package org.jboss.remoting.security;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Method;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ServerSocketFactory;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.jboss.logging.Logger;
import org.jboss.remoting.serialization.ClassLoaderUtility;
import org.jboss.remoting.util.socket.RemotingKeyManager;

/* loaded from: input_file:rhq-enterprise-agent-3.0.0.EmbJopr3.zip:rhq-agent/lib/jboss-remoting-2.2.2.SP8.jar:org/jboss/remoting/security/SSLSocketBuilder.class */
public class SSLSocketBuilder implements SSLSocketBuilderMBean, Cloneable {
    public static final String REMOTING_SSL_PROVIDER_NAME = "org.jboss.remoting.sslProviderName";
    public static final String REMOTING_SSL_PROTOCOL = "org.jboss.remoting.sslProtocol";
    public static final String DEFAULT_SSL_PROTOCOL = "TLS";
    public static final String REMOTING_SOCKET_USE_CLIENT_MODE = "org.jboss.remoting.socket.useClientMode";
    public static final String REMOTING_SERVER_SOCKET_USE_CLIENT_MODE = "org.jboss.remoting.serversocket.useClientMode";
    public static final String REMOTING_CLIENT_AUTH_MODE = "org.jboss.remoting.clientAuthMode";
    public static final String CLIENT_AUTH_MODE_NONE = "none";
    public static final String CLIENT_AUTH_MODE_WANT = "want";
    public static final String CLIENT_AUTH_MODE_NEED = "need";
    public static final String REMOTING_SERVER_AUTH_MODE = "org.jboss.remoting.serverAuthMode";
    public static final String REMOTING_KEY_STORE_FILE_PATH = "org.jboss.remoting.keyStore";
    public static final String REMOTING_KEY_STORE_TYPE = "org.jboss.remoting.keyStoreType";
    public static final String REMOTING_KEY_STORE_ALGORITHM = "org.jboss.remoting.keyStoreAlgorithm";
    public static final String REMOTING_KEY_STORE_PASSWORD = "org.jboss.remoting.keyStorePassword";
    public static final String REMOTING_KEY_ALIAS = "org.jboss.remoting.keyAlias";
    public static final String REMOTING_KEY_PASSWORD = "org.jboss.remoting.keyPassword";
    public static final String STANDARD_KEY_STORE_FILE_PATH = "javax.net.ssl.keyStore";
    public static final String STANDARD_KEY_STORE_TYPE = "javax.net.ssl.keyStoreType";
    public static final String STANDARD_KEY_STORE_PASSWORD = "javax.net.ssl.keyStorePassword";
    public static final String DEFAULT_KEY_STORE_TYPE = "JKS";
    public static final String DEFAULT_KEY_STORE_ALGORITHM = "SunX509";
    public static final String REMOTING_TRUST_STORE_FILE_PATH = "org.jboss.remoting.trustStore";
    public static final String REMOTING_TRUST_STORE_TYPE = "org.jboss.remoting.trustStoreType";
    public static final String REMOTING_TRUST_STORE_ALGORITHM = "org.jboss.remoting.trustStoreAlgorithm";
    public static final String REMOTING_TRUST_STORE_PASSWORD = "org.jboss.remoting.trustStorePassword";
    public static final String STANDARD_TRUST_STORE_FILE_PATH = "javax.net.ssl.trustStore";
    public static final String STANDARD_TRUST_STORE_TYPE = "javax.net.ssl.trustStoreType";
    public static final String STANDARD_TRUST_STORE_PASSWORD = "javax.net.ssl.trustStorePassword";
    public static final String REMOTING_DEFAULT_SOCKET_FACTORY_CLASS = "org.jboss.remoting.defaultSocketFactory";
    private SSLContext sslContextServerSocketFactory;
    private SSLContext sslContextSocketFactory;
    private Provider provider;
    private String providerName;
    private String secureSocketProtocol;
    private KeyManager[] keyManagers;
    private TrustManager[] trustManagers;
    private SecureRandom secureRandom;
    private URL keyStoreFilePath;
    private String keyStoreType;
    private String keyStoreAlgorithm;
    private String keyStorePassword;
    private String keyAlias;
    private String keyPassword;
    private URL trustStoreFilePath;
    private String trustStoreType;
    private String trustStoreAlgorithm;
    private String trustStorePassword;
    private Map config;
    private Boolean socketUseClientMode;
    private Boolean serverSocketUseClientMode;
    private String clientAuthMode;
    private Boolean serverAuthMode;
    private boolean useSSLServerSocketFactory;
    private boolean useSSLSocketFactory;
    private static final Logger log;
    static Class class$org$jboss$remoting$security$SSLSocketBuilder;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:rhq-enterprise-agent-3.0.0.EmbJopr3.zip:rhq-agent/lib/jboss-remoting-2.2.2.SP8.jar:org/jboss/remoting/security/SSLSocketBuilder$NullStoreURLException.class */
    public class NullStoreURLException extends Exception {
        private static final long serialVersionUID = 1;
        private final SSLSocketBuilder this$0;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public NullStoreURLException(SSLSocketBuilder sSLSocketBuilder, String str) {
            super(str);
            this.this$0 = sSLSocketBuilder;
        }
    }

