package de.contecon.base.net;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.Serializable;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.rmi.server.RMIServerSocketFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import net.essc.util.FileUtil;
import net.essc.util.GenLog;
import net.essc.util.RmiUtilLoader;
import net.essc.util.WildCardFileFilter;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;

/* loaded from: input_file:de/contecon/base/net/CcServerSocket.class */
public class CcServerSocket {
    public static final int TYPE_RMI_XML = 1;
    public static final int TYPE_DRIVER = 2;
    public static final int TYPE_AMDX_RMD = 4;
    private static volatile Map<Integer, Boolean> doSSL = new HashMap();
    private static volatile Map<Integer, SSLServerSocketFactory> ssf = new HashMap();
    private static volatile Map<Integer, String> ccKeyStore = new HashMap();
    private static volatile Map<Integer, String> ccTrustStore = new HashMap();
    private static RMIServerSocketFactory rmiSsf = null;
    private static SSLServerSocketFactory ssfForRmi = null;
    private static CcCertificateManagerEnabled ccCertificateManagerEnabled = null;
    private static final TrustManager ALL_TRUST_MANAGER = new X509TrustManager() { // from class: de.contecon.base.net.CcServerSocket.1
        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            RmiUtilLoader.GenLog.dumpFormattedMessage("ALL_TRUST_MANAGER.checkClientTrusted: cert=" + x509CertificateArr[0] + " authType=" + str);
            RmiUtilLoader.GenLog.dumpFormattedMessage("ALL_TRUST_MANAGER.checkClientTrusted: subject=" + x509CertificateArr[0].getSubjectX500Principal());
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            RmiUtilLoader.GenLog.dumpFormattedMessage("ALL_TRUST_MANAGER.checkServerTrusted: cert=" + x509CertificateArr[0] + " authType=" + str);
            RmiUtilLoader.GenLog.dumpFormattedMessage("ALL_TRUST_MANAGER.checkServerTrusted: subject=" + x509CertificateArr[0].getSubjectX500Principal());
        }
    };
    private static TrustManager[] trustManagers = null;

    /* loaded from: input_file:de/contecon/base/net/CcServerSocket$CcRMIServerSocketFactory.class */
    public static class CcRMIServerSocketFactory implements RMIServerSocketFactory, Serializable {
        public static final long serialVersionUID = 201810241002001L;
        private final int type;
        private final String id;

        public CcRMIServerSocketFactory(int i, String str) {
            this.type = i;
            this.id = str;
        }

        public ServerSocket createServerSocket(int i) throws IOException {
            try {
                SSLServerSocket sSLServerSocket = (SSLServerSocket) CcServerSocket.getSSLServerSocketFactoryForRmi(this.type).createServerSocket(i);
                sSLServerSocket.setNeedClientAuth(true);
                if (GenLog.isTracelevel(3)) {
                    RmiUtilLoader.GenLog.dumpInfoMessage("CcServerSocket.CcRMIServerSocketFactory.createServerSocket: " + sSLServerSocket + " clientAuth=" + (sSLServerSocket != null ? Boolean.valueOf(sSLServerSocket.getNeedClientAuth()) : "null") + " id=" + this.id);
                }
                CcServerSocket.dumpSslInfos(sSLServerSocket);
                return sSLServerSocket;
            } catch (Exception e) {
                RmiUtilLoader.GenLog.dumpException(e);
                throw new IOException("CcServerSocket.CcRMIServerSocketFactory.createServerSocket: " + e);
            }
        }
    }

    public static final boolean shouldDoSSL() {
        return shouldDoSSL(0);
    }

    public static final boolean shouldDoSSL(int i) {
        if (doSSL.containsKey(Integer.valueOf(i))) {
            return doSSL.get(Integer.valueOf(i)).booleanValue();
        }
        return false;
    }

    public static final boolean shouldDoClientAuth(int i) {
        if (System.getProperty("de.contecon.base.net.CcServerSocket.deactivateClientAuth") != null) {
            if (!GenLog.isTracelevel(3)) {
                return false;
            }
            GenLog.dumpInfoMessage("CcServerSocket.shouldDoClientAuth: deactivateClientAuth !!!");
            return false;
        }
        if (!doSSL.containsKey(Integer.valueOf(i))) {
            return false;
        }
        switch (i) {
            case 1:
            case 2:
            case 4:
                return true;
            case 3:
            default:
                return false;
        }
    }

