package com.helpsystems.common.tl;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Serializable;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.rmi.server.RMIServerSocketFactory;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.ArrayList;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/helpsystems/common/tl/SecureServerSocketFactory.class */
public class SecureServerSocketFactory implements RMIServerSocketFactory, Serializable {
    public static final String SKYBOT_USE_LEGACY_PEERKEY_PROPERTY = "skybot.legacy.peerkey";
    public static final String PEERKEYS_PATH = "com/helpsystems/common/tl/";
    public static final String PEERKEYS_RESOURCE1 = "com/helpsystems/common/tl/peerkeys";
    public static final String PEERKEYS_RESOURCE2 = "com/helpsystems/common/tl/peerkeys2";
    private static final Logger logger = Logger.getLogger(SecureServerSocketFactory.class);
    private static boolean kmfFirstTime = true;
    private static boolean sslFirstTime = true;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v58, types: [java.net.ServerSocket] */
    /* JADX WARN: Type inference failed for: r0v62, types: [java.net.ServerSocket] */
    public ServerSocket createServerSocket(int i) throws IOException {
        logger.trace("Preparing a Secure Server Socket for port " + i);
        SSLContext findSSLContext = findSSLContext();
        KeyManagerFactory findKeyManagerFactory = findKeyManagerFactory();
        char[] cArr = null;
        InputStream inputStream = null;
        FileInputStream fileInputStream = null;
        boolean z = false;
        String str = PEERKEYS_RESOURCE2;
        try {
            String property = System.getProperty(SKYBOT_USE_LEGACY_PEERKEY_PROPERTY);
            if (property != null && "true".equalsIgnoreCase(property.trim())) {
                str = PEERKEYS_RESOURCE1;
                logger.debug("Using legacy peer key override.");
            }
        } catch (Exception e) {
            logger.warn("Error checking legacy peer key override.", e);
        }
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                try {
                    inputStream = new FileInputStream("sslkeys");
                    z = true;
                } catch (Exception e2) {
                    logger.trace("No 'sslkeys' SSL certificate was found, using default certificate.");
                }
                if (inputStream != null) {
                    logger.trace("Using 'sslkeys' SSL certificate.");
                    try {
                        fileInputStream = new FileInputStream("sslpassphrase");
                        if (fileInputStream != null) {
                            logger.debug("Using 'sslpassphrase' for SSL certificate.");
                        }
                        cArr = new BufferedReader(new InputStreamReader(fileInputStream)).readLine().toCharArray();
                    } catch (Exception e3) {
                        logger.debug("Unable to use 'sslpassphrase', using default passphrase.");
                        cArr = "secret1".toCharArray();
                    }
                }
                if (inputStream == null) {
                    cArr = "favorite0robot".toCharArray();
                    inputStream = getClass().getClassLoader().getResourceAsStream(str);
                    if (inputStream == null) {
                        throw new IOException("The file " + str + " could not be found. This file should be in the same JAR file as the SecurePeer.class.");
                    }
                }
                try {
                    keyStore.load(inputStream, cArr);
                } catch (Exception e4) {
                    if (!z) {
                        if (e4 instanceof IOException) {
                            throw ((IOException) e4);
                        }
                        IOException iOException = new IOException("Unable to load keystore for Secure Socket Factory.");
                        iOException.initCause(e4);
                        throw iOException;
                    }
                    logger.debug("Can not use 'sslkeys', using default certificate.");
                    inputStream = getClass().getClassLoader().getResourceAsStream(str);
                    cArr = "favorite0robot".toCharArray();
                    keyStore.load(inputStream, cArr);
                }
                findKeyManagerFactory.init(keyStore, cArr);
                findSSLContext.init(findKeyManagerFactory.getKeyManagers(), null, null);
                SSLServerSocketFactory serverSocketFactory = findSSLContext.getServerSocketFactory();
                if (inputStream != null) {
                    inputStream.close();
                }
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                SSLServerSocket createServerSocket = Peer.USE_LOCAL_IP_ONLY ? serverSocketFactory.createServerSocket(i, 0, InetAddress.getByName("127.0.0.1")) : serverSocketFactory.createServerSocket(i);
                adjustCiphers(createServerSocket);
                return createServerSocket;
            } catch (Exception e5) {
                if (e5 instanceof IOException) {
                    throw ((IOException) e5);
                }
                IOException iOException2 = new IOException("Unable to create a Secure Socket Factory.");
                iOException2.initCause(e5);
                throw iOException2;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                inputStream.close();
            }
            if (0 != 0) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Type inference failed for: r0v39, types: [java.lang.String[], java.lang.String[][]] */
    private static KeyManagerFactory findKeyManagerFactory() throws IOException {
        String property = System.getProperty("kmfa");
        String property2 = System.getProperty("kmfp");
        if (property == null && property2 == null) {
            String[] strArr = {"SunJSSE", "IBMJSSE", "IBMJSSE2"};
            String[] strArr2 = {"SunX509", "IbmX509", "IbmX509"};
            flipArraysForIBM(new String[]{strArr, strArr2});
            for (int i = 0; i < strArr.length; i++) {
                String str = strArr[i];
                String str2 = strArr2[i];
                try {
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(str2, str);
                    logKeyManagerFactory(keyManagerFactory);
                    kmfFirstTime = false;
                    return keyManagerFactory;
                } catch (NoSuchAlgorithmException e) {
                    if (kmfFirstTime) {
                        logger.trace("Unable to use KMF Algorithm: " + str + "/" + str2, e);
                    }
                } catch (NoSuchProviderException e2) {
                    if (kmfFirstTime) {
                        logger.trace("Unable to use KMF Provider: " + str, e2);
                    }
                }
            }
            kmfFirstTime = false;
            throw new IOException("Unable to find a usuable KMF implementation.");
        }
        if (kmfFirstTime && logger.isTraceEnabled()) {
            logger.trace("Using user specified KMF parameters:");
            logger.trace("\tKMF Protocol (kmfa) = " + property);
            logger.trace("\tKMF Provider (kmfp) = " + property2);
        }
        if (property == null) {
            property = "SunX509";
        }
        try {
            try {
                try {
                    KeyManagerFactory keyManagerFactory2 = property2 == null ? KeyManagerFactory.getInstance(property) : KeyManagerFactory.getInstance(property, property2);
                    logKeyManagerFactory(keyManagerFactory2);
                    KeyManagerFactory keyManagerFactory3 = keyManagerFactory2;
                    kmfFirstTime = false;
                    return keyManagerFactory3;
                } catch (NoSuchAlgorithmException e3) {
                    IOException iOException = new IOException("Unable to use KMF Algorithm: " + property);
                    iOException.initCause(e3);
                    throw iOException;
                }
            } catch (NoSuchProviderException e4) {
                IOException iOException2 = new IOException("Unable to use KMF Provider: " + property2);
                iOException2.initCause(e4);
                throw iOException2;
            }
        } catch (Throwable th) {
            kmfFirstTime = false;
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Type inference failed for: r0v39, types: [java.lang.String[], java.lang.String[][]] */
    public static SSLContext findSSLContext() throws IOException {
        String property = System.getProperty("ssla");
        String property2 = System.getProperty("sslp");
        if (property == null && property2 == null) {
            String[] strArr = {"SunJSSE", "IBMJSSE", "IBMJSSE2"};
            String[] strArr2 = {"TLS", "SSL_TLS", "SSL_TLS"};
            flipArraysForIBM(new String[]{strArr, strArr2});
            for (int i = 0; i < strArr.length; i++) {
                String str = strArr[i];
                String str2 = strArr2[i];
                try {
                    SSLContext sSLContext = SSLContext.getInstance(str2, str);
                    logSSLContext(sSLContext);
                    sslFirstTime = false;
                    return sSLContext;
                } catch (NoSuchAlgorithmException e) {
                    if (sslFirstTime) {
                        logger.trace("Unable to use Algorithm: " + str + "/" + str2, e);
                    }
                } catch (NoSuchProviderException e2) {
                    if (sslFirstTime) {
                        logger.trace("Unable to use Provider: " + str, e2);
                    }
                }
            }
            sslFirstTime = false;
            throw new IOException("Unable to find a usable SSL implementation.");
        }
        if (sslFirstTime && logger.isTraceEnabled()) {
            logger.trace("Using user specified SSL parameters:");
            logger.trace("\tSSL Protocol (ssla) = " + property);
            logger.trace("\tSSL Provider (sslp) = " + property2);
        }
        if (property == null) {
            property = "TLS";
        }
        try {
            try {
                try {
                    SSLContext sSLContext2 = property2 == null ? SSLContext.getInstance(property) : SSLContext.getInstance(property, property2);
                    logSSLContext(sSLContext2);
                    SSLContext sSLContext3 = sSLContext2;
                    sslFirstTime = false;
                    return sSLContext3;
                } catch (NoSuchAlgorithmException e3) {
                    IOException iOException = new IOException("Unable to use SSL Protocol: " + property);
                    iOException.initCause(e3);
                    throw iOException;
                }
            } catch (NoSuchProviderException e4) {
                IOException iOException2 = new IOException("Unable to use SSL Provider: " + property2);
                iOException2.initCause(e4);
                throw iOException2;
            }
        } catch (Throwable th) {
            sslFirstTime = false;
            throw th;
        }
    }

