package jeus.transport.unification;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertPathParameters;
import java.security.cert.CertStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import jeus.io.protocol.ssl.SSLConfig;
import jeus.server.work.ManagedThreadPool;
import jeus.server.work.ManagedThreadPoolFactory;
import jeus.transport.TransportConfig;
import jeus.transport.TransportException;
import jeus.util.net.NetworkConstants;
import jeus.util.properties.JeusNetProperties;

/* loaded from: input_file:jeus/transport/unification/UnifiedTransportConfig.class */
public class UnifiedTransportConfig extends TransportConfig {
    protected static final String PROPERTY_PREFIX = "jeus.transport.unification.";
    public static final String NAME = "jeus.transport.unification.name";
    public static final String HOST_NAME = "jeus.transport.unification.host-name";
    public static final String PORT = "jeus.transport.unification.port";
    public static final String IO_TYPE = "jeus.transport.unification.io-type";
    public static final String BACK_LOG = "jeus.transport.unification.back-log";
    public static final String READ_TIMEOUT = "jeus.transport.unification.read-timeout";
    public static final String RESERVED_THREADS = "jeus.transport.unification.reserved-threads";
    public static final String SELECTORS = "jeus.transport.unification.selectors";
    public static final String USE_DUAL_SELECTOR = "jeus.transport.unification.use-dual-selector";
    public static final String WRITE_LIMIT = "jeus.transport.unification.write-limit";
    public static final String WRITE_RESTART = "jeus.transport.unification.write-restart";
    public static final String WRITE_REPEAT_COUNT = "jeus.transport.unification.write-repeat-count";
    public static final String ENABLE_SSL = "jeus.transport.unification.enable-ssl";
    public static final String SSL_CIPHER_SUITES = "jeus.transport.unification.ssl.cipher-suites";
    public static final String SSL_PROTOCOLS = "jeus.transport.unification.ssl.protocols";
    public static final String SSL_ENABLE_SESSION_CREATION = "jeus.transport.unification.ssl.enable-session-creation";
    public static final String SSL_WANT_CLIENT_AUTH = "jeus.transport.unification.ssl.want-client-auth";
    public static final String SSL_NEED_CLIENT_AUTH = "jeus.transport.unification.ssl.need-client-auth";
    public static final String SSL_KEY_STORE_TYPE = "jeus.transport.unification.ssl.key-store-type";
    public static final String SSL_KEY_STORE_PASS = "jeus.transport.unification.ssl.key-store-passphrase";
    public static final String SSL_KEY_STORE_KEY_PASS = "jeus.transport.unification.ssl.key-store-key-passphrase";
    public static final String SSL_KEY_ALIAS = "jeus.transport.unification.ssl.key-alias";
    public static final String SSL_KEY_STORE_FILE = "jeus.transport.unification.ssl.key-store-file";
    public static final String SSL_KEY_MANAGEMENT_ALGORITHM = "jeus.transport.unification.ssl.key-management-algorithm";
    public static final String SSL_CLRS_FILE = "jeus.transport.unification.ssl.clrs-file";
    public static final String SSL_TRUST_STORE_TYPE = "jeus.transport.unification.ssl.trust-store-type";
    public static final String SSL_TRUST_STORE_PASS = "jeus.transport.unification.ssl.trust-store-passphrase";
    public static final String SSL_TRUST_STORE_FILE = "jeus.transport.unification.ssl.trust-store-file";
    public static final String SSL_TRUST_MANAGEMENT_ALGORITHM = "jeus.transport.unification.ssl.trust-management-algorithm";
    public static final String SSL_PROTOCOL = "jeus.transport.unification.ssl.protocol";
    public static final String SSL_USE_CLIENT_MODE = "jeus.transport.unification.ssl.use-client-mode";
    public static final String SSL_DEFAULT_KEY_STORE_TYPE = "JKS";

    public UnifiedTransportConfig() {
    }

    public UnifiedTransportConfig(UnifiedTransportConfig unifiedTransportConfig) {
        load(unifiedTransportConfig);
    }

