package org.restlet.engine.ssl;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.HashSet;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.apache.batik.apps.svgbrowser.Main;
import org.apache.cxf.phase.Phase;
import org.glassfish.jersey.SslConfigurator;
import org.restlet.data.Parameter;
import org.restlet.util.Series;
import org.switchyard.security.crypto.PublicCrypto;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-343-07.zip:modules/system/layers/fuse/org/restlet/main/org.restlet-2.3.6.jar:org/restlet/engine/ssl/DefaultSslContextFactory.class */
public class DefaultSslContextFactory extends SslContextFactory {
    private volatile String[] disabledCipherSuites = null;
    private volatile String[] disabledProtocols = null;
    private volatile String[] enabledCipherSuites = null;
    private volatile String[] enabledProtocols = null;
    private volatile String keyManagerAlgorithm = System.getProperty("ssl.KeyManagerFactory.algorithm", "SunX509");
    private volatile char[] keyStoreKeyPassword;
    private volatile char[] keyStorePassword;
    private volatile String keyStorePath;
    private volatile String keyStoreProvider;
    private volatile String keyStoreType;
    private volatile boolean needClientAuthentication;
    private volatile String protocol;
    private volatile String secureRandomAlgorithm;
    private volatile String trustManagerAlgorithm;
    private volatile char[] trustStorePassword;
    private volatile String trustStorePath;
    private volatile String trustStoreProvider;
    private volatile String trustStoreType;
    private volatile boolean wantClientAuthentication;

    public DefaultSslContextFactory() {
        this.keyStoreKeyPassword = System.getProperty("javax.net.ssl.keyPassword", System.getProperty(SslConfigurator.KEY_STORE_PASSWORD)) != null ? System.getProperty("javax.net.ssl.keyPassword", System.getProperty(SslConfigurator.KEY_STORE_PASSWORD)).toCharArray() : null;
        this.keyStorePassword = System.getProperty(SslConfigurator.KEY_STORE_PASSWORD) != null ? System.getProperty(SslConfigurator.KEY_STORE_PASSWORD).toCharArray() : null;
        this.keyStorePath = System.getProperty(SslConfigurator.KEY_STORE_FILE, System.getProperty(Main.PROPERTY_USER_HOME) != null ? System.getProperty(Main.PROPERTY_USER_HOME).endsWith("/") ? System.getProperty(Main.PROPERTY_USER_HOME) + ".keystore" : System.getProperty(Main.PROPERTY_USER_HOME) + "/.keystore" : null);
        this.keyStoreProvider = System.getProperty(SslConfigurator.KEY_STORE_PROVIDER);
        this.keyStoreType = System.getProperty(SslConfigurator.KEY_STORE_TYPE, "JKS");
        this.needClientAuthentication = false;
        this.protocol = "TLS";
        this.secureRandomAlgorithm = null;
        this.trustManagerAlgorithm = System.getProperty("ssl.TrustManagerFactory.algorithm", "SunX509");
        this.trustStorePassword = System.getProperty(SslConfigurator.TRUST_STORE_PASSWORD) != null ? System.getProperty(SslConfigurator.TRUST_STORE_PASSWORD).toCharArray() : null;
        this.trustStorePath = System.getProperty(SslConfigurator.TRUST_STORE_FILE);
        this.trustStoreProvider = System.getProperty(SslConfigurator.TRUST_STORE_PROVIDER);
        this.trustStoreType = System.getProperty(SslConfigurator.TRUST_STORE_TYPE);
        this.wantClientAuthentication = false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public final DefaultSslContextFactory m15269clone() throws CloneNotSupportedException {
        throw new CloneNotSupportedException();
    }

    @Override // org.restlet.engine.ssl.SslContextFactory
    public SSLContext createSslContext() throws Exception {
        KeyStore keyStore;
        KeyStore keyStore2;
        KeyManagerFactory keyManagerFactory = null;
        if (this.keyStorePath != null || this.keyStoreProvider != null || this.keyStoreType != null) {
            if (this.keyStoreProvider != null) {
                keyStore = KeyStore.getInstance(this.keyStoreType != null ? this.keyStoreType : KeyStore.getDefaultType(), this.keyStoreProvider);
            } else {
                keyStore = KeyStore.getInstance(this.keyStoreType != null ? this.keyStoreType : KeyStore.getDefaultType());
            }
            KeyStore keyStore3 = keyStore;
            FileInputStream fileInputStream = null;
            try {
                fileInputStream = (this.keyStorePath == null || "NONE".equals(this.keyStorePath)) ? null : new FileInputStream(this.keyStorePath);
                keyStore3.load(fileInputStream, this.keyStorePassword);
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                keyManagerFactory = KeyManagerFactory.getInstance(this.keyManagerAlgorithm);
                keyManagerFactory.init(keyStore3, this.keyStoreKeyPassword);
            } finally {
            }
        }
        TrustManagerFactory trustManagerFactory = null;
        if (this.trustStorePath != null || this.trustStoreProvider != null || this.trustStoreType != null) {
            if (this.trustStoreProvider != null) {
                keyStore2 = KeyStore.getInstance(this.trustStoreType != null ? this.trustStoreType : KeyStore.getDefaultType(), this.trustStoreProvider);
            } else {
                keyStore2 = KeyStore.getInstance(this.trustStoreType != null ? this.trustStoreType : KeyStore.getDefaultType());
            }
            KeyStore keyStore4 = keyStore2;
            FileInputStream fileInputStream2 = null;
            try {
                fileInputStream2 = (this.trustStorePath == null || "NONE".equals(this.trustStorePath)) ? null : new FileInputStream(this.trustStorePath);
                keyStore4.load(fileInputStream2, this.trustStorePassword);
                if (fileInputStream2 != null) {
                    fileInputStream2.close();
                }
                trustManagerFactory = TrustManagerFactory.getInstance(this.trustManagerAlgorithm);
                trustManagerFactory.init(keyStore4);
            } finally {
            }
        }
        SSLContext sSLContext = SSLContext.getInstance(this.protocol);
        SecureRandom secureRandom = null;
        if (this.secureRandomAlgorithm != null) {
            secureRandom = SecureRandom.getInstance(this.secureRandomAlgorithm);
        }
        sSLContext.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, trustManagerFactory != null ? trustManagerFactory.getTrustManagers() : null, secureRandom);
        return createWrapper(sSLContext);
    }