    public SSLSocketBuilder() {
        this(null);
    }

    public SSLSocketBuilder(Map map) {
        this.sslContextServerSocketFactory = null;
        this.sslContextSocketFactory = null;
        this.provider = null;
        this.providerName = null;
        this.secureSocketProtocol = null;
        this.keyManagers = null;
        this.trustManagers = null;
        this.secureRandom = null;
        this.keyStoreFilePath = null;
        this.keyStoreType = null;
        this.keyStoreAlgorithm = null;
        this.keyStorePassword = null;
        this.keyAlias = null;
        this.keyPassword = null;
        this.trustStoreFilePath = null;
        this.trustStoreType = null;
        this.trustStoreAlgorithm = null;
        this.trustStorePassword = null;
        this.config = null;
        this.socketUseClientMode = null;
        this.serverSocketUseClientMode = null;
        this.clientAuthMode = null;
        this.serverAuthMode = null;
        this.useSSLServerSocketFactory = true;
        this.useSSLSocketFactory = true;
        this.config = map;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setUseSSLServerSocketFactory(boolean z) {
        this.useSSLServerSocketFactory = z;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean getUseSSLServerSocketFactory() {
        return this.useSSLServerSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setUseSSLSocketFactory(boolean z) {
        this.useSSLSocketFactory = z;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean getUseSSLSocketFactory() {
        return this.useSSLSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public ServerSocketFactory createSSLServerSocketFactory() throws IOException {
        return createSSLServerSocketFactory(null);
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public ServerSocketFactory createSSLServerSocketFactory(CustomSSLServerSocketFactory customSSLServerSocketFactory) throws IOException {
        ServerSocketFactory createCustomServerSocketFactory;
        if (getUseSSLServerSocketFactory()) {
            createCustomServerSocketFactory = SSLServerSocketFactory.getDefault();
        } else {
            if (customSSLServerSocketFactory == null) {
                customSSLServerSocketFactory = new CustomSSLServerSocketFactory(null, this);
            }
            createCustomServerSocketFactory = createCustomServerSocketFactory(customSSLServerSocketFactory);
        }
        return createCustomServerSocketFactory;
    }

