package org.objectweb.celtix.bus.transports.https;

import java.lang.reflect.Method;
import java.util.List;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import org.mortbay.http.SslListener;
import org.objectweb.celtix.bus.configuration.security.SSLServerPolicy;
import org.objectweb.celtix.common.logging.LogUtils;
import org.objectweb.celtix.configuration.Configuration;

/* loaded from: input_file:celtix/lib/celtix-rt-1.0.jar:org/objectweb/celtix/bus/transports/https/JettySslListenerConfigurer.class */
public final class JettySslListenerConfigurer {
    private static final long serialVersionUID = 1;
    private static final Logger LOG = LogUtils.getL7dLogger(JettySslListenerConfigurer.class);
    private static final String DEFAUL_KEYSTORE_TYPE = "PKCS12";
    private static final String DEFAULT_SECURE_SOCKET_PROTOCOL = "TLSv1";
    private static final boolean DEFAULT_REQUIRE_CLIENT_AUTHENTICATION = false;
    private static final boolean DEFAULT_WANT_CLIENT_AUTHENTICATION = true;
    private Configuration config;
    private SSLServerPolicy sslPolicy;
    private SslListener secureListener;

    public JettySslListenerConfigurer(Configuration configuration, SSLServerPolicy sSLServerPolicy, SslListener sslListener) {
        this.config = configuration;
        this.sslPolicy = sSLServerPolicy;
        this.secureListener = sslListener;
    }

    public void configure() {
        setupSecurityConfigurer();
        setupKeystore();
        setupKeystoreType();
        setupKeystorePassword();
        setupKeyPassword();
        setupWantClientAuthentication();
        setupRequireClientAuthentication();
        setupKeystoreAlgorithm();
        setupCiphersuites();
        setupTrustStore();
        setupTrustStoreType();
        setupSecureSocketProtocol();
        setupTrustStoreAlgorithm();
        setupSessionCaching();
        setupSessionCacheKey();
        setupMaxChainLength();
        setupCertValidator();
    }

    public boolean setupKeystore() {
        if (this.sslPolicy.isSetKeystore()) {
            String keystore = this.sslPolicy.getKeystore();
            this.secureListener.setKeystore(keystore);
            LogUtils.log(LOG, Level.INFO, "KEY_STORE_SET", new Object[]{keystore});
            return true;
        }
        String property = System.getProperty("javax.net.ssl.keyStore");
        if (property != null) {
            LogUtils.log(LOG, Level.INFO, "KEY_STORE_SET", new Object[]{property});
            this.secureListener.setKeystore(property);
            return true;
        }
        String str = System.getProperty("user.home") + "/.keystore";
        this.secureListener.setKeystore(str);
        LogUtils.log(LOG, Level.INFO, "KEY_STORE_NOT_SET", new Object[]{str});
        return true;
    }

    public boolean setupKeystoreType() {
        if (!this.sslPolicy.isSetKeystoreType()) {
            LogUtils.log(LOG, Level.INFO, "KEY_STORE_TYPE_NOT_SET", new Object[]{DEFAUL_KEYSTORE_TYPE});
            this.secureListener.setKeystoreType(DEFAUL_KEYSTORE_TYPE);
            return true;
        }
        String keystoreType = this.sslPolicy.getKeystoreType();
        LogUtils.log(LOG, Level.INFO, "KEY_STORE_TYPE_SET", new Object[]{keystoreType});
        this.secureListener.setKeystoreType(keystoreType);
        return true;
    }

    public boolean setupKeystorePassword() {
        if (this.sslPolicy.isSetKeystorePassword()) {
            this.secureListener.setPassword(this.sslPolicy.getKeystorePassword());
            return true;
        }
        String property = System.getProperty("javax.net.ssl.keyStorePassword");
        if (property != null) {
            this.secureListener.setPassword(property);
            return true;
        }
        LogUtils.log(LOG, Level.SEVERE, "KEY_STORE_PASSWORD_NOT_SET");
        return false;
    }

