package org.red5.io.tls;

import java.io.FileInputStream;
import java.io.InputStream;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import javax.crypto.Cipher;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/red5/io/tls/TLSFactory.class */
public class TLSFactory {
    public static final int MAX_HANDSHAKE_LOOPS = 200;
    public static final int MAX_APP_READ_LOOPS = 60;
    public static final int BUFFER_SIZE = 4096;
    public static final int MAXIMUM_PACKET_SIZE = 1180;
    public static final String PROTOCOL_VERSION = "TLSv1.2";
    private static String keyStoreFile;
    private static String trustStoreFile;
    private static String keystorePath;
    private static String truststorePath;
    private static String passwd;
    private static final Logger log = LoggerFactory.getLogger(TLSFactory.class);
    private static final boolean isDebug = log.isDebugEnabled();
    private static final boolean isTrace = log.isTraceEnabled();
    private static final SecureRandom RANDOM = new SecureRandom();
    public static final int SOCKET_TIMEOUT = Integer.getInteger("socket.timeout", 3000).intValue();
    private static String storeType = "PKCS12";

    public static SSLContext getTLSContext() throws Exception {
        log.info("Creating SSL context with keystore: {} and truststore: {} using {}", new Object[]{keystorePath, truststorePath, storeType});
        KeyStore keyStore = KeyStore.getInstance(storeType);
        KeyStore keyStore2 = KeyStore.getInstance(storeType);
        char[] charArray = passwd.toCharArray();
        try {
            FileInputStream fileInputStream = new FileInputStream(keystorePath);
            try {
                keyStore.load(fileInputStream, charArray);
                fileInputStream.close();
                try {
                    fileInputStream = new FileInputStream(truststorePath);
                    try {
                        keyStore2.load(fileInputStream, charArray);
                        fileInputStream.close();
                        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                        try {
                            keyManagerFactory.init(keyStore, charArray);
                            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                            trustManagerFactory.init(keyStore2);
                            SSLContext sSLContext = SSLContext.getInstance(PROTOCOL_VERSION);
                            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), RANDOM);
                            return sSLContext;
                        } catch (UnrecoverableKeyException e) {
                            log.error("Failed to initialize KeyManagerFactory with keystore: {}", keystorePath, e);
                            throw e;
                        }
                    } finally {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th) {
                            th.addSuppressed(th);
                        }
                    }
                } catch (Exception e2) {
                    log.error("Failed to load truststore: {}", truststorePath, e2);
                    throw e2;
                }
            } finally {
            }
        } catch (Exception e3) {
            log.error("Failed to load keystore: {}", keystorePath, e3);
            throw e3;
        }
    }

    public static SSLContext getTLSContext(String str, char[] cArr) throws Exception {
        log.info("Creating SSL context with keystore: {} and truststore: {} using {}", new Object[]{keystorePath, truststorePath, str});
        log.debug("Keystore - file: {} password: {}", keystorePath, cArr);
        log.debug("Truststore - file: {} password: {}", truststorePath, cArr);
        KeyStore keyStore = KeyStore.getInstance(str);
        KeyStore keyStore2 = KeyStore.getInstance(str);
        try {
            FileInputStream fileInputStream = new FileInputStream(keystorePath);
            try {
                keyStore.load(fileInputStream, cArr);
                fileInputStream.close();
                try {
                    fileInputStream = new FileInputStream(truststorePath);
                    try {
                        keyStore2.load(fileInputStream, cArr);
                        fileInputStream.close();
                        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                        try {
                            log.debug("Private key: {}", (PrivateKey) keyStore.getKey("privatekey", cArr));
                            keyManagerFactory.init(keyStore, cArr);
                            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                            trustManagerFactory.init(keyStore2);
                            SSLContext sSLContext = SSLContext.getInstance(PROTOCOL_VERSION);
                            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), RANDOM);
                            return sSLContext;
                        } catch (UnrecoverableKeyException e) {
                            log.error("Failed to initialize KeyManagerFactory with keystore: {}", keystorePath, e);
                            throw e;
                        }
                    } finally {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th) {
                            th.addSuppressed(th);
                        }
                    }
                } catch (Exception e2) {
                    log.error("Failed to load truststore: {}", truststorePath, e2);
                    throw e2;
                }
            } finally {
            }
        } catch (Exception e3) {
            log.error("Failed to load keystore: {}", keystorePath, e3);
            throw e3;
        }
    }

