package com.sun.enterprise.iiop;

import com.sun.corba.ee.connection.EndPointInfo;
import com.sun.corba.ee.connection.GetEndPointInfoAgainException;
import com.sun.corba.ee.connection.ORBSocketFactory;
import com.sun.corba.ee.internal.core.IOR;
import com.sun.corba.ee.internal.ior.IIOPAddress;
import com.sun.ejb.ejbql.EjbQLConstants;
import com.sun.enterprise.iiop.security.ConnectionContext;
import com.sun.enterprise.iiop.security.SecurityMechanismSelector;
import com.sun.enterprise.security.J2EEKeyManager;
import com.sun.enterprise.security.KeyTool;
import com.sun.enterprise.security.SSLUtils;
import com.sun.enterprise.server.J2EEServer;
import com.sun.enterprise.util.TypeUtil;
import com.sun.enterprise.util.Utility;
import com.sun.net.ssl.KeyManager;
import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;
import com.sun.net.ssl.TrustManagerFactory;
import com.sun.net.ssl.X509KeyManager;
import java.io.IOException;
import java.io.Serializable;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.SecureRandom;
import java.util.Properties;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.omg.CORBA.ORB;

/* loaded from: input_file:lib/j2ee-1.3.1.jar:com/sun/enterprise/iiop/IIOPSSLSocketFactory.class */
public class IIOPSSLSocketFactory implements ORBSocketFactory, Serializable {
    public static final boolean debug = false;
    private static final String SECURE_PROPERTIES = "security.properties";
    private static final String CIPHER_SUITES = "enable.ciphersuites";
    private static final String CLIENT_AUTH = "enable.clientauth";
    private static final String SSL = "SSL";
    private static final String SSL_MUTUALAUTH = "SSL_MUTUALAUTH";
    private static final String PERSISTENT_SSL = "PERSISTENT_SSL";
    private static final String CLEAR = "IIOP_CLEAR_TEXT";
    private static final String clientStr = "true";
    private String type = null;
    private int sslPort = 0;
    private SSLContext ctx = null;
    private String[] cipherSuites = null;
    private boolean clientAuth = false;
    private static SecureRandom sr;
    private static KeyManagerFactory keyManagerFactory;
    private static TrustManagerFactory trustManagerFactory;

    private void init() {
        try {
            if (keyManagerFactory == null || trustManagerFactory == null) {
                SSLUtils.initKeyStore();
            }
            this.ctx = SSLContext.getInstance("TLS");
            Properties propertiesFromFile = Utility.getPropertiesFromFile(SECURE_PROPERTIES);
            String property = propertiesFromFile.getProperty(CIPHER_SUITES);
            String property2 = propertiesFromFile.getProperty(CLIENT_AUTH);
            if (property != null && !property.trim().equals("")) {
                this.cipherSuites = TypeUtil.stringToArray(property, EjbQLConstants.IDENT_VAR_DECL_SEPARATOR);
            }
            if (property2 != null && !property2.trim().equals("")) {
                this.clientAuth = new Boolean(property2).booleanValue();
            }
            this.ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), sr);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private void clientInit() {
        try {
            if (keyManagerFactory == null || trustManagerFactory == null) {
                SSLUtils.initKeyStore();
            }
            this.ctx = SSLContext.getInstance("TLS");
            KeyManagerFactory keyManagerFactory2 = keyManagerFactory;
            TrustManagerFactory trustManagerFactory2 = trustManagerFactory;
            KeyManager[] keyManagers = keyManagerFactory2.getKeyManagers();
            J2EEKeyManager[] j2EEKeyManagerArr = new J2EEKeyManager[keyManagers.length];
            for (int i = 0; i < keyManagers.length; i++) {
                j2EEKeyManagerArr[i] = new J2EEKeyManager((X509KeyManager) keyManagers[i]);
            }
            this.ctx.init(j2EEKeyManagerArr, trustManagerFactory2.getTrustManagers(), sr);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override // com.sun.corba.ee.connection.ORBSocketFactory
    public ServerSocket createServerSocket(String str, int i) throws IOException {
        return (str.equals(SSL_MUTUALAUTH) || str.equals(SSL) || str.equals(PERSISTENT_SSL)) ? createSSLServerSocket(str, i) : new ServerSocket(i);
    }

    private ServerSocket createSSLServerSocket(String str, int i) throws IOException {
        if (this.ctx == null) {
            init();
        }
        ServerSocket createServerSocket = this.ctx.getServerSocketFactory().createServerSocket(i);
        try {
            if (this.cipherSuites != null) {
                ((SSLServerSocket) createServerSocket).setEnabledCipherSuites(this.cipherSuites);
                if (str.equals(SSL_MUTUALAUTH)) {
                    ((SSLServerSocket) createServerSocket).setNeedClientAuth(true);
                }
            }
            return createServerSocket;
        } catch (Exception e) {
            throw new IOException(e.getMessage());
        }
    }

    @Override // com.sun.corba.ee.connection.ORBSocketFactory
    public EndPointInfo getEndPointInfo(ORB orb, IOR ior, EndPointInfo endPointInfo) {
        int port;
        try {
            SecurityMechanismSelector securityMechanismSelector = new SecurityMechanismSelector();
            IIOPAddress primaryAddress = ior.getProfile().getTemplate().getPrimaryAddress();
            String lowerCase = primaryAddress.getHost().toLowerCase();
            ConnectionContext connectionContext = new ConnectionContext();
            EndPointInfo sSLPort = securityMechanismSelector.getSSLPort(ior, connectionContext);
            securityMechanismSelector.setClientConnectionContext(connectionContext);
            if (sSLPort == null) {
                this.type = "IIOP_CLEAR_TEXT";
                port = primaryAddress.getPort();
            } else {
                this.type = sSLPort.getType();
                port = sSLPort.getPort();
            }
            return new EndPointInfoImpl(this.type, lowerCase, port);
        } catch (Exception e) {
            throw new RuntimeException(e.getMessage());
        }
    }

    @Override // com.sun.corba.ee.connection.ORBSocketFactory
    public Socket createSocket(EndPointInfo endPointInfo) throws IOException, GetEndPointInfoAgainException {
        try {
            String type = endPointInfo.getType();
            String host = endPointInfo.getHost();
            int port = endPointInfo.getPort();
            return (type.equals(SSL) || type.equals(SSL_MUTUALAUTH)) ? createSSLSocket(host, port) : new Socket(host, port);
        } catch (Exception e) {
            throw new RuntimeException(e.getMessage());
        }
    }

    private Socket createSSLSocket(String str, int i) throws IOException {
        SSLSocketFactory socketFactory;
        if (clientStr != 0) {
            try {
                if (clientStr.equals(clientStr)) {
                    if (this.ctx == null) {
                        clientInit();
                    }
                    socketFactory = this.ctx.getSocketFactory();
                    return (SSLSocket) socketFactory.createSocket(str, i);
                }
            } catch (Exception e) {
                throw new IOException(e.getMessage());
            }
        }
        socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
        return (SSLSocket) socketFactory.createSocket(str, i);
    }

    public static void setFactories(KeyManagerFactory keyManagerFactory2, TrustManagerFactory trustManagerFactory2) {
        keyManagerFactory = keyManagerFactory2;
        trustManagerFactory = trustManagerFactory2;
    }

    static {
        KeyTool.initProvider();
        sr = J2EEServer.secureRandom;
        keyManagerFactory = null;
        trustManagerFactory = null;
    }
}
