package org.objectweb.joram.mom.proxies.tcp;

import fr.dyade.aaa.agent.AgentServer;
import fr.dyade.aaa.common.Debug;
import java.io.FileInputStream;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.StringTokenizer;
import javax.net.ServerSocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.objectweb.joram.mom.util.InterceptorsHelper;
import org.objectweb.util.monolog.api.BasicLevel;
import org.objectweb.util.monolog.api.Logger;

/* loaded from: input_file:joram-mom-core-5.14.0.jar:org/objectweb/joram/mom/proxies/tcp/SSLTcpProxyService.class */
public class SSLTcpProxyService extends TcpProxyService {
    public static Logger logger = Debug.getLogger(SSLTcpProxyService.class.getName());
    private static final String CIPHER = "org.objectweb.joram.cipherList";
    private static final String KS = "org.objectweb.joram.keystore";
    private static final String KS_PASS = "org.objectweb.joram.keystorepass";
    private static final String KS_TYPE = "org.objectweb.joram.keystoretype";
    private static final String SSLCONTEXT = "org.objectweb.joram.sslCtx";
    private static final String MBEAN_NAME = "type=Connection,mode=tcp-ssl";
    private static SSLTcpProxyService proxyService;

    public static void init(String str, boolean z) throws Exception {
        if (logger.isLoggable(BasicLevel.DEBUG)) {
            logger.log(BasicLevel.DEBUG, "SSLTcpProxyService.init(" + str + ',' + z + ')');
        }
        int i = 16010;
        String str2 = TcpProxyService.DEFAULT_BINDADDRESS;
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str);
            i = Integer.parseInt(stringTokenizer.nextToken());
            if (stringTokenizer.hasMoreTokens()) {
                str2 = stringTokenizer.nextToken();
            }
        }
        int intValue = AgentServer.getInteger(TcpProxyService.BACKLOG_PROP, 10).intValue();
        if (logger.isLoggable(BasicLevel.DEBUG)) {
            logger.log(BasicLevel.DEBUG, "SSLTcpProxyService.init() - binding to address " + str2 + ", port " + i);
        }
        proxyService = new SSLTcpProxyService(i, intValue, str2);
        proxyService.start();
    }

    @Override // org.objectweb.joram.mom.proxies.tcp.TcpProxyService, org.objectweb.joram.mom.proxies.ConnectionManagerMBean
    public String getMBeanName() {
        return MBEAN_NAME;
    }

    public SSLTcpProxyService(int i, int i2, String str) throws Exception {
        super(i, i2, str);
    }

    private static ServerSocketFactory createServerSocketFactory() throws Exception {
        char[] charArray = System.getProperty(KS_PASS, "jorampass").toCharArray();
        String property = System.getProperty(KS, "./joram_ks");
        String property2 = System.getProperty(SSLCONTEXT, "SSL");
        String property3 = System.getProperty(KS_TYPE, "JKS");
        if (logger.isLoggable(BasicLevel.DEBUG)) {
            logger.log(BasicLevel.DEBUG, "SSLTcpProxyService.createServerSocketFactory:" + property + ':' + new String(charArray));
        }
        KeyStore keyStore = KeyStore.getInstance(property3);
        keyStore.load(new FileInputStream(property), charArray);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keyStore, charArray);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        SSLContext sSLContext = SSLContext.getInstance(property2);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagers, SecureRandom.getInstance("SHA1PRNG"));
        return sSLContext.getServerSocketFactory();
    }

    @Override // org.objectweb.joram.mom.proxies.tcp.TcpProxyService
    protected ServerSocket createServerSocket(int i, int i2, String str) throws Exception {
        ServerSocketFactory createServerSocketFactory = createServerSocketFactory();
        SSLServerSocket sSLServerSocket = str.equals(TcpProxyService.DEFAULT_BINDADDRESS) ? (SSLServerSocket) createServerSocketFactory.createServerSocket(i, i2) : (SSLServerSocket) createServerSocketFactory.createServerSocket(i, i2, InetAddress.getByName(str));
        sSLServerSocket.setNeedClientAuth(true);
        String[] cipherList = getCipherList();
        if (cipherList != null && cipherList.length > 0) {
            sSLServerSocket.setEnabledCipherSuites(cipherList);
        }
        return sSLServerSocket;
    }

    private static String[] getCipherList() throws Exception {
        String property = System.getProperty(CIPHER, null);
        String[] strArr = null;
        if (property != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(property, InterceptorsHelper.INTERCEPTOR_CLASS_NAME_SEPARATOR);
            int countTokens = stringTokenizer.countTokens();
            if (countTokens > 0) {
                strArr = new String[countTokens];
                while (stringTokenizer.hasMoreElements()) {
                    countTokens--;
                    strArr[countTokens] = stringTokenizer.nextToken();
                }
            }
        }
        return strArr;
    }
}
