package com.pcbsys.foundation.drivers;

import com.pcbsys.foundation.base.fException;
import com.pcbsys.foundation.base.fFile;
import com.pcbsys.foundation.base.fTimer;
import com.pcbsys.foundation.fConstants;
import com.pcbsys.foundation.io.fConnectionSettings;
import com.pcbsys.foundation.security.fClientLoginContext;
import com.pcbsys.foundation.security.fLoginContext;
import com.pcbsys.foundation.security.fLoginContextSSLAttributes;
import com.pcbsys.foundation.security.fSubject;
import com.pcbsys.foundation.threads.fScheduledTask;
import com.pcbsys.foundation.threads.fThreadScheduler;
import com.pcbsys.foundation.utils.fSystemConfiguration;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.KeyStore;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509KeyManager;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:com/pcbsys/foundation/drivers/fSSLSocketDriver.class */
public class fSSLSocketDriver extends fSocketDriver implements fSSLDriver {
    private long myStartCloseTime;
    private boolean requireClientAuth;
    private KeyManager[] customKeyManager;

    /* loaded from: input_file:com/pcbsys/foundation/drivers/fSSLSocketDriver$CloseWatcher.class */
    public static class CloseWatcher extends fScheduledTask {
        @Override // com.pcbsys.foundation.threads.fTask
        public void execute() {
            fConstants.logger.error("SSL-Socket> Close thread is blocked");
        }

        @Override // com.pcbsys.foundation.threads.fScheduledTask
        public String getName() {
            return "I/O Close monitor";
        }

        @Override // com.pcbsys.foundation.threads.fScheduledTask
        public long reSchedule() {
            return -1L;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public fSSLSocketDriver(Socket socket, fLoginContext flogincontext) throws Exception {
        super(socket, flogincontext);
        this.myStartCloseTime = 0L;
        this.requireClientAuth = true;
        this.myType = fConnectionDetails.getProtocolString(2);
    }

    public fSSLSocketDriver(String str, int i, fLoginContext flogincontext) throws Exception {
        super(str, i, flogincontext);
        this.myStartCloseTime = 0L;
        this.requireClientAuth = true;
        this.myType = fConnectionDetails.getProtocolString(2);
    }

    public fSSLSocketDriver(String str, int i, fLoginContext flogincontext, Socket socket) throws Exception {
        super(flogincontext);
        this.myStartCloseTime = 0L;
        this.requireClientAuth = true;
        this.myType = fConnectionDetails.getProtocolString(2);
        createSocket(socket, str, i);
        socketSetup();
    }

    protected void createSocket(Socket socket, String str, int i) throws IOException {
        try {
            SSLSocket sSLSocket = (SSLSocket) getSSLFact().createSocket(socket, str, i, false);
            try {
                X509Certificate[] peerCertificateChain = sSLSocket.getSession().getPeerCertificateChain();
                peerCertificateChain[peerCertificateChain.length - 1].checkValidity();
            } catch (Exception e) {
                if (!(e instanceof ClassNotFoundException)) {
                    if (!(e instanceof IOException)) {
                        throw new IOException(e);
                    }
                    throw ((IOException) e);
                }
                fConstants.logger.info(e);
                fConstants.logger.info(e);
            }
            this.mySocket = sSLSocket;
        } catch (Exception e2) {
            if (!(e2 instanceof IOException)) {
                throw new IOException(e2);
            }
            throw ((IOException) e2);
        }
    }

    @Override // com.pcbsys.foundation.drivers.fSocketDriver
    protected void createSocket(String str, int i) throws IOException {
        try {
            SSLSocket sSLSocket = (SSLSocket) getSSLFact().createSocket();
            sSLSocket.bind(null);
            sSLSocket.connect(new InetSocketAddress(str, i), fConnectionSettings.getSocketConnectTimeout());
            try {
                X509Certificate[] peerCertificateChain = sSLSocket.getSession().getPeerCertificateChain();
                peerCertificateChain[peerCertificateChain.length - 1].checkValidity();
            } catch (Exception e) {
                if (!(e instanceof ClassNotFoundException)) {
                    if (!(e instanceof IOException)) {
                        throw new IOException(e);
                    }
                    throw ((IOException) e);
                }
                fConstants.logger.info(e);
            }
            this.mySocket = sSLSocket;
        } catch (Exception e2) {
            if (!(e2 instanceof IOException)) {
                throw new IOException(e2);
            }
            throw ((IOException) e2);
        }
    }