    protected ServerSocketFactory createCustomServerSocketFactory(CustomSSLServerSocketFactory customSSLServerSocketFactory) throws IOException {
        if (this.sslContextServerSocketFactory == null) {
            createServerSocketFactorySSLContext();
            initializeServerSocketFactorySSLContext();
        }
        customSSLServerSocketFactory.setFactory(this.sslContextServerSocketFactory.getServerSocketFactory());
        return customSSLServerSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public SocketFactory createSSLSocketFactory() throws IOException {
        return createSSLSocketFactory(null);
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public SocketFactory createSSLSocketFactory(CustomSSLSocketFactory customSSLSocketFactory) throws IOException {
        Class cls;
        SocketFactory socketFactory = null;
        if (getUseSSLSocketFactory()) {
            String property = System.getProperty(REMOTING_DEFAULT_SOCKET_FACTORY_CLASS);
            if (property != null) {
                try {
                    if (class$org$jboss$remoting$security$SSLSocketBuilder == null) {
                        cls = class$("org.jboss.remoting.security.SSLSocketBuilder");
                        class$org$jboss$remoting$security$SSLSocketBuilder = cls;
                    } else {
                        cls = class$org$jboss$remoting$security$SSLSocketBuilder;
                    }
                    Class loadClass = ClassLoaderUtility.loadClass(property, cls);
                    Method method = loadClass.getMethod("getDefault", null);
                    if (method == null) {
                        throw new RuntimeException(new StringBuffer().append("Could not create the socket factory ").append(property).append(" because the class ").append(loadClass).append(" doesn't provide the getDefault method.").toString());
                    }
                    socketFactory = (SocketFactory) method.invoke(null, null);
                } catch (Exception e) {
                    throw new RuntimeException(new StringBuffer().append("Could not create the socket factory ").append(property).toString(), e);
                }
            }
            if (socketFactory == null) {
                socketFactory = SSLSocketFactory.getDefault();
            }
        } else {
            if (customSSLSocketFactory == null) {
                customSSLSocketFactory = new CustomSSLSocketFactory(null, this);
            }
            socketFactory = createCustomSocketFactory(customSSLSocketFactory);
        }
        return socketFactory;
    }

    protected SocketFactory createCustomSocketFactory(CustomSSLSocketFactory customSSLSocketFactory) throws IOException {
        if (this.sslContextSocketFactory == null) {
            createSocketFactorySSLContext();
            initializeSocketFactorySSLContext();
        }
        customSSLSocketFactory.setFactory(this.sslContextSocketFactory.getSocketFactory());
        return customSSLSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public SSLContext getServerSocketFactorySSLContext() {
        return this.sslContextServerSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public SSLContext getSocketFactorySSLContext() {
        return this.sslContextSocketFactory;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getSecureSocketProtocol() {
        if (this.secureSocketProtocol == null) {
            if (this.config != null) {
                this.secureSocketProtocol = (String) this.config.get(REMOTING_SSL_PROTOCOL);
            }
            if (this.secureSocketProtocol == null) {
                this.secureSocketProtocol = "TLS";
            }
        }
        return this.secureSocketProtocol;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setSecureSocketProtocol(String str) {
        if (str == null || str.length() <= 0) {
            throw new IllegalArgumentException("Can not set remoting socket factory with null protocol");
        }
        this.secureSocketProtocol = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public Provider getProvider() {
        return this.provider;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setProvider(Provider provider) {
        this.provider = provider;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getProviderName() {
        if (this.providerName == null && this.config != null) {
            this.providerName = (String) this.config.get(REMOTING_SSL_PROVIDER_NAME);
        }
        return this.providerName;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setProviderName(String str) {
        this.providerName = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public SecureRandom getSecureRandom() {
        if (this.secureRandom != null) {
            return this.secureRandom;
        }
        this.secureRandom = new SecureRandom();
        return this.secureRandom;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setSecureRandom(SecureRandom secureRandom) {
        this.secureRandom = secureRandom;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getKeyStoreURL() {
        URL keyStore = getKeyStore();
        if (keyStore != null) {
            return keyStore.toString();
        }
        return null;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public URL getKeyStore() {
        String property;
        String str;
        if (this.keyStoreFilePath != null) {
            return this.keyStoreFilePath;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_KEY_STORE_FILE_PATH)) != null && str.length() > 0) {
            setKeyStoreURL(str);
        }
        if (this.keyStoreFilePath == null && (property = System.getProperty(STANDARD_KEY_STORE_FILE_PATH)) != null && property.length() > 0) {
            setKeyStoreURL(property);
        }
        return this.keyStoreFilePath;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyStoreURL(String str) {
        try {
            this.keyStoreFilePath = validateStoreURL(str);
        } catch (IOException e) {
            throw new RuntimeException(new StringBuffer().append("Cannot validate the store URL: ").append(str).toString(), e);
        }
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyStore(URL url) {
        this.keyStoreFilePath = url;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getKeyStoreType() {
        String str;
        if (this.keyStoreType != null) {
            return this.keyStoreType;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_KEY_STORE_TYPE)) != null && str.length() > 0) {
            this.keyStoreType = str;
        }
        if (this.keyStoreType == null) {
            this.keyStoreType = System.getProperty(STANDARD_KEY_STORE_TYPE);
            if (this.keyStoreType == null) {
                this.keyStoreType = "JKS";
            }
        }
        return this.keyStoreType;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyStoreType(String str) {
        this.keyStoreType = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getKeyStoreAlgorithm() {
        String str;
        if (this.keyStoreAlgorithm != null) {
            return this.keyStoreAlgorithm;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_KEY_STORE_ALGORITHM)) != null && str.length() > 0) {
            this.keyStoreAlgorithm = str;
        }
        if (this.keyStoreAlgorithm == null) {
            this.keyStoreAlgorithm = "SunX509";
        }
        return this.keyStoreAlgorithm;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyStoreAlgorithm(String str) {
        this.keyStoreAlgorithm = str;
    }