    public void setName(String str) {
        setProperty(NAME, str);
    }

    public String getName() {
        return getProperty(NAME);
    }

    public String getHostName() {
        return getProperty(HOST_NAME, NetworkConstants.LOCAL_LOOPBACK_HOSTNAME);
    }

    public void setHostName(String str) {
        setProperty(HOST_NAME, str);
    }

    public int getPort() {
        return getIntProperty(PORT, 9736);
    }

    public void setPort(int i) {
        setIntProperty(PORT, i);
    }

    public InetAddress getInetAddress() throws UnknownHostException {
        return InetAddress.getByName(getHostName());
    }

    public InetSocketAddress getInetSocketAddress() throws UnknownHostException {
        return new InetSocketAddress(getInetAddress(), getPort());
    }

    public void setIoType(UnifiedTransportIoType unifiedTransportIoType) {
        setProperty(IO_TYPE, unifiedTransportIoType.name());
    }

    public UnifiedTransportIoType getIoType() {
        return isEnableSSL() ? UnifiedTransportIoType.BLOCKING : UnifiedTransportIoType.valueOf(getProperty(IO_TYPE, UnifiedTransportIoType.NON_BLOCKING.name()));
    }

    public void setReadTimeout(int i) {
        setIntProperty(READ_TIMEOUT, i);
    }

    public int getReadTimeout() {
        return getIntProperty(READ_TIMEOUT, 30);
    }

    public void setReservedThreads(int i) {
        setIntProperty(RESERVED_THREADS, i);
    }

    public int getReservedThreads() {
        return getIntProperty(RESERVED_THREADS);
    }

    public ManagedThreadPool getManagedThreadPool() {
        return getReservedThreads() > 0 ? ManagedThreadPoolFactory.getReservedThreadPool(ManagedThreadPoolFactory.SYSTEM_THREAD_POOL_NAME, getName(), getReservedThreads()) : ManagedThreadPoolFactory.getSystemThreadPool();
    }

    public void setBackLog(int i) {
        setIntProperty(BACK_LOG, i);
    }

    public int getBackLog() {
        return getIntProperty(BACK_LOG, 5);
    }

    public void setSelectors(int i) {
        setIntProperty(SELECTORS, i);
    }

    public int getSelectors() {
        if (getIoType() == UnifiedTransportIoType.BLOCKING) {
            return 1;
        }
        return getIntProperty(SELECTORS);
    }

    public void setEnableSSL(boolean z) {
        setBooleanProperty(ENABLE_SSL, z);
    }

    public boolean isEnableSSL() {
        return getBooleanProperty(ENABLE_SSL, false);
    }

    public void setSSLCipherSuites(String[] strArr) {
        for (int i = 0; i < strArr.length; i++) {
            setProperty("jeus.transport.unification.ssl.cipher-suites." + i, strArr[i]);
        }
    }

    public void setSSLCipherSuites(List<String> list) {
        if (list == null) {
            return;
        }
        Iterator<String> it = list.iterator();
        int i = 0;
        while (it.hasNext()) {
            setProperty("jeus.transport.unification.ssl.cipher-suites." + i, it.next());
            i++;
        }
    }

    public String[] getSSLCipherSuites() {
        ArrayList arrayList = new ArrayList();
        int i = 0;
        while (true) {
            String property = getProperty("jeus.transport.unification.ssl.cipher-suites." + i);
            if (property == null) {
                break;
            }
            arrayList.add(property);
            i++;
        }
        if (arrayList.isEmpty()) {
            return null;
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    public void setSSLProtocols(String[] strArr) {
        for (int i = 0; i < strArr.length; i++) {
            setProperty("jeus.transport.unification.ssl.protocols." + i, strArr[i]);
        }
    }

