

    public SSLContext getServerSSLContext() throws IOException {
        if (this.sslContextServerSocketFactory == null) {
            initializeServerSocketFactorySSLContext();
        }
        return this.sslContextServerSocketFactory;
    }

    public String getSecureSocketProtocol() {
        if (this.secureSocketProtocol == null) {
            if (this.config != null) {
                this.secureSocketProtocol = (String) this.config.get(StubExt.PROPERTY_SSL_PROTOCOL);
            }
            if (this.secureSocketProtocol == null) {
                this.secureSocketProtocol = DEFAULT_SSL_PROTOCOL;
            }
        }
        return this.secureSocketProtocol;
    }

    public void setSecureSocketProtocol(String str) {
        if (str == null || str.length() <= 0) {
            throw new IllegalArgumentException("Can not set remoting socket factory with null protocol");
        }
        this.secureSocketProtocol = str;
    }

    public Provider getProvider() {
        return this.provider;
    }

    public void setProvider(Provider provider) {
        this.provider = provider;
    }

    public String getProviderName() {
        if (this.providerName == null && this.config != null) {
            this.providerName = (String) this.config.get(StubExt.PROPERTY_SSL_PROVIDER_NAME);
        }
        return this.providerName;
    }

    public void setProviderName(String str) {
        this.providerName = str;
    }

    public SecureRandom getSecureRandom() {
        if (this.secureRandom != null) {
            return this.secureRandom;
        }
        this.secureRandom = new SecureRandom();
        return this.secureRandom;
    }

    public void setSecureRandom(SecureRandom secureRandom) {
        this.secureRandom = secureRandom;
    }

    public String getKeyStoreURL() {
        URL keyStore = getKeyStore();
        if (keyStore != null) {
            return keyStore.toString();
        }
        return null;
    }

    public URL getKeyStore() {
        String property;
        String str;
        if (this.keyStoreFilePath != null) {
            return this.keyStoreFilePath;
        }
        if (this.config != null && (str = (String) this.config.get(StubExt.PROPERTY_KEY_STORE)) != null && str.length() > 0) {
            setKeyStoreURL(str);
        }
        if (this.keyStoreFilePath == null && (property = System.getProperty(STANDARD_KEY_STORE_FILE_PATH)) != null && property.length() > 0) {
            setKeyStoreURL(property);
        }
        return this.keyStoreFilePath;
    }

    public void setKeyStoreURL(String str) {
        try {
            this.keyStoreFilePath = validateStoreURL(str);
        } catch (IOException e) {
            throw new RuntimeException("Cannot validate the store URL: " + str, e);
        }
    }

    public void setKeyStore(URL url) {
        this.keyStoreFilePath = url;
    }

    public String getKeyStoreType() {
        String str;
        if (this.keyStoreType != null) {
            return this.keyStoreType;
        }
        if (this.config != null && (str = (String) this.config.get(StubExt.PROPERTY_KEY_STORE_TYPE)) != null && str.length() > 0) {
            this.keyStoreType = str;
        }
        if (this.keyStoreType == null) {
            this.keyStoreType = System.getProperty(STANDARD_KEY_STORE_TYPE);
            if (this.keyStoreType == null) {
                this.keyStoreType = DEFAULT_KEY_STORE_TYPE;
            }
        }
        return this.keyStoreType;
    }

    public void setKeyStoreType(String str) {
        this.keyStoreType = str;
    }

    public String getKeyStoreAlgorithm() {
        String str;
        if (this.keyStoreAlgorithm != null) {
            return this.keyStoreAlgorithm;
        }
        if (this.config != null && (str = (String) this.config.get(StubExt.PROPERTY_KEY_STORE_ALGORITHM)) != null && str.length() > 0) {
            this.keyStoreAlgorithm = str;
        }
        if (this.keyStoreAlgorithm == null) {
            this.keyStoreAlgorithm = DEFAULT_KEY_STORE_ALGORITHM;
        }
        return this.keyStoreAlgorithm;
    }

    public void setKeyStoreAlgorithm(String str) {
        this.keyStoreAlgorithm = str;
    }

    public String getKeyStorePassword() {
        String str;
        if (this.keyStorePassword != null) {
            return this.keyStorePassword;
        }
        if (this.config != null && (str = (String) this.config.get(StubExt.PROPERTY_KEY_STORE_PASSWORD)) != null && str.length() > 0) {
            this.keyStorePassword = str;
        }
        if (this.keyStorePassword == null) {
            this.keyStorePassword = System.getProperty(STANDARD_KEY_STORE_PASSWORD);
        }
        return this.keyStorePassword;
    }