    public static void setCcCertificateManagerEnabled(CcCertificateManagerEnabled ccCertificateManagerEnabled2) {
        ccCertificateManagerEnabled = ccCertificateManagerEnabled2;
    }

    public static synchronized void init() {
        init(0);
    }

    public static synchronized void init(int i) {
        if (i == 0) {
            ccKeyStore.put(Integer.valueOf(i), System.getProperty("de.contecon.net.ssl.keyStore"));
            ccTrustStore.put(Integer.valueOf(i), System.getProperty("de.contecon.net.ssl.trustStore"));
        } else if (i == 1) {
            ccKeyStore.put(Integer.valueOf(i), System.getProperty("de.contecon.rmixml.ssl.keyStore"));
            ccTrustStore.put(Integer.valueOf(i), System.getProperty("de.contecon.rmixml.ssl.trustStore"));
        } else if (i == 2) {
            ccKeyStore.put(Integer.valueOf(i), System.getProperty("de.contecon.driver.ssl.keyStore", System.getProperty("de.contecon.net.ssl.keyStore")));
            ccTrustStore.put(Integer.valueOf(i), System.getProperty("de.contecon.driver.ssl.trustStore", System.getProperty("de.contecon.net.ssl.trustStore")));
        } else if (i == 4) {
            ccKeyStore.put(Integer.valueOf(i), System.getProperty("de.contecon.amdx.rmd.ssl.keyStore"));
            ccTrustStore.put(Integer.valueOf(i), System.getProperty("de.contecon.amdx.rmd.ssl.trustStore"));
        }
        if ((!ccTrustStore.containsKey(Integer.valueOf(i)) || ccTrustStore.get(Integer.valueOf(i)) == null) && System.getProperty("de.contecon.rmixml.ssl.keyStore") != null && i == 1) {
            try {
                ArrayList fileList2 = FileUtil.getFileList2(new File("properties" + File.separator + SslConfigurationDefaults.PROTOCOL), new WildCardFileFilter("*AllTrustStore*"), true);
                if (fileList2 != null && fileList2.size() > 0) {
                    ccTrustStore.put(Integer.valueOf(i), ((File) fileList2.get(0)).getAbsolutePath());
                    RmiUtilLoader.GenLog.dumpInfoMessage("CcSocket.init: set ccTrustStore to " + ccTrustStore);
                }
            } catch (Exception e) {
                RmiUtilLoader.GenLog.dumpExceptionError("CcSocket.init findTrustStore", e);
            }
        }
        if (ccTrustStore.get(Integer.valueOf(i)) == null && ccKeyStore.get(Integer.valueOf(i)) == null) {
            return;
        }
        doSSL.put(Integer.valueOf(i), true);
        RmiUtilLoader.GenLog.dumpFormattedMessage("CcServerSocket.init: SSL active for type " + getSslTypeText(i));
        if (i == 0) {
            Properties properties = System.getProperties();
            if (ccTrustStore.get(Integer.valueOf(i)) != null) {
                if (properties.getProperty("javax.net.ssl.trustStore") == null) {
                    properties.setProperty("javax.net.ssl.trustStore", ccTrustStore.get(Integer.valueOf(i)));
                }
                if (properties.getProperty("javax.net.ssl.trustStorePassword") == null) {
                    properties.setProperty("javax.net.ssl.trustStorePassword", CcCertificates.get(ccTrustStore.get(Integer.valueOf(i))));
                }
            }
            if (ccKeyStore.get(Integer.valueOf(i)) != null) {
                if (properties.getProperty("javax.net.ssl.keyStore") == null) {
                    properties.setProperty("javax.net.ssl.keyStore", ccKeyStore.get(Integer.valueOf(i)));
                }
                if (properties.getProperty("javax.net.ssl.keyStorePassword") == null) {
                    properties.setProperty("javax.net.ssl.keyStorePassword", CcCertificates.get(ccKeyStore.get(Integer.valueOf(i))));
                }
            }
        }
    }

    public static synchronized RMIServerSocketFactory getRMIServerSocketFactory(String str) {
        return getRMIServerSocketFactory(1, str);
    }

    public static synchronized RMIServerSocketFactory getRMIServerSocketFactory(int i, String str) {
        if (shouldDoSSL(i)) {
            return new CcRMIServerSocketFactory(i, str);
        }
        return null;
    }