    public static SSLContext getTLSContext(String str, String str2, String str3, String str4, String str5) throws Exception {
        log.info("Creating SSL context with keystore: {} and truststore: {} using {}", new Object[]{str3, str5, str});
        log.debug("Keystore - file: {} password: {}", str3, str2);
        log.debug("Truststore - file: {} password: {}", str5, str4);
        KeyStore keyStore = KeyStore.getInstance(str);
        KeyStore keyStore2 = KeyStore.getInstance(str);
        char[] charArray = str2.toCharArray();
        char[] charArray2 = str4.toCharArray();
        FileInputStream fileInputStream = new FileInputStream(str3);
        try {
            keyStore.load(fileInputStream, charArray);
            fileInputStream.close();
            fileInputStream = new FileInputStream(str5);
            try {
                keyStore2.load(fileInputStream, charArray2);
                fileInputStream.close();
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, charArray);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore2);
                SSLContext sSLContext = SSLContext.getInstance(PROTOCOL_VERSION);
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), RANDOM);
                return sSLContext;
            } finally {
            }
        } finally {
        }
    }

    public static SSLContext getTLSContext(String str, char[] cArr, InputStream inputStream, char[] cArr2, InputStream inputStream2) throws Exception {
        log.info("Creating SSL context with keystore and truststore input streams, using {}", str);
        log.debug("Keystore - passphrase: {}", cArr);
        log.debug("Truststore - passphrase: {}", cArr2);
        KeyStore keyStore = KeyStore.getInstance(str);
        KeyStore keyStore2 = KeyStore.getInstance(str);
        keyStore.load(inputStream, cArr);
        keyStore2.load(inputStream2, cArr2);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keyStore, cArr);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
        trustManagerFactory.init(keyStore2);
        SSLContext sSLContext = SSLContext.getInstance(PROTOCOL_VERSION);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), RANDOM);
        return sSLContext;
    }

    public static SSLEngine createSSLEngine(boolean z) throws Exception {
        SSLEngine createSSLEngine = getTLSContext().createSSLEngine();
        SSLParameters sSLParameters = createSSLEngine.getSSLParameters();
        sSLParameters.setMaximumPacketSize(MAXIMUM_PACKET_SIZE);
        createSSLEngine.setUseClientMode(z);
        createSSLEngine.setSSLParameters(sSLParameters);
        return createSSLEngine;
    }

    public static String getStoreType() {
        return storeType;
    }

    public static void setStoreType(String str) {
        storeType = str;
    }

    public static String getKeyStoreFile() {
        return keyStoreFile;
    }

    public static void setKeyStoreFile(String str) {
        keyStoreFile = str;
    }

    public static String getTrustStoreFile() {
        return trustStoreFile;
    }

    public static void setTrustStoreFile(String str) {
        trustStoreFile = str;
    }

    public static String getPasswd() {
        return passwd;
    }

    public static void setPasswd(String str) {
        passwd = str;
    }

    public static String getKeystorePath() {
        return keystorePath;
    }

    public static void setKeystorePath(String str) {
        keystorePath = str;
    }

    public static String getTruststorePath() {
        return truststorePath;
    }

    public static void setTruststorePath(String str) {
        truststorePath = str;
    }

    static {
        int i;
        Object[] objArr = new Object[1];
        objArr[0] = "PKCS12".equals(storeType) ? "p12" : "jks";
        keyStoreFile = String.format("server.%s", objArr);
        Object[] objArr2 = new Object[1];
        objArr2[0] = "PKCS12".equals(storeType) ? "p12" : "jks";
        trustStoreFile = String.format("truststore.%s", objArr2);
        keystorePath = Paths.get(System.getProperty("user.dir"), "conf", keyStoreFile).toString();
        truststorePath = Paths.get(System.getProperty("user.dir"), "conf", trustStoreFile).toString();
        passwd = "password123";
        if (isDebug) {
            if (isTrace) {
                System.setProperty("javax.net.debug", "SSL,handshake,verbose,trustmanager,keymanager,record,plaintext");
            } else {
                System.setProperty("javax.net.debug", "all");
            }
        }
        Security.setProperty("crypto.policy", "unlimited");
        System.setProperty("jdk.tls.useExtendedMasterSecret", "true");
        System.setProperty("jdk.tls.allowLegacyMasterSecret", "false");
        System.setProperty("jdk.tls.acknowledgeCloseNotify", "true");
        try {
            i = Cipher.getMaxAllowedKeyLength("AES");
        } catch (NoSuchAlgorithmException e) {
            log.error("Failed to get max key size for AES", e);
            i = 128;
        }
        log.info("Max key size for AES: {}", i == Integer.MAX_VALUE ? "unlimited" : Integer.valueOf(i));
    }
}