    public String[] getSSLProtocols() {
        ArrayList arrayList = new ArrayList();
        int i = 0;
        while (true) {
            String property = getProperty("jeus.transport.unification.ssl.protocols." + i);
            if (property == null) {
                break;
            }
            arrayList.add(property);
            i++;
        }
        if (arrayList.isEmpty()) {
            return null;
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    public void setSSLEnableSessionCreation(boolean z) {
        setBooleanProperty(SSL_ENABLE_SESSION_CREATION, z);
    }

    public boolean isSSLEnableSessionCreation() {
        return getBooleanProperty(SSL_ENABLE_SESSION_CREATION);
    }

    public void setSSLKeyStoreType(String str) {
        if (str != null) {
            setProperty(SSL_KEY_STORE_TYPE, str);
        }
    }

    public String getSSLKeyStoreType() {
        return getProperty(SSL_KEY_STORE_TYPE, "JKS");
    }

    public void setSSLKeyStorePass(String str) {
        if (str != null) {
            setProperty(SSL_KEY_STORE_PASS, str);
        }
    }

    public String getSSLKeyStorePass() {
        return getProperty(SSL_KEY_STORE_PASS, "changeit");
    }

    public void setSSLKeyAlias(String str) {
        if (str != null) {
            setProperty(SSL_KEY_ALIAS, str);
        }
    }

    public String getSSLKeyAlias() {
        return getProperty(SSL_KEY_ALIAS);
    }

    public void setSSLKeyStoreKeyPass(String str) {
        if (str != null) {
            setProperty(SSL_KEY_STORE_KEY_PASS, str);
        }
    }

    public String getSSLKeyStoreKeyPass() {
        return getProperty(SSL_KEY_STORE_KEY_PASS, getSSLKeyStorePass());
    }

    public void setSSLKeyStoreFile(String str) {
        if (str != null) {
            setProperty(SSL_KEY_STORE_FILE, str);
        }
    }

    public String getSSLKeyStoreFile() {
        return getProperty(SSL_KEY_STORE_FILE);
    }

    public void setSSLKeyManagementAlgorithm(String str) {
        if (str != null) {
            setProperty(SSL_KEY_MANAGEMENT_ALGORITHM, str);
        }
    }

    public String getSSLKeyManagementAlgorithm() {
        return getProperty(SSL_KEY_MANAGEMENT_ALGORITHM, "SunX509");
    }

    public void setSSLCRLsFile(String str) {
        setProperty(SSL_CLRS_FILE, str);
    }

    public String getSSLCRLsFile() {
        return getProperty(SSL_CLRS_FILE);
    }

    public void setSSLTrustStoreType(String str) {
        if (str != null) {
            setProperty(SSL_TRUST_STORE_TYPE, str);
        }
    }

    public String getSSLTrustStoreType() {
        return getProperty(SSL_TRUST_STORE_TYPE, "JKS");
    }

    public void setSSLTrustStorePass(String str) {
        if (str != null) {
            setProperty(SSL_TRUST_STORE_PASS, str);
        }
    }

    public String getSSLTrustStorePass() {
        return getProperty(SSL_TRUST_STORE_PASS, "changeit");
    }

    public void setSSLTrustStoreFile(String str) {
        if (str != null) {
            setProperty(SSL_TRUST_STORE_FILE, str);
        }
    }

    public String getSSLTrustStoreFile() {
        return getProperty(SSL_TRUST_STORE_FILE);
    }

    public void setSSLTrustManagementAlgorithm(String str) {
        if (str != null) {
            setProperty(SSL_TRUST_MANAGEMENT_ALGORITHM, str);
        }
    }

    public String getSSLTrustManagementAlgorithm() {
        return getProperty(SSL_TRUST_MANAGEMENT_ALGORITHM, "SunX509");
    }

    public void setSSLProtocol(String str) {
        if (str != null) {
            setProperty(SSL_PROTOCOL, str);
        }
    }

    public String getSSLProtocol() {
        return getProperty(SSL_PROTOCOL, "TLS");
    }

    public void setSSLUseClientMode(boolean z) {
        setBooleanProperty(SSL_USE_CLIENT_MODE, z);
    }