    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    public String getTrustStoreURL() {
        URL trustStore = getTrustStore();
        if (trustStore != null) {
            return trustStore.toString();
        }
        return null;
    }

    public URL getTrustStore() {
        String property;
        String str;
        if (this.trustStoreFilePath != null) {
            return this.trustStoreFilePath;
        }
        if (this.config != null && (str = (String) this.config.get(StubExt.PROPERTY_TRUST_STORE)) != null && str.length() > 0) {
            setTrustStoreURL(str);
        }
        if (this.trustStoreFilePath == null && (property = System.getProperty(STANDARD_TRUST_STORE_FILE_PATH)) != null && property.length() > 0) {
            setTrustStoreURL(property);
        }
        return this.trustStoreFilePath;
    }

    public void setTrustStore(URL url) {
        this.trustStoreFilePath = url;
    }

    public void setTrustStoreURL(String str) {
        try {
            this.trustStoreFilePath = validateStoreURL(str);
        } catch (IOException e) {
            throw new RuntimeException("Cannot validate the store URL: " + str, e);
        }
    }

    public String getTrustStoreType() {
        String str;
        if (this.trustStoreType != null) {
            return this.trustStoreType;
        }
        if (this.config != null && (str = (String) this.config.get(StubExt.PROPERTY_TRUST_STORE_TYPE)) != null && str.length() > 0) {
            this.trustStoreType = str;
        }
        if (this.trustStoreType == null) {
            this.trustStoreType = System.getProperty(STANDARD_TRUST_STORE_TYPE);
            if (this.trustStoreType == null) {
                this.trustStoreType = getKeyStoreType();
            }
        }
        return this.trustStoreType;
    }

    public void setTrustStoreType(String str) {
        this.trustStoreType = str;
    }

    public String getTrustStoreAlgorithm() {
        String str;
        if (this.trustStoreAlgorithm != null) {
            return this.trustStoreAlgorithm;
        }
        if (this.config != null && (str = (String) this.config.get(StubExt.PROPERTY_TRUST_STORE_ALGORITHM)) != null && str.length() > 0) {
            this.trustStoreAlgorithm = str;
        }
        if (this.trustStoreAlgorithm == null) {
            this.trustStoreAlgorithm = getKeyStoreAlgorithm();
        }
        return this.trustStoreAlgorithm;
    }

    public void setTrustStoreAlgorithm(String str) {
        this.trustStoreAlgorithm = str;
    }

    public String getTrustStorePassword() {
        String str;
        if (this.trustStorePassword != null) {
            return this.trustStorePassword;
        }
        if (this.config != null && (str = (String) this.config.get(StubExt.PROPERTY_TRUST_STORE_PASSWORD)) != null && str.length() > 0) {
            this.trustStorePassword = str;
        }
        if (this.trustStorePassword == null) {
            this.trustStorePassword = System.getProperty(STANDARD_TRUST_STORE_PASSWORD);
            if (this.trustStorePassword == null) {
                this.trustStorePassword = getKeyStorePassword();
            }
        }
        return this.trustStorePassword;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    public String getKeyAlias() {
        if (this.keyAlias != null) {
            return this.keyAlias;
        }
        if (this.config != null) {
            this.keyAlias = (String) this.config.get(StubExt.PROPERTY_KEY_ALIAS);
        }
        return this.keyAlias;
    }

    public void setKeyAlias(String str) {
        this.keyAlias = str;
    }

    public String getKeyPassword() {
        String str;
        if (this.keyPassword != null) {
            return this.keyPassword;
        }
        if (this.config != null && (str = (String) this.config.get(KEY_PASSWORD)) != null && str.length() > 0) {
            this.keyPassword = str;
        }
        return this.keyPassword;
    }

    public void setKeyPassword(String str) {
        this.keyPassword = str;
    }

    public boolean isSocketUseClientMode() {
        if (this.socketUseClientMode == null) {
            if (this.config == null || !this.config.containsKey(SSL_USE_CLIENT_MODE)) {
                this.socketUseClientMode = Boolean.TRUE;
            } else {
                this.socketUseClientMode = Boolean.valueOf((String) this.config.get(SSL_USE_CLIENT_MODE));
            }
        }
        return this.socketUseClientMode.booleanValue();
    }

