package com.metamatrix.common.net;

import com.metamatrix.common.config.CurrentConfiguration;
import com.metamatrix.common.config.api.exceptions.ConfigurationException;
import com.metamatrix.common.util.crypto.CryptoUtil;
import com.sun.net.ssl.KeyManager;
import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;
import com.sun.net.ssl.TrustManager;
import com.sun.net.ssl.TrustManagerFactory;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Properties;
import javax.net.ssl.SSLServerSocket;

/* loaded from: input_file:com/metamatrix/common/net/SocketHelper.class */
public class SocketHelper {
    private static String client_sslProtocol;
    private static String client_keyManagerFactoryAlgorithm;
    private static String client_keyStoreType;
    private static String client_keyStoreFileName;
    private static String server_sslProtocol;
    private static String server_keyManagerFactoryAlgorithm;
    private static String server_keyStoreType;
    private static String server_keyStoreFileName;
    private static String server_trustStoreFileName;
    private static String SSL_ENABLED = "metamatrix.encryption.secure.sockets";
    private static String KEYSTORE_FILENAME = "com.metamatrix.ssl.keystore.filename";
    private static String KEYSTORE_PASSWORD = "com.metamatrix.ssl.keystore.Password";
    private static String KEYSTORE_TYPE = "com.metamatrix.ssl.keystoretype";
    private static String SSL_PROTOCOL = "com.metamatrix.ssl.protocol";
    private static String KEY_MANAGER_ALGORITHM = "com.metamatrix.ssl.keymanagementalgorithm";
    private static String TRUSTSTORE_FILENAME = "com.metamatrix.ssl.truststore.filename";
    private static String TRUSTSTORE_PASSWORD = "com.metamatrix.ssl.truststore.Password";
    private static String CLIENT_AUTH = "com.metamatrix.ssl.clientAuthentication";
    private static String DEFAULT_SSL_PROTOCOL = "SSLv3";
    private static String DEFAULT_KEY_MANAGER_ALGORITHM = "SunX509";
    private static String DEFAULT_KEYSTORE_TYPE = "JKS";
    private static boolean initialized = false;
    private static boolean client_ssl_enabled = false;
    private static boolean server_ssl_enabled = false;
    private static boolean server_client_auth_req = false;

    public static Socket getClientSocket(InetAddress inetAddress, int i) throws Exception {
        initProperties();
        if (!client_ssl_enabled) {
            return new Socket(inetAddress, i);
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance(client_sslProtocol);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(client_keyManagerFactoryAlgorithm);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(client_keyManagerFactoryAlgorithm);
            KeyStore keyStore = KeyStore.getInstance(client_keyStoreType);
            char[] keyStorePassword = getKeyStorePassword();
            keyStore.load(Thread.currentThread().getContextClassLoader().getResourceAsStream(client_keyStoreFileName), keyStorePassword);
            keyManagerFactory.init(keyStore, keyStorePassword);
            trustManagerFactory.init(keyStore);
            sSLContext.init((KeyManager[]) null, trustManagerFactory.getTrustManagers(), (SecureRandom) null);
            return sSLContext.getSocketFactory().createSocket(inetAddress, i);
        } catch (Exception e) {
            e.printStackTrace();
            throw e;
        }
    }

    public static ServerSocket getServerSocket(int i, int i2, InetAddress inetAddress) throws Exception {
        initProperties();
        if (!server_ssl_enabled) {
            return new ServerSocket(i, i2, inetAddress);
        }
        try {
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextInt();
            TrustManager[] trustManagerArr = null;
            if (server_client_auth_req) {
                KeyStore keyStore = KeyStore.getInstance(server_keyStoreType);
                keyStore.load(Thread.currentThread().getContextClassLoader().getResourceAsStream(server_trustStoreFileName), getTrustStorePassword());
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(server_keyManagerFactoryAlgorithm);
                trustManagerFactory.init(keyStore);
                trustManagerArr = trustManagerFactory.getTrustManagers();
            }
            KeyStore keyStore2 = KeyStore.getInstance(server_keyStoreType);
            char[] keyStorePassword = getKeyStorePassword();
            keyStore2.load(Thread.currentThread().getContextClassLoader().getResourceAsStream(server_keyStoreFileName), keyStorePassword);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(server_keyManagerFactoryAlgorithm);
            keyManagerFactory.init(keyStore2, keyStorePassword);
            SSLContext sSLContext = SSLContext.getInstance(server_sslProtocol);
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerArr, secureRandom);
            SSLServerSocket sSLServerSocket = (SSLServerSocket) sSLContext.getServerSocketFactory().createServerSocket(i, 50, inetAddress);
            sSLServerSocket.setNeedClientAuth(server_client_auth_req);
            return sSLServerSocket;
        } catch (Exception e) {
            e.printStackTrace();
            throw e;
        }
    }

