package com.devexperts.connector.codec.ssl;

import com.devexperts.connector.codec.CodecConnectionFactory;
import com.devexperts.connector.proto.ApplicationConnection;
import com.devexperts.connector.proto.ApplicationConnectionFactory;
import com.devexperts.connector.proto.Configurable;
import com.devexperts.connector.proto.TransportConnection;
import com.devexperts.io.URLInputStream;
import com.devexperts.logging.Logging;
import com.devexperts.util.ExecutorProvider;
import com.devexperts.util.SystemProperties;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.concurrent.Executor;
import javax.annotation.Nonnull;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:WEB-INF/lib/qds.jar:com/devexperts/connector/codec/ssl/SSLConnectionFactory.class */
public class SSLConnectionFactory extends CodecConnectionFactory {
    private static final ExecutorProvider DEFAULT_EXECUTOR_PROVIDER;
    private final SSLContext context;
    private String keyStore;
    private String keyStorePassword;
    private String keyStoreProvider;
    private String keyStoreType;
    private String trustStore;
    private String trustStorePassword;
    private String trustStoreProvider;
    private String trustStoreType;
    private String protocols;
    private String cipherSuites;
    private TrustManager trustManager;
    private String[] protocolsArr;
    private String[] cipherSuitesArr;
    private boolean isServer;
    private boolean needClientAuth;
    private boolean wantClientAuth;
    private int taskThreads;
    private Executor taskExecutor;
    private ExecutorProvider taskExecutorProvider;
    private volatile boolean isInitialized;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Nonnull
    private static ExecutorProvider createExecutorProvider(int i) {
        return new ExecutorProvider(i, "SSLTasksExecutor", Logging.getLogging((Class<?>) SSLConnection.class));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLConnectionFactory(ApplicationConnectionFactory applicationConnectionFactory) {
        super(applicationConnectionFactory);
        this.keyStore = SystemProperties.getProperty("javax.net.ssl.keyStore", null);
        this.keyStorePassword = SystemProperties.getProperty("javax.net.ssl.keyStorePassword", null);
        this.keyStoreProvider = SystemProperties.getProperty("javax.net.ssl.keyStoreProvider", null);
        this.keyStoreType = SystemProperties.getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType());
        this.trustStore = SystemProperties.getProperty("javax.net.ssl.trustStore", null);
        this.trustStorePassword = SystemProperties.getProperty("javax.net.ssl.trustStorePassword", null);
        this.trustStoreProvider = SystemProperties.getProperty("javax.net.ssl.trustStoreProvider", null);
        this.trustStoreType = SystemProperties.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType());
        this.protocols = SystemProperties.getProperty("com.devexperts.connector.codec.ssl.protocols", null);
        this.cipherSuites = SystemProperties.getProperty("com.devexperts.connector.codec.ssl.cipherSuites", null);
        this.isServer = false;
        try {
            this.context = SSLContext.getInstance("TLS");
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError(e);
        }
    }

    public String getKeyStore() {
        return this.keyStore;
    }

    @Configurable
    public void setKeyStore(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.keyStore = str;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    @Configurable
    public void setKeyStorePassword(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.keyStorePassword = str;
    }

    public String getKeyStoreProvider() {
        return this.keyStoreProvider;
    }

    @Configurable
    public void setKeyStoreProvider(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.keyStoreProvider = str;
    }

    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    @Configurable
    public void setKeyStoreType(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.keyStoreType = str;
    }

    public String getTrustStore() {
        return this.trustStore;
    }

    @Configurable
    public void setTrustStore(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.trustStore = str;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    @Configurable
    public void setTrustStorePassword(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.trustStorePassword = str;
    }

    public String getTrustStoreProvider() {
        return this.trustStoreProvider;
    }

    @Configurable
    public void setTrustStoreProvider(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.trustStoreProvider = str;
    }

    public String getTrustStoreType() {
        return this.trustStoreType;
    }

    @Configurable
    public void setTrustStoreType(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.trustStoreType = str;
    }

    public boolean isServer() {
        return this.isServer;
    }

    @Configurable(name = "isServer")
    public void setServer(boolean z) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.isServer = z;
    }

    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    @Configurable
    public void setNeedClientAuth(boolean z) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.needClientAuth = z;
    }

    public boolean isWantClientAuth() {
        return this.wantClientAuth;
    }

    @Configurable
    public void setWantClientAuth(boolean z) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.wantClientAuth = z;
    }

    public int getTaskThreads() {
        return this.taskThreads;
    }

    @Configurable
    public void setTaskThreads(int i) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.taskThreads = i;
    }

    public Executor getTaskExecutor() {
        return this.taskExecutor;
    }

    @Configurable
    public void setTaskExecutor(Executor executor) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.taskExecutor = executor;
    }

    public String getProtocols() {
        return this.protocols;
    }

    @Configurable
    public void setProtocols(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.protocols = str;
    }

    public String getCipherSuites() {
        return this.cipherSuites;
    }

    @Configurable
    public void setCipherSuites(String str) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.cipherSuites = str;
    }