    public void setupKeystoreAlgorithm() {
        if (this.sslPolicy.isSetKeystoreAlgorithm()) {
            String keystoreAlgorithm = this.sslPolicy.getKeystoreAlgorithm();
            this.secureListener.setAlgorithm(keystoreAlgorithm);
            LogUtils.log(LOG, Level.INFO, "KEY_STORE_ALGORITHM_SET", new Object[]{keystoreAlgorithm});
        }
        LogUtils.log(LOG, Level.INFO, "KEY_STORE_ALGORITHM_NOT_SET", new Object[]{KeyManagerFactory.getDefaultAlgorithm()});
    }

    public void setupTrustStoreAlgorithm() {
        if (this.sslPolicy.isSetTrustStoreAlgorithm()) {
            LogUtils.log(LOG, Level.WARNING, "UNSUPPORTED_SSL_SERVER_POLICY_DATA", new Object[]{"TrustStoreAlgorithm"});
        }
    }

    public boolean setupKeyPassword() {
        if (this.sslPolicy.isSetKeyPassword()) {
            this.secureListener.setKeyPassword(this.sslPolicy.getKeyPassword());
            return true;
        }
        String property = System.getProperty("javax.net.ssl.keyStorePassword");
        if (property == null) {
            LogUtils.log(LOG, Level.INFO, "KEY_PASSWORD_NOT_SET");
        }
        this.secureListener.setKeyPassword(property);
        return true;
    }

    public boolean setupRequireClientAuthentication() {
        if (!this.sslPolicy.isSetRequireClientAuthentication()) {
            LogUtils.log(LOG, Level.WARNING, "REQUIRE_CLIENT_AUTHENTICATION_NOT_SET");
            this.secureListener.setNeedClientAuth(false);
            return true;
        }
        boolean booleanValue = this.sslPolicy.isRequireClientAuthentication().booleanValue();
        LogUtils.log(LOG, Level.INFO, "REQUIRE_CLIENT_AUTHENTICATION_SET", new Object[]{Boolean.valueOf(booleanValue)});
        this.secureListener.setNeedClientAuth(booleanValue);
        return true;
    }

    public boolean setupWantClientAuthentication() {
        if (!this.sslPolicy.isSetWantClientAuthentication()) {
            LogUtils.log(LOG, Level.WARNING, "WANT_CLIENT_AUTHENTICATION_NOT_SET");
            this.secureListener.setWantClientAuth(true);
            return true;
        }
        boolean booleanValue = this.sslPolicy.isWantClientAuthentication().booleanValue();
        LogUtils.log(LOG, Level.INFO, "WANT_CLIENT_AUTHENTICATION_SET", new Object[]{Boolean.valueOf(booleanValue)});
        this.secureListener.setWantClientAuth(booleanValue);
        return true;
    }

    public boolean setupCiphersuites() {
        if (this.sslPolicy.isSetCiphersuites()) {
            List<String> ciphersuites = this.sslPolicy.getCiphersuites();
            int size = ciphersuites.size();
            String[] strArr = new String[size];
            String str = null;
            for (int i = 0; i < size; i++) {
                strArr[i] = ciphersuites.get(i);
                str = str == null ? strArr[i] : str + ", " + strArr[i];
            }
            LogUtils.log(LOG, Level.INFO, "CIPHERSUITE_SET", new Object[]{str});
            this.secureListener.setCipherSuites(strArr);
        }
        LogUtils.log(LOG, Level.INFO, "CIPHERSUITE_NOT_SET");
        return true;
    }