    protected SSLContext createWrapper(SSLContext sSLContext) {
        return new DefaultSslContext(this, sSLContext);
    }

    public String[] getDisabledCipherSuites() {
        return this.disabledCipherSuites;
    }

    public String[] getDisabledProtocols() {
        return this.disabledProtocols;
    }

    public String[] getEnabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    public String[] getEnabledProtocols() {
        return this.enabledProtocols;
    }

    public String getKeyManagerAlgorithm() {
        return this.keyManagerAlgorithm;
    }

    public char[] getKeyStoreKeyPassword() {
        return this.keyStoreKeyPassword;
    }

    public char[] getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public String getKeyStorePath() {
        return this.keyStorePath;
    }

    public String getKeyStoreProvider() {
        return this.keyStoreProvider;
    }

    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    public String getProtocol() {
        return this.protocol;
    }

    public String getSecureRandomAlgorithm() {
        return this.secureRandomAlgorithm;
    }

    public String[] getSelectedCipherSuites(String[] strArr) {
        HashSet hashSet = new HashSet();
        if (strArr != null) {
            for (String str : strArr) {
                if ((getEnabledCipherSuites() == null || Arrays.asList(getEnabledCipherSuites()).contains(str)) && (getDisabledCipherSuites() == null || !Arrays.asList(getDisabledCipherSuites()).contains(str))) {
                    hashSet.add(str);
                }
            }
        }
        return (String[]) hashSet.toArray(new String[hashSet.size()]);
    }

    public String[] getSelectedSslProtocols(String[] strArr) {
        HashSet hashSet = new HashSet();
        if (strArr != null) {
            for (String str : strArr) {
                if ((getEnabledProtocols() == null || Arrays.asList(getEnabledProtocols()).contains(str)) && (getDisabledProtocols() == null || !Arrays.asList(getDisabledProtocols()).contains(str))) {
                    hashSet.add(str);
                }
            }
        }
        return (String[]) hashSet.toArray(new String[hashSet.size()]);
    }

    public String getTrustManagerAlgorithm() {
        return this.trustManagerAlgorithm;
    }

    public char[] getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public String getTrustStorePath() {
        return this.trustStorePath;
    }

    public String getTrustStoreProvider() {
        return this.trustStoreProvider;
    }