    public boolean isSSLUseClientMode() {
        return getBooleanProperty(SSL_USE_CLIENT_MODE, false);
    }

    public SSLContext getSSLContext() throws TransportException {
        if (!isEnableSSL()) {
            return null;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance(getSSLProtocol());
            sSLContext.init(getKeyManagers(), getTrustManagers(), new SecureRandom());
            return sSLContext;
        } catch (KeyManagementException e) {
            throw new TransportException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new TransportException(e2);
        } catch (Exception e3) {
            throw new TransportException(e3);
        }
    }

    private KeyManager[] getKeyManagers() throws Exception {
        KeyStore store = getStore(getSSLKeyStoreType(), getSSLKeyStoreFile(), getSSLKeyStorePass());
        String sSLKeyAlias = getSSLKeyAlias();
        if (sSLKeyAlias != null && !store.isKeyEntry(sSLKeyAlias)) {
            throw new TransportException("key alias is no entry. alias=" + sSLKeyAlias);
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(getSSLKeyManagementAlgorithm());
        keyManagerFactory.init(store, getSSLKeyStoreKeyPass().toCharArray());
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (sSLKeyAlias != null) {
            if ("JKS".equals(getSSLKeyStoreType())) {
                sSLKeyAlias = sSLKeyAlias.toLowerCase();
            }
            for (int i = 0; i < keyManagers.length; i++) {
                keyManagers[i] = new UnifiedTransportKeyManager((X509KeyManager) keyManagers[i], sSLKeyAlias);
            }
        }
        return keyManagers;
    }

    protected TrustManager[] getTrustManagers() throws Exception {
        KeyStore store;
        TrustManager[] trustManagerArr = null;
        if (isSSLNeedTrustManagerFactoryCreation() && (store = getStore(getSSLTrustStoreType(), getSSLTrustStoreFile(), getSSLTrustStorePass())) != null) {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(getSSLTrustManagementAlgorithm());
            trustManagerFactory.init(store);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        }
        return trustManagerArr;
    }

    protected TrustManager[] getTrustManagers(String str, String str2, String str3, String str4) throws Exception {
        KeyStore store;
        if (!isSSLNeedTrustManagerFactoryCreation()) {
            return null;
        }
        String sSLCRLsFile = getSSLCRLsFile();
        if (sSLCRLsFile == null && (store = getStore(getSSLTrustStoreType(), getSSLTrustStoreFile(), getSSLTrustStorePass())) != null) {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(getSSLTrustManagementAlgorithm());
            trustManagerFactory.init(store);
            return trustManagerFactory.getTrustManagers();
        }
        TrustManager[] trustManagerArr = null;
        KeyStore store2 = getStore(str, str3, str4);
        if (store2 != null) {
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(str2);
            trustManagerFactory2.init(new CertPathTrustManagerParameters(getParameters(str2, sSLCRLsFile, store2)));
            trustManagerArr = trustManagerFactory2.getTrustManagers();
        }
        return trustManagerArr;
    }

    private CertPathParameters getParameters(String str, String str2, KeyStore keyStore) throws Exception {
        if (!"PKIX".equalsIgnoreCase(str)) {
            throw new CRLException("CRLs not supported for type: " + str);
        }
        PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(keyStore, new X509CertSelector());
        pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(getCRLs(str2))));
        pKIXBuilderParameters.setRevocationEnabled(true);
        return pKIXBuilderParameters;
    }

    private Collection getCRLs(String str) throws IOException, CRLException, CertificateException {
        FileInputStream fileInputStream = null;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            fileInputStream = new FileInputStream(str);
            Collection<? extends CRL> generateCRLs = certificateFactory.generateCRLs(fileInputStream);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e) {
                }
            }
            return generateCRLs;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e2) {
                }
            }
            throw th;
        }
    }

