package com.orientechnologies.orient.server.network;

import com.orientechnologies.common.exception.OException;
import com.orientechnologies.common.parser.OSystemVariableResolver;
import com.orientechnologies.orient.core.exception.OConfigurationException;
import com.orientechnologies.orient.server.config.OServerParameterConfiguration;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:WEB-INF/lib/orientdb-server-2.2.30.jar:com/orientechnologies/orient/server/network/OServerSSLSocketFactory.class */
public class OServerSSLSocketFactory extends OServerSocketFactory {
    public static final String PARAM_NETWORK_SSL_CLIENT_AUTH = "network.ssl.clientAuth";
    public static final String PARAM_NETWORK_SSL_KEYSTORE = "network.ssl.keyStore";
    public static final String PARAM_NETWORK_SSL_KEYSTORE_TYPE = "network.ssl.keyStoreType";
    public static final String PARAM_NETWORK_SSL_KEYSTORE_PASSWORD = "network.ssl.keyStorePassword";
    public static final String PARAM_NETWORK_SSL_TRUSTSTORE = "network.ssl.trustStore";
    public static final String PARAM_NETWORK_SSL_TRUSTSTORE_TYPE = "network.ssl.trustStoreType";
    public static final String PARAM_NETWORK_SSL_TRUSTSTORE_PASSWORD = "network.ssl.trustStorePassword";
    private SSLServerSocketFactory sslServerSocketFactory = null;
    private String keyStorePath = null;
    private File keyStoreFile = null;
    private String keyStorePassword = null;
    private String keyStoreType = KeyStore.getDefaultType();
    private String trustStorePath = null;
    private File trustStoreFile = null;
    private String trustStorePassword = null;
    private String trustStoreType = KeyStore.getDefaultType();
    private boolean clientAuth = false;

    @Override // com.orientechnologies.orient.server.network.OServerSocketFactory
    public void config(String str, OServerParameterConfiguration[] oServerParameterConfigurationArr) {
        super.config(str, oServerParameterConfigurationArr);
        for (OServerParameterConfiguration oServerParameterConfiguration : oServerParameterConfigurationArr) {
            if (oServerParameterConfiguration.name.equalsIgnoreCase(PARAM_NETWORK_SSL_CLIENT_AUTH)) {
                this.clientAuth = Boolean.parseBoolean(oServerParameterConfiguration.value);
            } else if (oServerParameterConfiguration.name.equalsIgnoreCase(PARAM_NETWORK_SSL_KEYSTORE)) {
                this.keyStorePath = oServerParameterConfiguration.value;
            } else if (oServerParameterConfiguration.name.equalsIgnoreCase(PARAM_NETWORK_SSL_KEYSTORE_PASSWORD)) {
                this.keyStorePassword = oServerParameterConfiguration.value;
            } else if (oServerParameterConfiguration.name.equalsIgnoreCase(PARAM_NETWORK_SSL_KEYSTORE_TYPE)) {
                this.keyStoreType = oServerParameterConfiguration.value;
            } else if (oServerParameterConfiguration.name.equalsIgnoreCase(PARAM_NETWORK_SSL_TRUSTSTORE)) {
                this.trustStorePath = oServerParameterConfiguration.value;
            } else if (oServerParameterConfiguration.name.equalsIgnoreCase(PARAM_NETWORK_SSL_TRUSTSTORE_PASSWORD)) {
                this.trustStorePassword = oServerParameterConfiguration.value;
            } else if (oServerParameterConfiguration.name.equalsIgnoreCase(PARAM_NETWORK_SSL_TRUSTSTORE_TYPE)) {
                this.trustStoreType = oServerParameterConfiguration.value;
            }
        }
        if (this.keyStorePath == null) {
            throw new OConfigurationException("Missing parameter network.ssl.keyStore");
        }
        if (this.keyStorePassword == null) {
            throw new OConfigurationException("Missing parameter network.ssl.keyStorePassword");
        }
        this.keyStoreFile = new File(this.keyStorePath);
        if (!this.keyStoreFile.isAbsolute()) {
            this.keyStoreFile = new File(OSystemVariableResolver.resolveSystemVariables("${ORIENTDB_HOME}"), this.keyStorePath);
        }
        if (this.trustStorePath != null) {
            this.trustStoreFile = new File(this.trustStorePath);
            if (this.trustStoreFile.isAbsolute()) {
                return;
            }
            this.trustStoreFile = new File(OSystemVariableResolver.resolveSystemVariables("${ORIENTDB_HOME}"), this.trustStorePath);
        }
    }

    private ServerSocket configureSocket(SSLServerSocket sSLServerSocket) {
        sSLServerSocket.setNeedClientAuth(this.clientAuth);
        return sSLServerSocket;
    }

    private SSLServerSocketFactory getBackingFactory() {
        if (this.sslServerSocketFactory == null) {
            this.sslServerSocketFactory = getSSLContext().getServerSocketFactory();
        }
        return this.sslServerSocketFactory;
    }

    protected SSLContext getSSLContext() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            KeyStore keyStore = KeyStore.getInstance(this.keyStoreType);
            char[] charArray = this.keyStorePassword.toCharArray();
            keyStore.load(new FileInputStream(this.keyStoreFile), charArray);
            keyManagerFactory.init(keyStore, charArray);
            TrustManagerFactory trustManagerFactory = null;
            if (this.trustStoreFile != null) {
                trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                KeyStore keyStore2 = KeyStore.getInstance(this.trustStoreType);
                keyStore2.load(new FileInputStream(this.trustStoreFile), this.trustStorePassword.toCharArray());
                trustManagerFactory.init(keyStore2);
            }
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (Exception e) {
            throw OException.wrapException(new OConfigurationException("Failed to create SSL context"), e);
        }
    }

    @Override // com.orientechnologies.orient.server.network.OServerSocketFactory
    public ServerSocket createServerSocket(int i) throws IOException {
        return configureSocket((SSLServerSocket) getBackingFactory().createServerSocket(i));
    }

    @Override // com.orientechnologies.orient.server.network.OServerSocketFactory
    public ServerSocket createServerSocket(int i, int i2) throws IOException {
        return configureSocket((SSLServerSocket) getBackingFactory().createServerSocket(i, i2));
    }

    @Override // com.orientechnologies.orient.server.network.OServerSocketFactory
    public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
        return configureSocket((SSLServerSocket) getBackingFactory().createServerSocket(i, i2, inetAddress));
    }
}