    public String getKeyStorePassword() {
        String str;
        if (this.keyStorePassword != null) {
            return this.keyStorePassword;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_KEY_STORE_PASSWORD)) != null && str.length() > 0) {
            this.keyStorePassword = str;
        }
        if (this.keyStorePassword == null) {
            this.keyStorePassword = System.getProperty(STANDARD_KEY_STORE_PASSWORD);
        }
        return this.keyStorePassword;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getTrustStoreURL() {
        URL trustStore = getTrustStore();
        if (trustStore != null) {
            return trustStore.toString();
        }
        return null;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public URL getTrustStore() {
        String property;
        String str;
        if (this.trustStoreFilePath != null) {
            return this.trustStoreFilePath;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_TRUST_STORE_FILE_PATH)) != null && str.length() > 0) {
            setTrustStoreURL(str);
        }
        if (this.trustStoreFilePath == null && (property = System.getProperty(STANDARD_TRUST_STORE_FILE_PATH)) != null && property.length() > 0) {
            setTrustStoreURL(property);
        }
        return this.trustStoreFilePath;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setTrustStore(URL url) {
        this.trustStoreFilePath = url;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setTrustStoreURL(String str) {
        try {
            this.trustStoreFilePath = validateStoreURL(str);
        } catch (IOException e) {
            throw new RuntimeException(new StringBuffer().append("Cannot validate the store URL: ").append(str).toString(), e);
        }
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getTrustStoreType() {
        String str;
        if (this.trustStoreType != null) {
            return this.trustStoreType;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_TRUST_STORE_TYPE)) != null && str.length() > 0) {
            this.trustStoreType = str;
        }
        if (this.trustStoreType == null) {
            this.trustStoreType = System.getProperty(STANDARD_TRUST_STORE_TYPE);
            if (this.trustStoreType == null) {
                this.trustStoreType = getKeyStoreType();
            }
        }
        return this.trustStoreType;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setTrustStoreType(String str) {
        this.trustStoreType = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getTrustStoreAlgorithm() {
        String str;
        if (this.trustStoreAlgorithm != null) {
            return this.trustStoreAlgorithm;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_TRUST_STORE_ALGORITHM)) != null && str.length() > 0) {
            this.trustStoreAlgorithm = str;
        }
        if (this.trustStoreAlgorithm == null) {
            this.trustStoreAlgorithm = getKeyStoreAlgorithm();
        }
        return this.trustStoreAlgorithm;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setTrustStoreAlgorithm(String str) {
        this.trustStoreAlgorithm = str;
    }

    public String getTrustStorePassword() {
        String str;
        if (this.trustStorePassword != null) {
            return this.trustStorePassword;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_TRUST_STORE_PASSWORD)) != null && str.length() > 0) {
            this.trustStorePassword = str;
        }
        if (this.trustStorePassword == null) {
            this.trustStorePassword = System.getProperty(STANDARD_TRUST_STORE_PASSWORD);
            if (this.trustStorePassword == null) {
                this.trustStorePassword = getKeyStorePassword();
            }
        }
        return this.trustStorePassword;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getKeyAlias() {
        if (this.keyAlias != null) {
            return this.keyAlias;
        }
        if (this.config != null) {
            this.keyAlias = (String) this.config.get(REMOTING_KEY_ALIAS);
        }
        return this.keyAlias;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyAlias(String str) {
        this.keyAlias = str;
    }