    private static synchronized SSLServerSocketFactory getSSLServerSocketFactoryForRmi() throws Exception {
        return getSSLServerSocketFactoryForRmi(1);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static synchronized SSLServerSocketFactory getSSLServerSocketFactoryForRmi(int i) throws Exception {
        return createSslServerSocketFactory(i);
    }

    private static SSLServerSocketFactory createSslServerSocketFactory(int i) throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, FileNotFoundException, UnrecoverableKeyException, KeyManagementException {
        TrustManager[] wrapWithTrace;
        if (GenLog.isTracelevel(3)) {
            GenLog.dumpInfoMessage("CcServerSocket.createSslServerSocketFactory: type=" + getSslTypeText(i));
        }
        SSLContext sSLContext = SSLContext.getInstance(System.getProperty("de.contecon.net.ssl.SSLContext.getInstance", "TLS"));
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(System.getProperty("de.contecon.net.ssl.KeyManagerFactory.getInstance", "SunX509"));
        KeyStore keyStore = KeyStore.getInstance(System.getProperty("de.contecon.net.ssl.KeyStore.getInstance", "Pkcs12"));
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(System.getProperty("de.contecon.net.ssl.TrustManagerFactory.getInstance", "SunX509"));
        KeyStore keyStore2 = KeyStore.getInstance(System.getProperty("de.contecon.net.ssl.KeyStore.getInstance", SslConfigurationDefaults.KEYSTORE_TYPE));
        String str = ccKeyStore.get(Integer.valueOf(i));
        String str2 = CcCertificates.get(str);
        char[] charArray = str2.toCharArray();
        try {
            keyStore.load(new FileInputStream(str), charArray);
        } catch (Exception e) {
            GenLog.dumpExceptionErrorWithoutHookProcessing("createSslServerSocketFactory-ks: store=" + str, e);
            String str3 = CcCertificates.get(str, true);
            if (!str2.equals(str3)) {
                keyStore.load(new FileInputStream(str), str3.toCharArray());
            }
        }
        keyManagerFactory.init(keyStore, charArray);
        KeyManager[] wrapWithTrace2 = wrapWithTrace(keyManagerFactory.getKeyManagers(), i, str);
        if (System.getProperty("de.contecon.net.ssl.TrustStore.ServerSocket.ActivateOwnTrustStore") != null) {
            wrapWithTrace = wrapWithTrace(getTrustManagers(), i, "OwnTrustStore");
        } else {
            String str4 = ccTrustStore.get(Integer.valueOf(i));
            try {
                if (ccCertificateManagerEnabled != null) {
                    ccCertificateManagerEnabled.setTruststorePw(new File(str4 + CcCertificateManagerEnabled.PW_FILE_EXT));
                }
            } catch (Exception e2) {
                GenLog.dumpException(e2, "CcServerSocket.ccCertificateManagerEnabled.setTruststorePw", false, false);
            }
            String str5 = CcCertificates.get(str4);
            try {
                keyStore2.load(new FileInputStream(str4), str5.toCharArray());
            } catch (Exception e3) {
                GenLog.dumpExceptionErrorWithoutHookProcessing("createSslServerSocketFactory-ts", e3);
                String str6 = CcCertificates.get(str4, true);
                if (!str5.equals(str6)) {
                    keyStore.load(new FileInputStream(str4), str6.toCharArray());
                }
            }
            trustManagerFactory.init(keyStore2);
            wrapWithTrace = wrapWithTrace(trustManagerFactory.getTrustManagers(), i, str4);
        }
        sSLContext.init(wrapWithTrace2, wrapWithTrace, null);
        return sSLContext.getServerSocketFactory();
    }

    private static KeyManager[] wrapWithTrace(KeyManager[] keyManagerArr, int i, String str) {
        if (keyManagerArr != null && keyManagerArr.length > 0) {
            KeyManager[] keyManagerArr2 = new KeyManager[keyManagerArr.length];
            for (int i2 = 0; i2 < keyManagerArr2.length; i2++) {
                if (keyManagerArr[i2] instanceof X509KeyManager) {
                    keyManagerArr2[i2] = new CcX509KeyManagerWithTrace(true, (X509KeyManager) keyManagerArr[i2], i, str);
                } else {
                    keyManagerArr2[i2] = keyManagerArr[i2];
                }
            }
            keyManagerArr = keyManagerArr2;
        }
        return keyManagerArr;
    }