    private static void logSSLContext(SSLContext sSLContext) {
        if (sslFirstTime && logger.isTraceEnabled()) {
            logger.trace("Using an SSL Context with provider " + sSLContext.getProvider() + " and protocol " + sSLContext.getProtocol());
        }
    }

    private static void logKeyManagerFactory(KeyManagerFactory keyManagerFactory) {
        if (kmfFirstTime && logger.isTraceEnabled()) {
            logger.trace("Using a KeyManagerFactory with provider " + keyManagerFactory.getProvider() + " and algorithm " + keyManagerFactory.getAlgorithm());
        }
    }

    private static void flipArraysForIBM(String[]... strArr) {
        String property = System.getProperty("java.vendor");
        if (property != null && property.toUpperCase().startsWith("IBM")) {
            for (String[] strArr2 : strArr) {
                for (int i = 0; i < strArr2.length / 2; i++) {
                    String str = strArr2[i];
                    strArr2[i] = strArr2[strArr2.length - 1];
                    strArr2[strArr2.length - 1] = str;
                }
            }
        }
    }

    private void adjustCiphers(SSLServerSocket sSLServerSocket) {
        SSLSocketAdjust.adjustSSLServerSocketProtocols(sSLServerSocket);
        String[] enabledCipherSuites = sSLServerSocket.getEnabledCipherSuites();
        ArrayList arrayList = new ArrayList();
        for (String str : enabledCipherSuites) {
            if (str.indexOf("AES") > -1 || str.indexOf("3DES") > -1) {
                arrayList.add(str);
                logger.debug("Allowing SSL cipher: " + str);
            } else {
                logger.debug("Disallowing SSL cipher: " + str);
            }
        }
        String[] strArr = new String[arrayList.size()];
        arrayList.toArray(strArr);
        sSLServerSocket.setEnabledCipherSuites(strArr);
    }
}