    public String getKeyPassword() {
        String str;
        if (this.keyPassword != null) {
            return this.keyPassword;
        }
        if (this.config != null && (str = (String) this.config.get(REMOTING_KEY_PASSWORD)) != null && str.length() > 0) {
            this.keyPassword = str;
        }
        return this.keyPassword;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setKeyPassword(String str) {
        this.keyPassword = str;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean isSocketUseClientMode() {
        if (this.socketUseClientMode == null) {
            if (this.config == null || !this.config.containsKey(REMOTING_SOCKET_USE_CLIENT_MODE)) {
                this.socketUseClientMode = Boolean.TRUE;
            } else {
                this.socketUseClientMode = Boolean.valueOf((String) this.config.get(REMOTING_SOCKET_USE_CLIENT_MODE));
            }
        }
        return this.socketUseClientMode.booleanValue();
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean isServerSocketUseClientMode() {
        if (this.serverSocketUseClientMode == null) {
            if (this.config == null || !this.config.containsKey(REMOTING_SERVER_SOCKET_USE_CLIENT_MODE)) {
                this.serverSocketUseClientMode = Boolean.FALSE;
            } else {
                this.serverSocketUseClientMode = Boolean.valueOf((String) this.config.get(REMOTING_SERVER_SOCKET_USE_CLIENT_MODE));
            }
        }
        return this.serverSocketUseClientMode.booleanValue();
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setSocketUseClientMode(boolean z) {
        this.socketUseClientMode = Boolean.valueOf(z);
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setServerSocketUseClientMode(boolean z) {
        this.serverSocketUseClientMode = Boolean.valueOf(z);
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean isClientAuthModeNone() {
        return "none".equals(getClientAuthMode());
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean isClientAuthModeWant() {
        return CLIENT_AUTH_MODE_WANT.equals(getClientAuthMode());
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean isClientAuthModeNeed() {
        return CLIENT_AUTH_MODE_NEED.equals(getClientAuthMode());
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public String getClientAuthMode() {
        if (this.clientAuthMode == null) {
            if (this.config == null || !this.config.containsKey(REMOTING_CLIENT_AUTH_MODE)) {
                this.clientAuthMode = "none";
            } else {
                setClientAuthMode((String) this.config.get(REMOTING_CLIENT_AUTH_MODE));
            }
        }
        return this.clientAuthMode;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setClientAuthMode(String str) {
        if (str != null && (str.equalsIgnoreCase("none") || str.equalsIgnoreCase(CLIENT_AUTH_MODE_WANT) || str.equalsIgnoreCase(CLIENT_AUTH_MODE_NEED))) {
            this.clientAuthMode = str;
        } else {
            log.warn(new StringBuffer().append("Client authentication mode is invalid [").append(str).append("]; falling back to NEED mode").toString());
            this.clientAuthMode = CLIENT_AUTH_MODE_NEED;
        }
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public boolean isServerAuthMode() {
        if (this.serverAuthMode == null) {
            if (this.config == null || !this.config.containsKey(REMOTING_SERVER_AUTH_MODE)) {
                this.serverAuthMode = Boolean.TRUE;
            } else {
                this.serverAuthMode = Boolean.valueOf((String) this.config.get(REMOTING_SERVER_AUTH_MODE));
            }
        }
        return this.serverAuthMode.booleanValue();
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void setServerAuthMode(boolean z) {
        this.serverAuthMode = Boolean.valueOf(z);
    }

    protected void createServerSocketFactorySSLContext() throws IOException {
        try {
            if (getProvider() != null) {
                this.sslContextServerSocketFactory = SSLContext.getInstance(getSecureSocketProtocol(), getProvider());
            } else if (getProviderName() != null) {
                this.sslContextServerSocketFactory = SSLContext.getInstance(getSecureSocketProtocol(), getProviderName());
            } else {
                this.sslContextServerSocketFactory = SSLContext.getInstance(getSecureSocketProtocol());
            }
        } catch (Exception e) {
            IOException iOException = new IOException(new StringBuffer().append("Error creating server socket factory SSL context: ").append(e.getMessage()).toString());
            iOException.setStackTrace(e.getStackTrace());
            throw iOException;
        }
    }

