package com.pcbsys.foundation.drivers;

import com.pcbsys.foundation.drivers.configuration.fBaseDriverConfig;
import com.pcbsys.foundation.drivers.configuration.fBaseSSLConfig;
import com.pcbsys.foundation.drivers.configuration.fDriverConfig;
import com.pcbsys.foundation.drivers.handlers.fAcceptHandler;
import com.pcbsys.foundation.drivers.jdk.fJDKHelper;
import com.pcbsys.foundation.fConstants;
import com.pcbsys.foundation.threads.fThread;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:com/pcbsys/foundation/drivers/fSSLServerSocketDriver.class */
public class fSSLServerSocketDriver extends fServerSocketDriver {
    private boolean myClientRequired;

    /* loaded from: input_file:com/pcbsys/foundation/drivers/fSSLServerSocketDriver$HandshakeComplete.class */
    private class HandshakeComplete implements HandshakeCompletedListener {
        SSLSocket aSocket;
        boolean handShakeEnded = false;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:com/pcbsys/foundation/drivers/fSSLServerSocketDriver$HandshakeComplete$fSSLHandShake.class */
        public class fSSLHandShake extends fThread {
            private SSLSocket mySSLSocket;

            public fSSLHandShake(SSLSocket sSLSocket) {
                this.mySSLSocket = sSLSocket;
                setName("SSL-HandshakeThread-" + sSLSocket.getInetAddress().getHostAddress());
                setDaemon(true);
                start();
            }

            @Override // com.pcbsys.foundation.threads.fThread
            public void run() {
                try {
                    this.mySSLSocket.startHandshake();
                } catch (Exception e) {
                    fConstants.logger.error("SSL handshake failure with remote host : " + this.mySSLSocket.getInetAddress().getHostAddress());
                    fConstants.logger.error(e.getMessage());
                    try {
                        this.mySSLSocket.close();
                    } catch (Exception e2) {
                    }
                    synchronized (HandshakeComplete.this) {
                        HandshakeComplete.this.notify();
                    }
                }
            }
        }

        public HandshakeComplete(SSLSocket sSLSocket) throws IOException {
            this.aSocket = sSLSocket;
            validate();
        }

        private void validate() throws IOException {
            long currentTimeMillis = fConstants.logger.isInfoEnabled() ? System.currentTimeMillis() : 0L;
            if (fConstants.logger.isDebugEnabled()) {
                fConstants.logger.debug("SSL handshake starting with remote host : " + this.aSocket.getInetAddress().getHostAddress());
            }
            synchronized (this) {
                this.aSocket.addHandshakeCompletedListener(this);
                try {
                    new fSSLHandShake(this.aSocket);
                    if (!this.handShakeEnded) {
                        try {
                            wait(fSSLServerSocketDriver.this.myTimeout);
                        } catch (Exception e) {
                        }
                    }
                } catch (Throwable th) {
                    this.aSocket.close();
                    throw new IOException("Unable to allocate a SSL Handshake completion thread");
                }
            }
            if (!this.handShakeEnded) {
                fConstants.logger.error("SSL handshake time out failure with remote host : " + this.aSocket.getInetAddress().getHostAddress());
                try {
                    this.aSocket.close();
                } catch (Exception e2) {
                }
                throw new IOException("Unable to complete SSL handshake within time frame");
            }
            if (fConstants.logger.isDebugEnabled()) {
                fConstants.logger.debug("SSL Handshake took " + (System.currentTimeMillis() - currentTimeMillis));
            }
            if (fSSLServerSocketDriver.this.myClientRequired) {
                try {
                    for (X509Certificate x509Certificate : this.aSocket.getSession().getPeerCertificateChain()) {
                        x509Certificate.checkValidity();
                    }
                } catch (Exception e3) {
                    fConstants.logger.log("SSL Peer unverified. Peer host = " + fServerSocketDriver.sMyHostName + " Reason: " + e3.getMessage());
                    throw new IOException("SSL Peer unverified");
                }
            }
        }

        @Override // javax.net.ssl.HandshakeCompletedListener
        public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
            synchronized (this) {
                this.handShakeEnded = true;
                notify();
            }
            handshakeCompletedEvent.getSocket().removeHandshakeCompletedListener(this);
        }
    }

    public fSSLServerSocketDriver(fBaseDriverConfig fbasedriverconfig, fAcceptHandler faccepthandler, String str) throws IOException {
        super(fbasedriverconfig, faccepthandler, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.pcbsys.foundation.drivers.fServerSocketDriver
    protected void createServerSocket(fBaseDriverConfig fbasedriverconfig) throws IOException {
        SSLServerSocket sSLServerSocket = (SSLServerSocket) ((SSLContext) fJDKHelper.getSSLContextFactory().getContext((fBaseSSLConfig) fbasedriverconfig)).getServerSocketFactory().createServerSocket(fbasedriverconfig.getPort(), fbasedriverconfig.getBacklog(), InetAddress.getByName(fbasedriverconfig.getAdapter()));
        sSLServerSocket.setReceiveBufferSize(fbasedriverconfig.getReadBufferSize());
        fBaseSSLConfig fbasesslconfig = (fBaseSSLConfig) fbasedriverconfig;
        sSLServerSocket.setNeedClientAuth(fbasesslconfig.getCertRequired());
        if (fbasesslconfig.getEnabledCiphers() != null) {
            sSLServerSocket.setEnabledCipherSuites(fbasesslconfig.getEnabledCiphers());
        } else {
            fbasesslconfig.setEnabledCiphers(sSLServerSocket.getEnabledCipherSuites());
        }
        fbasesslconfig.setConfigredCiphers(sSLServerSocket.getSupportedCipherSuites());
        logCipherList(fbasedriverconfig, sSLServerSocket.getEnabledCipherSuites());
        this.myContext.setConnectionValidator(fSubjectHelper.loadValidator(fbasedriverconfig));
        this.myClientRequired = fbasesslconfig.getCertRequired();
        this.myServerSocket = sSLServerSocket;
    }

    private void logCipherList(fDriverConfig fdriverconfig, String[] strArr) {
        for (String str : strArr) {
            fConstants.logger.log("SSL CipherList for " + fdriverconfig.getURL() + " " + str);
        }
    }

    @Override // com.pcbsys.foundation.drivers.fServerSocketDriver, com.pcbsys.foundation.drivers.fServerDriver
    public boolean validate(fDriver fdriver) throws IOException {
        if (!(fdriver instanceof fSSLSocketDriver)) {
            return true;
        }
        new HandshakeComplete((SSLSocket) ((fSSLSocketDriver) fdriver).mySocket);
        return true;
    }

    @Override // com.pcbsys.foundation.drivers.fServerSocketDriver
    protected fDriver createDriver(Socket socket) throws Exception {
        fSSLSocketDriver fsslsocketdriver = new fSSLSocketDriver(socket, this.myContext);
        fsslsocketdriver.setProtocolId(this.myProtocolId);
        fsslsocketdriver.setRequireClientAuth(this.myClientRequired);
        return fsslsocketdriver;
    }
}
