package org.apache.servicemix.http.processors;

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.jbi.JBIException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
import org.apache.geronimo.security.SecurityService;
import org.apache.servicemix.common.security.KeystoreManager;
import org.apache.servicemix.http.SslParameters;
import org.mortbay.resource.Resource;
import org.springframework.core.io.ClassPathResource;

/* loaded from: input_file:WEB-INF/lib/servicemix-http-2010.02.0-fuse-00-00.jar:org/apache/servicemix/http/processors/CommonsHttpSSLSocketFactory.class */
public class CommonsHttpSSLSocketFactory implements SecureProtocolSocketFactory {
    private SSLSocketFactory factory;

    public CommonsHttpSSLSocketFactory(SslParameters sslParameters, KeystoreManager keystoreManager) throws Exception {
        if (sslParameters.isManaged()) {
            createManagedFactory(sslParameters, keystoreManager);
        } else {
            createUnmanagedFactory(sslParameters);
        }
    }

    protected final void createManagedFactory(SslParameters sslParameters, KeystoreManager keystoreManager) throws Exception {
        this.factory = keystoreManager.createSSLFactory(sslParameters.getProvider(), sslParameters.getProtocol(), sslParameters.getKeyManagerFactoryAlgorithm(), sslParameters.getKeyStore(), sslParameters.getKeyAlias(), sslParameters.getTrustStore());
    }

    protected final void createUnmanagedFactory(SslParameters sslParameters) throws Exception {
        SSLContext sSLContext = sslParameters.getProvider() == null ? SSLContext.getInstance(sslParameters.getProtocol()) : SSLContext.getInstance(sslParameters.getProtocol(), sslParameters.getProvider());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(sslParameters.getKeyManagerFactoryAlgorithm());
        String keyStore = sslParameters.getKeyStore();
        if (keyStore == null) {
            keyStore = System.getProperty(SecurityService.KEYSTORE);
            if (keyStore == null) {
                throw new IllegalArgumentException("keyStore or system property javax.net.ssl.keyStore must be set");
            }
        }
        if (keyStore.startsWith("classpath:")) {
            try {
                keyStore = new ClassPathResource(keyStore.substring(10)).getURL().toString();
            } catch (IOException e) {
                throw new JBIException("Unable to find keyStore " + keyStore, e);
            }
        }
        String keyStorePassword = sslParameters.getKeyStorePassword();
        if (keyStorePassword == null) {
            keyStorePassword = System.getProperty(SecurityService.KEYSTORE_PASSWORD);
            if (keyStorePassword == null) {
                throw new IllegalArgumentException("keyStorePassword or system property javax.net.ssl.keyStorePassword must be set");
            }
        }
        String trustStore = sslParameters.getTrustStore();
        String str = null;
        if (trustStore == null) {
            trustStore = System.getProperty(SecurityService.TRUSTSTORE);
        }
        if (trustStore != null) {
            if (trustStore.startsWith("classpath:")) {
                try {
                    trustStore = new ClassPathResource(trustStore.substring(10)).getURL().toString();
                } catch (IOException e2) {
                    throw new JBIException("Unable to find trustStore " + trustStore, e2);
                }
            }
            str = sslParameters.getTrustStorePassword();
            if (str == null) {
                str = System.getProperty(SecurityService.TRUSTSTORE_PASSWORD);
                if (str == null) {
                    throw new IllegalArgumentException("trustStorePassword or system property javax.net.ssl.trustStorePassword must be set");
                }
            }
        }
        KeyStore keyStore2 = KeyStore.getInstance(sslParameters.getKeyStoreType());
        keyStore2.load(Resource.newResource(keyStore).getInputStream(), keyStorePassword.toCharArray());
        keyManagerFactory.init(keyStore2, sslParameters.getKeyPassword() != null ? sslParameters.getKeyPassword().toCharArray() : keyStorePassword.toCharArray());
        if (trustStore != null) {
            KeyStore keyStore3 = KeyStore.getInstance(sslParameters.getTrustStoreType());
            keyStore3.load(Resource.newResource(trustStore).getInputStream(), str.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(sslParameters.getTrustManagerFactoryAlgorithm());
            trustManagerFactory.init(keyStore3);
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        } else {
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
        }
        this.factory = sSLContext.getSocketFactory();
    }

    @Override // org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException, UnknownHostException {
        return this.factory.createSocket(socket, str, i, z);
    }

    @Override // org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        return this.factory.createSocket(str, i, inetAddress, i2);
    }

    @Override // org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2, HttpConnectionParams httpConnectionParams) throws IOException, UnknownHostException, ConnectTimeoutException {
        if (httpConnectionParams == null) {
            throw new IllegalArgumentException("Parameters may not be null");
        }
        int connectionTimeout = httpConnectionParams.getConnectionTimeout();
        if (connectionTimeout == 0) {
            return createSocket(str, i, inetAddress, i2);
        }
        Socket createSocket = this.factory.createSocket();
        InetSocketAddress inetSocketAddress = new InetSocketAddress(inetAddress, i2);
        InetSocketAddress inetSocketAddress2 = new InetSocketAddress(str, i);
        createSocket.bind(inetSocketAddress);
        createSocket.connect(inetSocketAddress2, connectionTimeout);
        return createSocket;
    }

    @Override // org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        return this.factory.createSocket(str, i);
    }
}