    protected void createSocketFactorySSLContext() throws IOException {
        try {
            if (getProvider() != null) {
                this.sslContextSocketFactory = SSLContext.getInstance(getSecureSocketProtocol(), getProvider());
            } else if (getProviderName() != null) {
                this.sslContextSocketFactory = SSLContext.getInstance(getSecureSocketProtocol(), getProviderName());
            } else {
                this.sslContextSocketFactory = SSLContext.getInstance(getSecureSocketProtocol());
            }
        } catch (Exception e) {
            IOException iOException = new IOException(new StringBuffer().append("Error creating socket factory SSL context: ").append(e.getMessage()).toString());
            iOException.setStackTrace(e.getStackTrace());
            throw iOException;
        }
    }

    protected void initializeServerSocketFactorySSLContext() throws IOException {
        try {
            if (this.sslContextServerSocketFactory == null) {
                createServerSocketFactorySSLContext();
            }
            try {
                this.keyManagers = loadKeyManagers();
            } catch (NullStoreURLException e) {
                if (!isServerSocketUseClientMode()) {
                    IOException iOException = new IOException("Can not find keystore url.");
                    iOException.initCause(e);
                    throw iOException;
                }
                this.keyManagers = null;
                log.debug(new StringBuffer().append("Could not find keytore url.  ").append(e.getMessage()).toString());
            }
            try {
                this.trustManagers = loadTrustManagers(isServerSocketUseClientMode());
            } catch (NullStoreURLException e2) {
                this.trustManagers = null;
                log.debug(new StringBuffer().append("Could not find truststore url.  ").append(e2.getMessage()).toString());
            }
            this.secureRandom = getSecureRandom();
            this.sslContextServerSocketFactory.init(this.keyManagers, this.trustManagers, this.secureRandom);
        } catch (Exception e3) {
            IOException iOException2 = new IOException(new StringBuffer().append("Error initializing server socket factory SSL context: ").append(e3.getMessage()).toString());
            iOException2.setStackTrace(e3.getStackTrace());
            throw iOException2;
        }
    }

    protected void initializeSocketFactorySSLContext() throws IOException {
        try {
            if (this.sslContextSocketFactory == null) {
                createSocketFactorySSLContext();
            }
            try {
                this.keyManagers = loadKeyManagers();
            } catch (NullStoreURLException e) {
                this.keyManagers = null;
                log.debug(new StringBuffer().append("Could not find keystore url.  ").append(e.getMessage()).toString());
            }
            try {
                this.trustManagers = loadTrustManagers(isSocketUseClientMode());
            } catch (NullStoreURLException e2) {
                if (this.keyManagers == null) {
                    IOException iOException = new IOException("Can not find truststore url.");
                    iOException.initCause(e2);
                    throw iOException;
                }
                this.trustManagers = null;
                log.debug(new StringBuffer().append("Could not find truststore url.  ").append(e2.getMessage()).toString());
            }
            this.secureRandom = getSecureRandom();
            this.sslContextSocketFactory.init(this.keyManagers, this.trustManagers, this.secureRandom);
        } catch (Exception e3) {
            IOException iOException2 = new IOException(new StringBuffer().append("Error initializing socket factory SSL context: ").append(e3.getMessage()).toString());
            iOException2.setStackTrace(e3.getStackTrace());
            throw iOException2;
        }
    }

    protected TrustManager[] loadTrustManagers(boolean z) throws NoSuchProviderException, NoSuchAlgorithmException, IOException, CertificateException, KeyStoreException, NullStoreURLException {
        if (!z || isServerAuthMode()) {
            String trustStoreType = getTrustStoreType();
            String trustStorePassword = getTrustStorePassword();
            URL trustStore = getTrustStore();
            String trustStoreAlgorithm = getTrustStoreAlgorithm();
            KeyStore loadKeyStore = loadKeyStore(trustStoreType, trustStore, trustStorePassword);
            TrustManagerFactory trustManagerFactory = getProvider() != null ? TrustManagerFactory.getInstance(trustStoreAlgorithm, getProvider()) : getProviderName() != null ? TrustManagerFactory.getInstance(trustStoreAlgorithm, getProviderName()) : TrustManagerFactory.getInstance(trustStoreAlgorithm);
            if (loadKeyStore != null) {
                trustManagerFactory.init(loadKeyStore);
                this.trustManagers = trustManagerFactory.getTrustManagers();
            }
        } else {
            this.trustManagers = new TrustManager[]{new X509TrustManager(this) { // from class: org.jboss.remoting.security.SSLSocketBuilder.1
                private final SSLSocketBuilder this$0;