    public String getTrustStoreType() {
        return this.trustStoreType;
    }

    @Override // org.restlet.engine.ssl.SslContextFactory
    public void init(Series<Parameter> series) {
        String[] valuesArray = series.getValuesArray("disabledCipherSuites");
        HashSet hashSet = new HashSet();
        for (String str : valuesArray) {
            for (String str2 : str.split(" ")) {
                hashSet.add(str2);
            }
        }
        if (hashSet.size() > 0) {
            String[] strArr = new String[hashSet.size()];
            hashSet.toArray(strArr);
            setDisabledCipherSuites(strArr);
        } else {
            setDisabledCipherSuites(null);
        }
        String[] valuesArray2 = series.getValuesArray("disabledProtocols");
        HashSet hashSet2 = new HashSet();
        for (String str3 : valuesArray2) {
            for (String str4 : str3.split(" ")) {
                hashSet2.add(str4);
            }
        }
        if (hashSet2.size() > 0) {
            String[] strArr2 = new String[hashSet2.size()];
            hashSet2.toArray(strArr2);
            setDisabledProtocols(strArr2);
        } else {
            setDisabledProtocols(null);
        }
        String[] valuesArray3 = series.getValuesArray("enabledCipherSuites");
        HashSet hashSet3 = new HashSet();
        for (String str5 : valuesArray3) {
            for (String str6 : str5.split(" ")) {
                hashSet3.add(str6);
            }
        }
        if (hashSet3.size() > 0) {
            String[] strArr3 = new String[hashSet3.size()];
            hashSet3.toArray(strArr3);
            setEnabledCipherSuites(strArr3);
        } else {
            setEnabledCipherSuites(null);
        }
        String[] valuesArray4 = series.getValuesArray("enabledProtocols");
        HashSet hashSet4 = new HashSet();
        for (String str7 : valuesArray4) {
            for (String str8 : str7.split(" ")) {
                hashSet4.add(str8);
            }
        }
        if (hashSet4.size() > 0) {
            String[] strArr4 = new String[hashSet4.size()];
            hashSet4.toArray(strArr4);
            setEnabledProtocols(strArr4);
        } else {
            setEnabledProtocols(null);
        }
        setKeyManagerAlgorithm(series.getFirstValue("keyManagerAlgorithm", true, System.getProperty("ssl.KeyManagerFactory.algorithm", "SunX509")));
        setKeyStorePassword(series.getFirstValue(PublicCrypto.KEYSTORE_PASSWORD, true, System.getProperty(SslConfigurator.KEY_STORE_PASSWORD, "")));
        setKeyStoreKeyPassword(series.getFirstValue(PublicCrypto.KEY_PASSWORD, true, System.getProperty("javax.net.ssl.keyPassword")));
        if (this.keyStoreKeyPassword == null) {
            this.keyStoreKeyPassword = this.keyStorePassword;
        }
        setKeyStorePath(series.getFirstValue("keyStorePath", true, System.getProperty(SslConfigurator.KEY_STORE_FILE)));
        setKeyStoreType(series.getFirstValue(PublicCrypto.KEYSTORE_TYPE, true, System.getProperty(SslConfigurator.KEY_STORE_TYPE)));
        setNeedClientAuthentication(Boolean.parseBoolean(series.getFirstValue("needClientAuthentication", true, "false")));
        setProtocol(series.getFirstValue(Phase.PROTOCOL, true, "TLS"));
        setSecureRandomAlgorithm(series.getFirstValue("secureRandomAlgorithm", true));
        setTrustManagerAlgorithm(series.getFirstValue("trustManagerAlgorithm", true, System.getProperty("ssl.TrustManagerFactory.algorithm", "SunX509")));
        setTrustStorePassword(series.getFirstValue("trustStorePassword", true, System.getProperty(SslConfigurator.TRUST_STORE_PASSWORD)));
        setTrustStorePath(series.getFirstValue("trustStorePath", true, System.getProperty(SslConfigurator.TRUST_STORE_FILE)));
        setTrustStoreType(series.getFirstValue("trustStoreType", true, System.getProperty(SslConfigurator.TRUST_STORE_TYPE)));
        setWantClientAuthentication(Boolean.parseBoolean(series.getFirstValue("wantClientAuthentication", true, "false")));
    }

    public boolean isNeedClientAuthentication() {
        return this.needClientAuthentication;
    }

    public boolean isWantClientAuthentication() {
        return this.wantClientAuthentication;
    }

    public void setDisabledCipherSuites(String[] strArr) {
        this.disabledCipherSuites = strArr;
    }

    public void setDisabledProtocols(String[] strArr) {
        this.disabledProtocols = strArr;
    }

    public void setEnabledCipherSuites(String[] strArr) {
        this.enabledCipherSuites = strArr;
    }

    public void setEnabledProtocols(String[] strArr) {
        this.enabledProtocols = strArr;
    }

    public void setKeyManagerAlgorithm(String str) {
        this.keyManagerAlgorithm = str;
    }

    public void setKeyStoreKeyPassword(char[] cArr) {
        this.keyStoreKeyPassword = cArr;
    }

    public void setKeyStoreKeyPassword(String str) {
        this.keyStoreKeyPassword = str != null ? str.toCharArray() : null;
    }

    public void setKeyStorePassword(char[] cArr) {
        this.keyStorePassword = cArr;
    }

    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str != null ? str.toCharArray() : null;
    }

    public void setKeyStorePath(String str) {
        this.keyStorePath = str;
    }

    public void setKeyStoreProvider(String str) {
        this.keyStoreProvider = str;
    }

    public void setKeyStoreType(String str) {
        this.keyStoreType = str;
    }

    public void setNeedClientAuthentication(boolean z) {
        this.needClientAuthentication = z;
    }

    public void setProtocol(String str) {
        this.protocol = str;
    }

    public void setSecureRandomAlgorithm(String str) {
        this.secureRandomAlgorithm = str;
    }

    public void setTrustManagerAlgorithm(String str) {
        this.trustManagerAlgorithm = str;
    }

    public void setTrustStorePassword(char[] cArr) {
        this.trustStorePassword = cArr;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str != null ? str.toCharArray() : null;
    }

    public void setTrustStorePath(String str) {
        this.trustStorePath = str;
    }

    public void setTrustStoreProvider(String str) {
        this.trustStoreProvider = str;
    }

    public void setTrustStoreType(String str) {
        this.trustStoreType = str;
    }

    public void setWantClientAuthentication(boolean z) {
        this.wantClientAuthentication = z;
    }
}