    private KeyStore getStore(String str, String str2, String str3) throws TransportException {
        FileInputStream fileInputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(str);
                if (!"PKCS11".equalsIgnoreCase(str)) {
                    fileInputStream = new FileInputStream(str2);
                }
                keyStore.load(fileInputStream, str3.toCharArray());
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                    }
                }
                return keyStore;
            } catch (Exception e2) {
                throw new TransportException(e2);
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                }
            }
            throw th;
        }
    }

    public SSLConfig getSSLConfig(String[] strArr) {
        SSLConfig sSLConfig = new SSLConfig();
        String[] sSLCipherSuites = getSSLCipherSuites();
        if (sSLCipherSuites != null) {
            sSLConfig.setCipherSuites(getEnabledCiphers(Arrays.asList(sSLCipherSuites), strArr));
        }
        String[] sSLProtocols = getSSLProtocols();
        if (sSLProtocols != null) {
            sSLConfig.setProtocols(sSLProtocols);
        }
        if (isSSLNeedClientAuth()) {
            sSLConfig.setNeedClientAuth(isSSLNeedClientAuth());
        }
        if (isSSLWantClientAuth()) {
            sSLConfig.setWantClientAuth(isSSLWantClientAuth());
        }
        if (isSSLEnableSessionCreation()) {
            sSLConfig.setEnableSessionCreation(isSSLEnableSessionCreation());
        }
        return sSLConfig;
    }

    private String[] getEnabledCiphers(List<String> list, String[] strArr) {
        String[] strArr2;
        if (list == null) {
            return strArr;
        }
        Vector vector = null;
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String trim = it.next().trim();
            if (trim.length() > 0) {
                int i = 0;
                while (true) {
                    if (strArr != null && i < strArr.length) {
                        if (strArr[i].equals(trim)) {
                            if (vector == null) {
                                vector = new Vector();
                            }
                            vector.addElement(trim);
                        } else {
                            i++;
                        }
                    }
                }
            }
        }
        if (vector != null) {
            strArr2 = new String[vector.size()];
            vector.copyInto(strArr2);
        } else {
            strArr2 = strArr;
        }
        return strArr2;
    }

    public void setSSLWantClientAuth(boolean z) {
        setBooleanProperty(SSL_WANT_CLIENT_AUTH, z);
    }

    public boolean isSSLWantClientAuth() {
        return getBooleanProperty(SSL_WANT_CLIENT_AUTH, false);
    }

    public void setSSLNeedClientAuth(boolean z) {
        setBooleanProperty(SSL_NEED_CLIENT_AUTH, z);
    }

    public boolean isSSLNeedClientAuth() {
        return getBooleanProperty(SSL_NEED_CLIENT_AUTH, false);
    }

    public void setUseDualSelector(boolean z) {
        setBooleanProperty(USE_DUAL_SELECTOR, z);
    }

    public boolean isUseDualSelector() {
        return getIoType() != UnifiedTransportIoType.BLOCKING && getBooleanProperty(USE_DUAL_SELECTOR, false);
    }

    protected boolean isSSLNeedTrustManagerFactoryCreation() {
        return isSSLUseClientMode() || isSSLWantClientAuth() || isSSLNeedClientAuth();
    }

    public void setWriteLimit(int i) {
        setIntProperty(WRITE_LIMIT, i);
    }

    public int getWriteLimit() {
        return getIntProperty(WRITE_LIMIT, JeusNetProperties.WRITE_LIMIT);
    }

    public void setWriteRestart(int i) {
        setIntProperty(WRITE_RESTART, i);
    }

    public int getWriteRestart() {
        return getIntProperty(WRITE_RESTART, JeusNetProperties.WRITE_RESTART);
    }

    public void setWriteRepeatCount(int i) {
        setIntProperty(WRITE_REPEAT_COUNT, i);
    }

    public int getWriteRepeatCount() {
        return getIntProperty(WRITE_REPEAT_COUNT, JeusNetProperties.WRITE_REPEAT_COUNT);
    }

    @Override // jeus.util.config.Config
    protected boolean accept(String str) {
        return str != null && str.trim().startsWith(PROPERTY_PREFIX);
    }
}