    private static TrustManager[] wrapWithTrace(TrustManager[] trustManagerArr, int i, String str) {
        if (trustManagerArr != null && trustManagerArr.length > 0) {
            TrustManager[] trustManagerArr2 = new TrustManager[trustManagerArr.length];
            for (int i2 = 0; i2 < trustManagerArr2.length; i2++) {
                if (trustManagerArr[i2] instanceof X509TrustManager) {
                    trustManagerArr2[i2] = new CcX509TrustManagerWithTrace(true, (X509TrustManager) trustManagerArr[i2], i, str);
                } else {
                    trustManagerArr2[i2] = trustManagerArr[i2];
                }
            }
            trustManagerArr = trustManagerArr2;
        }
        return trustManagerArr;
    }

    public static void setTrustManager(TrustManager trustManager) {
        setTrustManagers(new TrustManager[]{trustManager});
    }

    public static void setTrustManagers(TrustManager[] trustManagerArr) {
        trustManagers = trustManagerArr;
    }

    public static TrustManager[] getTrustManagers() {
        return trustManagers != null ? trustManagers : new TrustManager[]{ALL_TRUST_MANAGER};
    }

    private static synchronized SSLServerSocketFactory getSSLServerSocketFactory(int i) throws Exception {
        if (!ssf.containsKey(Integer.valueOf(i))) {
            if (i == 0) {
                ssf.put(Integer.valueOf(i), (SSLServerSocketFactory) SSLServerSocketFactory.getDefault());
            } else {
                ssf.put(Integer.valueOf(i), createSslServerSocketFactory(i));
            }
        }
        return ssf.get(Integer.valueOf(i));
    }

    public static ServerSocket createCcServerSocket(int i) throws Exception {
        return createCcServerSocket(i, 50, null);
    }

    public static ServerSocket createCcServerSocket(int i, int i2) throws Exception {
        return createCcServerSocket(i, i2, null);
    }

    public static ServerSocket createCcServerSocket(int i, int i2, InetAddress inetAddress) throws Exception {
        return createCcServerSocket(i, i2, inetAddress, 0);
    }

    public static ServerSocket createCcServerSocket(int i, int i2, InetAddress inetAddress, int i3) throws Exception {
        if (GenLog.isTracelevel(4)) {
            GenLog.dumpDebugMessage("CcServerSocket.createCcServerSocket: port=" + i + " backlog=" + i2 + " bindAdr=" + inetAddress + " type=" + i3);
        }
        if (!shouldDoSSL(i3)) {
            return new ServerSocket(i, i2, inetAddress);
        }
        SSLServerSocket sSLServerSocket = (SSLServerSocket) getSSLServerSocketFactory(i3).createServerSocket(i, i2, inetAddress);
        if (shouldDoClientAuth(i3)) {
            sSLServerSocket.setNeedClientAuth(true);
        }
        if (GenLog.isTracelevel(3)) {
            RmiUtilLoader.GenLog.dumpInfoMessage("CcServerSocket.createCcServerSocket: " + sSLServerSocket + " clientAuth=" + (sSLServerSocket != null ? Boolean.valueOf(sSLServerSocket.getNeedClientAuth()) : "null"));
        }
        dumpSslInfos(sSLServerSocket);
        return sSLServerSocket;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void dumpSslInfos(SSLServerSocket sSLServerSocket) {
        if (GenLog.isTracelevel(4)) {
            String[] supportedCipherSuites = sSLServerSocket.getSupportedCipherSuites();
            if (supportedCipherSuites != null) {
                for (int i = 0; i < supportedCipherSuites.length; i++) {
                    GenLog.dumpMessage("SupportedCipherSuite-" + (i + 1) + ": " + supportedCipherSuites[i]);
                }
            }
            String[] supportedProtocols = sSLServerSocket.getSupportedProtocols();
            if (supportedProtocols != null) {
                for (int i2 = 0; i2 < supportedProtocols.length; i2++) {
                    GenLog.dumpMessage("SupportedProtocol-" + (i2 + 1) + ": " + supportedProtocols[i2]);
                }
            }
        }
    }

    private static String getSslTypeText(int i) {
        switch (i) {
            case 1:
                return "SSL_FOR_RMI_AND_XML";
            case 2:
                return "SSL_FOR_DRIVER";
            case 3:
            default:
                return SslConfigurationDefaults.PROTOCOL;
            case 4:
                return "SSL_FOR_AMDX_RMD";
        }
    }
}