                {
                    this.this$0 = this;
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            }};
        }
        return this.trustManagers;
    }

    protected KeyManager[] loadKeyManagers() throws NoSuchProviderException, NoSuchAlgorithmException, IOException, CertificateException, KeyStoreException, UnrecoverableKeyException, NullStoreURLException {
        String keyStorePassword = getKeyStorePassword();
        String keyStoreType = getKeyStoreType();
        URL keyStore = getKeyStore();
        KeyStore loadKeyStore = loadKeyStore(keyStoreType, keyStore, keyStorePassword);
        if (loadKeyStore != null) {
            String keyAlias = getKeyAlias();
            if (keyAlias != null && !loadKeyStore.isKeyEntry(keyAlias)) {
                throw new IOException(new StringBuffer().append("Can not find key entry for key store (").append(keyStore).append(") with given alias (").append(keyAlias).append(")").toString());
            }
            String keyStoreAlgorithm = getKeyStoreAlgorithm();
            KeyManagerFactory keyManagerFactory = getProvider() != null ? KeyManagerFactory.getInstance(keyStoreAlgorithm, getProvider()) : getProviderName() != null ? KeyManagerFactory.getInstance(keyStoreAlgorithm, getProviderName()) : KeyManagerFactory.getInstance(keyStoreAlgorithm);
            String keyPassword = getKeyPassword();
            if (keyPassword == null || keyPassword.length() == 0) {
                keyPassword = keyStorePassword;
            }
            keyManagerFactory.init(loadKeyStore, keyPassword.toCharArray());
            this.keyManagers = keyManagerFactory.getKeyManagers();
            if (keyAlias != null) {
                for (int i = 0; i < this.keyManagers.length; i++) {
                    this.keyManagers[i] = new RemotingKeyManager((X509KeyManager) this.keyManagers[i], keyAlias);
                }
            }
        }
        return this.keyManagers;
    }

    protected KeyStore loadKeyStore(String str, URL url, String str2) throws KeyStoreException, NoSuchProviderException, IOException, NoSuchAlgorithmException, CertificateException, NullStoreURLException {
        KeyStore keyStore = getProvider() != null ? KeyStore.getInstance(str, getProvider()) : getProviderName() != null ? KeyStore.getInstance(str, getProviderName()) : KeyStore.getInstance(str);
        if (url == null) {
            throw new NullStoreURLException(this, "Can not find store file for url because store url is null.");
        }
        InputStream inputStream = null;
        try {
            inputStream = url.openStream();
            keyStore.load(inputStream, str2 != null ? str2.toCharArray() : null);
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e) {
                }
            }
            return keyStore;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }

    protected URL validateStoreURL(String str) throws IOException {
        URL url = null;
        try {
            url = new URL(str);
        } catch (MalformedURLException e) {
            File file = new File(str);
            if (file.exists()) {
                url = file.toURL();
            } else if (url == null) {
                url = Thread.currentThread().getContextClassLoader().getResource(str);
            }
        }
        if (url == null) {
            throw new MalformedURLException(new StringBuffer().append("Failed to find url=").append(str).append(" as a URL, file or resource").toString());
        }
        return url;
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public Object clone() {
        try {
            return super.clone();
        } catch (CloneNotSupportedException e) {
            return null;
        }
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void create() throws Exception {
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void start() throws Exception {
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void stop() {
    }

    @Override // org.jboss.remoting.security.SSLSocketBuilderMBean
    public void destroy() {
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$jboss$remoting$security$SSLSocketBuilder == null) {
            cls = class$("org.jboss.remoting.security.SSLSocketBuilder");
            class$org$jboss$remoting$security$SSLSocketBuilder = cls;
        } else {
            cls = class$org$jboss$remoting$security$SSLSocketBuilder;
        }
        log = Logger.getLogger(cls);
    }
}