    @Override // com.devexperts.connector.codec.CodecConnectionFactory
    public void setTrustManager(TrustManager trustManager) {
        if (this.isInitialized) {
            throw new IllegalStateException("Factory has already been initialized.");
        }
        this.trustManager = trustManager;
    }

    private ExecutorProvider getExecutorProvider() {
        if (this.taskExecutorProvider != null) {
            return this.taskExecutorProvider;
        }
        if (this.taskExecutor != null) {
            ExecutorProvider executorProvider = new ExecutorProvider(this.taskExecutor);
            this.taskExecutorProvider = executorProvider;
            return executorProvider;
        }
        if (this.taskThreads <= 0) {
            return DEFAULT_EXECUTOR_PROVIDER;
        }
        ExecutorProvider createExecutorProvider = createExecutorProvider(this.taskThreads);
        this.taskExecutorProvider = createExecutorProvider;
        return createExecutorProvider;
    }

    private void init() throws GeneralSecurityException, IOException {
        KeyManagerFactory keyManagerFactory = null;
        if (this.keyStore != null) {
            KeyStore keyStore = getKeyStore(this.keyStoreType, this.keyStoreProvider, this.keyStore, this.keyStorePassword);
            keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, this.keyStorePassword == null ? null : this.keyStorePassword.toCharArray());
        }
        TrustManager[] trustManagerArr = null;
        if (this.trustManager != null) {
            trustManagerArr = new TrustManager[]{this.trustManager};
        } else if (this.trustStore != null) {
            KeyStore keyStore2 = getKeyStore(this.trustStoreType, this.trustStoreProvider, this.trustStore, this.trustStorePassword);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore2);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        }
        this.context.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, trustManagerArr, null);
        SSLEngine createSSLEngine = this.context.createSSLEngine();
        if (this.protocols != null) {
            this.protocolsArr = this.protocols.trim().split(";");
            try {
                createSSLEngine.setEnabledProtocols(this.protocolsArr);
            } catch (IllegalArgumentException e) {
                this.log.error(e.getMessage() + " protocols are not supported. Available protocols: " + Arrays.toString(createSSLEngine.getSupportedProtocols()));
                throw new GeneralSecurityException(e);
            }
        }
        if (this.cipherSuites != null) {
            this.cipherSuitesArr = this.cipherSuites.trim().split(";");
            try {
                createSSLEngine.setEnabledCipherSuites(this.cipherSuitesArr);
            } catch (IllegalArgumentException e2) {
                this.log.error(e2.getMessage() + " cipher suites are not supported. Available cipher suites: " + Arrays.toString(createSSLEngine.getSupportedCipherSuites()));
                throw new GeneralSecurityException(e2);
            }
        }
        this.isInitialized = true;
    }

    private static KeyStore getKeyStore(String str, String str2, String str3, String str4) throws GeneralSecurityException, IOException {
        char[] charArray;
        if (!$assertionsDisabled && str3 == null) {
            throw new AssertionError();
        }
        KeyStore keyStore = str2 == null ? KeyStore.getInstance(str) : KeyStore.getInstance(str, str2);
        URLInputStream uRLInputStream = new URLInputStream(str3);
        Throwable th = null;
        if (str4 == null) {
            charArray = null;
        } else {
            try {
                try {
                    charArray = str4.toCharArray();
                } finally {
                }
            } catch (Throwable th2) {
                if (uRLInputStream != null) {
                    if (th != null) {
                        try {
                            uRLInputStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        uRLInputStream.close();
                    }
                }
                throw th2;
            }
        }
        keyStore.load(uRLInputStream, charArray);
        if (uRLInputStream != null) {
            if (0 != 0) {
                try {
                    uRLInputStream.close();
                } catch (Throwable th4) {
                    th.addSuppressed(th4);
                }
            } else {
                uRLInputStream.close();
            }
        }
        return keyStore;
    }

    @Override // com.devexperts.connector.proto.ApplicationConnectionFactory
    public ApplicationConnection<?> createConnection(TransportConnection transportConnection) throws IOException {
        if (!this.isInitialized) {
            try {
                init();
            } catch (GeneralSecurityException e) {
                throw new IOException("Failed to initialize ssl engine: " + e.getMessage());
            }
        }
        SSLEngine createSSLEngine = this.context.createSSLEngine();
        if (this.protocolsArr != null) {
            createSSLEngine.setEnabledProtocols(this.protocolsArr);
        }
        if (this.cipherSuitesArr != null) {
            createSSLEngine.setEnabledCipherSuites(this.cipherSuitesArr);
        }
        createSSLEngine.setUseClientMode(!this.isServer);
        if (this.isServer) {
            if (this.needClientAuth) {
                createSSLEngine.setWantClientAuth(this.wantClientAuth);
                createSSLEngine.setNeedClientAuth(true);
            } else {
                createSSLEngine.setNeedClientAuth(false);
                createSSLEngine.setWantClientAuth(this.wantClientAuth);
            }
        }
        return new SSLConnection(getDelegate(), this, transportConnection, createSSLEngine, getExecutorProvider().newReference());
    }

    @Override // com.devexperts.connector.proto.ApplicationConnectionFactory
    public String toString() {
        return "ssl+" + getDelegate().toString();
    }

    static {
        $assertionsDisabled = !SSLConnectionFactory.class.desiredAssertionStatus();
        DEFAULT_EXECUTOR_PROVIDER = createExecutorProvider(SystemProperties.getIntProperty("com.devexperts.qd.qtp.ssl.executorThreadsNumber", Runtime.getRuntime().availableProcessors()));
    }
}