    public boolean setupTrustStore() {
        String str = null;
        if (this.sslPolicy.isSetTrustStore()) {
            str = this.sslPolicy.getTrustStore();
            LogUtils.log(LOG, Level.INFO, "TRUST_STORE_SET", new Object[]{str});
        }
        if (str == null) {
            str = System.getProperty("javax.net.ssl.trustStore");
        }
        if (str == null) {
            str = System.getProperty("java.home") + "/lib/security/cacerts";
            LogUtils.log(LOG, Level.INFO, "TRUST_STORE_NOT_SET", new Object[]{str});
        }
        System.setProperty("javax.net.ssl.trustStore", str);
        return true;
    }

    public boolean setupTrustStoreType() {
        if (!this.sslPolicy.isSetTrustStoreType()) {
            return true;
        }
        LogUtils.log(LOG, Level.WARNING, "UNSUPPORTED_SSL_SERVER_POLICY_DATA", new Object[]{"TrustStoreType"});
        return true;
    }

    public void setupSecureSocketProtocol() {
        if (!this.sslPolicy.isSetSecureSocketProtocol()) {
            LogUtils.log(LOG, Level.INFO, "SECURE_SOCKET_PROTOCOL_NOT_SET");
            return;
        }
        String secureSocketProtocol = this.sslPolicy.getSecureSocketProtocol();
        this.secureListener.setProtocol(secureSocketProtocol);
        LogUtils.log(LOG, Level.INFO, "SECURE_SOCKET_PROTOCOL_SET", new Object[]{secureSocketProtocol});
    }

    public boolean setupSessionCaching() {
        if (!this.sslPolicy.isSetSessionCaching()) {
            return true;
        }
        LogUtils.log(LOG, Level.WARNING, "UNSUPPORTED_SSL_SERVER_POLICY_DATA", new Object[]{"SessionCaching"});
        return true;
    }

    public boolean setupSessionCacheKey() {
        if (!this.sslPolicy.isSetSessionCacheKey()) {
            return true;
        }
        LogUtils.log(LOG, Level.WARNING, "UNSUPPORTED_SSL_SERVER_POLICY_DATA", new Object[]{"SessionCacheKey"});
        return true;
    }

    public boolean setupMaxChainLength() {
        if (!this.sslPolicy.isSetMaxChainLength()) {
            return true;
        }
        LogUtils.log(LOG, Level.WARNING, "UNSUPPORTED_SSL_SERVER_POLICY_DATA", new Object[]{"MaxChainLength"});
        return true;
    }

    public boolean setupCertValidator() {
        if (!this.sslPolicy.isSetCertValidator()) {
            return true;
        }
        LogUtils.log(LOG, Level.WARNING, "UNSUPPORTED_SSL_SERVER_POLICY_DATA", new Object[]{"CertValidator"});
        return true;
    }

    public void setupSecurityConfigurer() {
        String property = System.getProperty("celtix.security.configurer.celtix." + this.config.getId());
        if (property == null || property.equals("")) {
            return;
        }
        LogUtils.log(LOG, Level.WARNING, "UNOFFICIAL_SECURITY_CONFIGURER");
        try {
            Class<?> cls = Class.forName(property);
            cls.getDeclaredMethod("configure", SSLServerPolicy.class).invoke(cls.newInstance(), this.sslPolicy);
            LogUtils.log(LOG, Level.INFO, "SUCCESS_INVOKING_SECURITY_CONFIGURER", new Object[]{property});
        } catch (Exception e) {
            LogUtils.log(LOG, Level.SEVERE, "ERROR_INVOKING_SECURITY_CONFIGURER", new Object[]{property, e.getMessage()});
        }
    }

    protected boolean testAllDataHasSetupMethod() {
        for (Method method : this.sslPolicy.getClass().getDeclaredMethods()) {
            String name = method.getName();
            if (name.startsWith("isSet")) {
                try {
                    getClass().getMethod("setup" + name.substring("isSet".length(), name.length()), null);
                } catch (Exception e) {
                    return false;
                }
            }
        }
        return true;
    }

    protected SslListener getSslListener() {
        return this.secureListener;
    }

    protected void addLogHandler(Handler handler) {
        LOG.addHandler(handler);
    }
}