    public static boolean isServerSSLEnabled() throws Exception {
        initProperties();
        return server_ssl_enabled;
    }

    private static char[] getKeyStorePassword() throws Exception {
        return CryptoUtil.stringDecrypt(CurrentConfiguration.getResourceProperties("SSL").getProperty(KEYSTORE_PASSWORD).toCharArray());
    }

    private static char[] getTrustStorePassword() throws Exception {
        return CryptoUtil.stringDecrypt(CurrentConfiguration.getResourceProperties("SSL").getProperty(TRUSTSTORE_PASSWORD).toCharArray());
    }

    private static void initProperties() throws Exception {
        if (initialized) {
            return;
        }
        String property = CurrentConfiguration.getProperty(SSL_ENABLED);
        client_ssl_enabled = property != null && property.equalsIgnoreCase("true");
        try {
            Properties resourceProperties = CurrentConfiguration.getResourceProperties("SSL");
            client_keyStoreFileName = resourceProperties.getProperty(KEYSTORE_FILENAME);
            client_keyStoreType = resourceProperties.getProperty(KEYSTORE_TYPE, DEFAULT_KEYSTORE_TYPE);
            client_sslProtocol = resourceProperties.getProperty(SSL_PROTOCOL, DEFAULT_SSL_PROTOCOL);
            client_keyManagerFactoryAlgorithm = resourceProperties.getProperty(KEY_MANAGER_ALGORITHM, DEFAULT_KEY_MANAGER_ALGORITHM);
        } catch (ConfigurationException e) {
            client_keyStoreType = DEFAULT_KEYSTORE_TYPE;
            client_sslProtocol = DEFAULT_SSL_PROTOCOL;
            client_keyManagerFactoryAlgorithm = DEFAULT_KEY_MANAGER_ALGORITHM;
        }
        String property2 = CurrentConfiguration.getProperty(SSL_ENABLED);
        server_ssl_enabled = property2 != null && property2.equalsIgnoreCase("true");
        try {
            try {
                Properties resourceProperties2 = CurrentConfiguration.getResourceProperties("SSL");
                server_trustStoreFileName = resourceProperties2.getProperty(TRUSTSTORE_FILENAME);
                String property3 = resourceProperties2.getProperty(CLIENT_AUTH);
                server_client_auth_req = property3 != null && property3.equalsIgnoreCase("true");
                server_keyStoreFileName = resourceProperties2.getProperty(KEYSTORE_FILENAME);
                server_keyStoreType = resourceProperties2.getProperty(KEYSTORE_TYPE, DEFAULT_KEYSTORE_TYPE);
                server_sslProtocol = resourceProperties2.getProperty(SSL_PROTOCOL, DEFAULT_SSL_PROTOCOL);
                server_keyManagerFactoryAlgorithm = resourceProperties2.getProperty(KEY_MANAGER_ALGORITHM, DEFAULT_KEY_MANAGER_ALGORITHM);
                initialized = true;
            } catch (Throwable th) {
                initialized = true;
                throw th;
            }
        } catch (ConfigurationException e2) {
            server_keyStoreType = client_keyStoreType;
            server_sslProtocol = client_sslProtocol;
            server_keyManagerFactoryAlgorithm = client_keyManagerFactoryAlgorithm;
            initialized = true;
        }
    }
}