    public boolean isServerSocketUseClientMode() {
        if (this.serverSocketUseClientMode == null) {
            if (this.config == null || !this.config.containsKey(SERVER_SSL_USE_CLIENT_MODE)) {
                this.serverSocketUseClientMode = Boolean.FALSE;
            } else {
                this.serverSocketUseClientMode = Boolean.valueOf((String) this.config.get(SERVER_SSL_USE_CLIENT_MODE));
            }
        }
        return this.serverSocketUseClientMode.booleanValue();
    }

    public void setSocketUseClientMode(boolean z) {
        this.socketUseClientMode = Boolean.valueOf(z);
    }

    public void setServerSocketUseClientMode(boolean z) {
        this.serverSocketUseClientMode = Boolean.valueOf(z);
    }

    public boolean isServerAuthMode() {
        if (this.serverAuthMode == null) {
            if (this.config == null || !this.config.containsKey(SSL_SERVER_AUTH_MODE)) {
                this.serverAuthMode = Boolean.TRUE;
            } else {
                this.serverAuthMode = Boolean.valueOf((String) this.config.get(SSL_SERVER_AUTH_MODE));
            }
        }
        return this.serverAuthMode.booleanValue();
    }

    public void setServerAuthMode(boolean z) {
        this.serverAuthMode = Boolean.valueOf(z);
    }

    protected void createServerSocketFactorySSLContext() throws IOException {
        try {
            if (getProvider() != null) {
                this.sslContextServerSocketFactory = SSLContext.getInstance(getSecureSocketProtocol(), getProvider());
            } else if (getProviderName() != null) {
                this.sslContextServerSocketFactory = SSLContext.getInstance(getSecureSocketProtocol(), getProviderName());
            } else {
                this.sslContextServerSocketFactory = SSLContext.getInstance(getSecureSocketProtocol());
            }
        } catch (Exception e) {
            IOException iOException = new IOException("Error creating server socket factory SSL context: " + e.getMessage());
            iOException.setStackTrace(e.getStackTrace());
            throw iOException;
        }
    }

    protected void createSocketFactorySSLContext() throws IOException {
        try {
            if (getProvider() != null) {
                this.sslContextSocketFactory = SSLContext.getInstance(getSecureSocketProtocol(), getProvider());
            } else if (getProviderName() != null) {
                this.sslContextSocketFactory = SSLContext.getInstance(getSecureSocketProtocol(), getProviderName());
            } else {
                this.sslContextSocketFactory = SSLContext.getInstance(getSecureSocketProtocol());
            }
        } catch (Exception e) {
            IOException iOException = new IOException("Error creating socket factory SSL context: " + e.getMessage());
            iOException.setStackTrace(e.getStackTrace());
            throw iOException;
        }
    }

    protected void initializeServerSocketFactorySSLContext() throws IOException {
        try {
            if (this.sslContextServerSocketFactory == null) {
                createServerSocketFactorySSLContext();
            }
            try {
                this.keyManagers = loadKeyManagers();
            } catch (NullStoreURLException e) {
                if (!isServerSocketUseClientMode()) {
                    IOException iOException = new IOException("Can not find keystore url.");
                    iOException.initCause(e);
                    throw iOException;
                }
                this.keyManagers = null;
                log.debug("Could not find keytore url.  " + e.getMessage());
            }
            try {
                this.trustManagers = loadTrustManagers(isServerSocketUseClientMode());
            } catch (NullStoreURLException e2) {
                this.trustManagers = null;
                log.debug("Could not find truststore url.  " + e2.getMessage());
            }
            this.secureRandom = getSecureRandom();
            this.sslContextServerSocketFactory.init(this.keyManagers, this.trustManagers, this.secureRandom);
        } catch (Exception e3) {
            IOException iOException2 = new IOException("Error initializing server socket factory SSL context: " + e3.getMessage());
            iOException2.setStackTrace(e3.getStackTrace());
            throw iOException2;
        }
    }

    protected void initializeSocketFactorySSLContext() throws IOException {
        try {
            if (this.sslContextSocketFactory == null) {
                createSocketFactorySSLContext();
            }
            try {
                this.keyManagers = loadKeyManagers();
            } catch (NullStoreURLException e) {
                this.keyManagers = null;
                log.debug("Could not find keystore url.  " + e.getMessage());
            }
            try {
                this.trustManagers = loadTrustManagers(isSocketUseClientMode());
            } catch (NullStoreURLException e2) {
                if (this.keyManagers == null) {
                    IOException iOException = new IOException("Can not find truststore url.");
                    iOException.initCause(e2);
                    throw iOException;
                }
                this.trustManagers = null;
                log.debug("Could not find truststore url.  " + e2.getMessage());
            }
            this.secureRandom = getSecureRandom();
            this.sslContextSocketFactory.init(this.keyManagers, this.trustManagers, this.secureRandom);
        } catch (Exception e3) {
            IOException iOException2 = new IOException("Error initializing socket factory SSL context: " + e3.getMessage());
            iOException2.setStackTrace(e3.getStackTrace());
            throw iOException2;
        }
    }