    private SSLSocketFactory getSSLFact() throws Exception {
        SSLSocketFactory sSLSocketFactory = null;
        String str = null;
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        String[] strArr = null;
        String str7 = null;
        String str8 = null;
        if (this.myAuthHandler instanceof fLoginContextSSLAttributes) {
            fLoginContextSSLAttributes flogincontextsslattributes = (fLoginContextSSLAttributes) this.myAuthHandler;
            str = flogincontextsslattributes.getKeyStorePath();
            str2 = flogincontextsslattributes.getKeyStorePass();
            str3 = flogincontextsslattributes.getKeyStoreCert();
            str4 = flogincontextsslattributes.getTrustStorePath();
            str5 = flogincontextsslattributes.getTrustStorePass();
            str6 = flogincontextsslattributes.getProtocol();
            strArr = flogincontextsslattributes.getEnabledCiphers();
            str7 = flogincontextsslattributes.getPKCS11NSSConfigFile();
            str8 = flogincontextsslattributes.getPKCS11NSSName();
        }
        if (fDriverConstants.sUseNSSFIPS) {
            sSLSocketFactory = new fCustomNSSSocketFactory(str2, str7, str8, str6, strArr);
        } else if (fDriverConstants.sUseNSSCrypto) {
            sSLSocketFactory = new fCustomNSSCryptoSocketFactory(str, str2, str3, str4, str5, str6, strArr, str7, str8);
        } else if (str != null || str4 != null || str6 != null) {
            sSLSocketFactory = new fCustomSSLSocketFactory(str, str2, str3, str4, str5, str6, strArr);
        } else if (fConnectionSettings.sCertificateAlias == null || fConnectionSettings.sCertificateAlias.length() == 0) {
            fConstants.logger.warn("Getting Default SSL SocketFactory");
            sSLSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
        } else {
            try {
                SSLContext sSLContext = SSLContext.getInstance(SSLContext.getDefault().getDefaultSSLParameters().getProtocols()[0]);
                if (this.customKeyManager == null) {
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    FileInputStream openFileInputStream = fFile.openFileInputStream(fSystemConfiguration.getProperty("javax.net.ssl.keyStore"));
                    Throwable th = null;
                    try {
                        keyStore.load(openFileInputStream, fSystemConfiguration.getProperty("javax.net.ssl.keyStorePassword").toCharArray());
                        if (openFileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    openFileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                openFileInputStream.close();
                            }
                        }
                        keyManagerFactory.init(keyStore, fSystemConfiguration.getProperty("javax.net.ssl.keyStorePassword").toCharArray());
                        this.customKeyManager = new KeyManager[]{new fCustomKeyManager((X509KeyManager) keyManagerFactory.getKeyManagers()[0])};
                    } finally {
                    }
                }
                sSLContext.init(this.customKeyManager, null, null);
                sSLSocketFactory = sSLContext.getSocketFactory();
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return sSLSocketFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setRequireClientAuth(boolean z) {
        this.requireClientAuth = z;
    }

    @Override // com.pcbsys.foundation.drivers.fSocketDriver, com.pcbsys.foundation.drivers.fDriver
    public boolean isRequireClientAuth() {
        return this.requireClientAuth;
    }

    @Override // com.pcbsys.foundation.drivers.fSocketDriver, com.pcbsys.foundation.drivers.fDriver
    public boolean isSecure() {
        return true;
    }

    @Override // com.pcbsys.foundation.drivers.fDriver
    public fSubject getSubject() {
        fSubject subject = super.getSubject();
        if (subject == null) {
            this.mySubject = fSubjectHelper.extractSubject("", this.mySocket, ((SSLSocket) this.mySocket).getSession(), this.requireClientAuth, this.myAuthHandler);
            subject = this.mySubject;
        }
        return subject;
    }

    @Override // com.pcbsys.foundation.drivers.fSocketDriver, com.pcbsys.foundation.drivers.fDriver
    public void updateResource(String str, Object[] objArr) throws fException {
        if (this.myAuthHandler instanceof fClientLoginContext) {
            fClientLoginContext fclientlogincontext = (fClientLoginContext) this.myAuthHandler;
            fclientlogincontext.setResource(str, objArr);
            setSubject(fclientlogincontext.getSubject());
        }
    }

    @Override // com.pcbsys.foundation.drivers.fSocketDriver, com.pcbsys.foundation.drivers.fDriver
    public void close() throws IOException, fException {
        setClosed(true);
        CloseWatcher closeWatcher = new CloseWatcher();
        fThreadScheduler.getInstance().addTask(closeWatcher, 40000L);
        try {
            this.myAuthHandler.logout(this);
            super.remove();
            this.myStartCloseTime = fTimer.getTicks();
            try {
                this.mySocket.setSoLinger(false, 10);
            } catch (Exception e) {
            }
            this.mySocket.close();
            if (fTimer.getTicks() - this.myStartCloseTime > 1000) {
                fConstants.logger.info("Socket Close took " + (fTimer.getTicks() - this.myStartCloseTime));
            }
            if (fConstants.logger.isDebugEnabled()) {
                fConstants.logger.debug("Protocol: NSPS: " + getId() + " disconnected.");
            }
            fThreadScheduler.getInstance().delTask(closeWatcher);
        } catch (Throwable th) {
            fThreadScheduler.getInstance().delTask(closeWatcher);
            throw th;
        }
    }

    @Override // com.pcbsys.foundation.drivers.fSSLDriver
    public SSLSession getSSLSession() {
        return ((SSLSocket) this.mySocket).getSession();
    }
}
