package org.apache.tomcat.util.net.jsse;

import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;
import com.sun.net.ssl.TrustManager;
import com.sun.net.ssl.TrustManagerFactory;
import java.io.IOException;
import java.security.KeyStore;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;

/* loaded from: input_file:tomcat-util-5.5.23.jar:org/apache/tomcat/util/net/jsse/JSSE13SocketFactory.class */
public class JSSE13SocketFactory extends JSSESocketFactory {
    protected boolean clientAuth = false;

    @Override // org.apache.tomcat.util.net.jsse.JSSESocketFactory
    void init() throws IOException {
        try {
            try {
                Security.addProvider((Provider) Class.forName("sun.security.provider.Sun").newInstance());
            } catch (Exception e) {
                if (!(e instanceof IOException)) {
                    throw new IOException(e.getMessage());
                }
                throw ((IOException) e);
            }
        } catch (Exception e2) {
        }
        Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
        String str = (String) this.attributes.get("clientauth");
        if ("true".equalsIgnoreCase(str) || "yes".equalsIgnoreCase(str) || "want".equalsIgnoreCase(str)) {
            this.clientAuth = true;
        }
        String str2 = (String) this.attributes.get("protocol");
        if (str2 == null) {
            str2 = defaultProtocol;
        }
        String str3 = (String) this.attributes.get("algorithm");
        if (str3 == null) {
            str3 = defaultAlgorithm;
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(str3);
        String str4 = (String) this.attributes.get("keystoreType");
        if (str4 == null) {
            str4 = defaultKeystoreType;
        }
        String keystorePassword = getKeystorePassword();
        keyManagerFactory.init(getKeystore(str4, keystorePassword), keystorePassword.toCharArray());
        TrustManager[] trustManagerArr = null;
        String str5 = (String) this.attributes.get("truststoreType");
        if (str5 == null) {
            str5 = str4;
        }
        KeyStore trustStore = getTrustStore(str5);
        if (trustStore != null) {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
            trustManagerFactory.init(trustStore);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        }
        SSLContext sSLContext = SSLContext.getInstance(str2);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerArr, new SecureRandom());
        this.sslProxy = sSLContext.getServerSocketFactory();
        this.enabledCiphers = getEnabledCiphers((String) this.attributes.get("ciphers"), this.sslProxy.getSupportedCipherSuites());
    }

    @Override // org.apache.tomcat.util.net.jsse.JSSESocketFactory
    protected String[] getEnabledProtocols(SSLServerSocket sSLServerSocket, String str) {
        return null;
    }

    @Override // org.apache.tomcat.util.net.jsse.JSSESocketFactory
    protected void setEnabledProtocols(SSLServerSocket sSLServerSocket, String[] strArr) {
    }

    @Override // org.apache.tomcat.util.net.jsse.JSSESocketFactory
    protected void configureClientAuth(SSLServerSocket sSLServerSocket) {
        sSLServerSocket.setNeedClientAuth(this.clientAuth);
    }

    @Override // org.apache.tomcat.util.net.jsse.JSSESocketFactory
    protected void configureClientAuth(SSLSocket sSLSocket) {
        sSLSocket.setNeedClientAuth(this.clientAuth);
    }
}