    protected TrustManager[] loadTrustManagers(boolean z) throws NoSuchProviderException, NoSuchAlgorithmException, IOException, CertificateException, KeyStoreException, NullStoreURLException {
        if (!z || isServerAuthMode()) {
            String trustStoreType = getTrustStoreType();
            String trustStorePassword = getTrustStorePassword();
            URL trustStore = getTrustStore();
            String trustStoreAlgorithm = getTrustStoreAlgorithm();
            KeyStore loadKeyStore = loadKeyStore(trustStoreType, trustStore, trustStorePassword);
            TrustManagerFactory trustManagerFactory = getProvider() != null ? TrustManagerFactory.getInstance(trustStoreAlgorithm, getProvider()) : getProviderName() != null ? TrustManagerFactory.getInstance(trustStoreAlgorithm, getProviderName()) : TrustManagerFactory.getInstance(trustStoreAlgorithm);
            if (loadKeyStore != null) {
                trustManagerFactory.init(loadKeyStore);
                this.trustManagers = trustManagerFactory.getTrustManagers();
            }
        } else {
            this.trustManagers = new TrustManager[]{new X509TrustManager() { // from class: org.jboss.ws.core.client.ssl.SSLContextFactory.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            }};
        }
        return this.trustManagers;
    }

    protected KeyManager[] loadKeyManagers() throws NoSuchProviderException, NoSuchAlgorithmException, IOException, CertificateException, KeyStoreException, UnrecoverableKeyException, NullStoreURLException {
        String keyStorePassword = getKeyStorePassword();
        String keyStoreType = getKeyStoreType();
        URL keyStore = getKeyStore();
        KeyStore loadKeyStore = loadKeyStore(keyStoreType, keyStore, keyStorePassword);
        if (loadKeyStore != null) {
            String keyAlias = getKeyAlias();
            if (keyAlias != null && !loadKeyStore.isKeyEntry(keyAlias)) {
                throw new IOException("Can not find key entry for key store (" + keyStore + ") with given alias (" + keyAlias + ")");
            }
            String keyStoreAlgorithm = getKeyStoreAlgorithm();
            KeyManagerFactory keyManagerFactory = getProvider() != null ? KeyManagerFactory.getInstance(keyStoreAlgorithm, getProvider()) : getProviderName() != null ? KeyManagerFactory.getInstance(keyStoreAlgorithm, getProviderName()) : KeyManagerFactory.getInstance(keyStoreAlgorithm);
            String keyPassword = getKeyPassword();
            if (keyPassword == null || keyPassword.length() == 0) {
                keyPassword = keyStorePassword;
            }
            keyManagerFactory.init(loadKeyStore, keyPassword.toCharArray());
            this.keyManagers = keyManagerFactory.getKeyManagers();
            if (keyAlias != null) {
                for (int i = 0; i < this.keyManagers.length; i++) {
                    this.keyManagers[i] = new JBossWSKeyManager((X509KeyManager) this.keyManagers[i], keyAlias);
                }
            }
        }
        return this.keyManagers;
    }

    protected KeyStore loadKeyStore(String str, URL url, String str2) throws KeyStoreException, NoSuchProviderException, IOException, NoSuchAlgorithmException, CertificateException, NullStoreURLException {
        KeyStore keyStore = getProvider() != null ? KeyStore.getInstance(str, getProvider()) : getProviderName() != null ? KeyStore.getInstance(str, getProviderName()) : KeyStore.getInstance(str);
        if (url == null) {
            throw new NullStoreURLException("Can not find store file for url because store url is null.");
        }
        InputStream inputStream = null;
        try {
            inputStream = url.openStream();
            keyStore.load(inputStream, str2 != null ? str2.toCharArray() : null);
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e) {
                }
            }
            return keyStore;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }

    protected URL validateStoreURL(String str) throws IOException {
        URL url = null;
        try {
            url = new URL(str);
        } catch (MalformedURLException e) {
            File file = new File(str);
            if (file.exists()) {
                url = file.toURL();
            } else if (url == null) {
                url = Thread.currentThread().getContextClassLoader().getResource(str);
            }
        }
        if (url == null) {
            throw new MalformedURLException("Failed to find url=" + str + " as a URL, file or resource");
        }
        return url;
    }
}
