package org.w3c.jigsaw.https;

import java.io.ByteArrayInputStream;
import java.lang.reflect.Method;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.StringTokenizer;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.security.cert.X509Certificate;
import org.apache.log4j.spi.Configurator;
import org.w3c.jigsaw.auth.AuthFilter;
import org.w3c.jigsaw.daemon.ServerHandlerInitException;
import org.w3c.jigsaw.http.Client;
import org.w3c.jigsaw.http.Request;
import org.w3c.jigsaw.http.httpd;
import org.w3c.jigsaw.https.socket.SSLProperties;
import org.w3c.jigsaw.https.socket.SSLSocketClient;
import org.w3c.tools.resources.ProtocolException;
import org.w3c.tools.resources.RequestInterface;
import org.w3c.util.ObservableProperties;

/* loaded from: input_file:org/w3c/jigsaw/https/SSLAdapter.class */
public class SSLAdapter {
    private static final Method initCause;
    private static final boolean supportsNewStyleCertificates;
    private static final CertificateFactory x509Factory;
    private static boolean debug;
    private static final Object NO_ENTRY;
    private static final String ALGORITHM = "javax.servlet.request.cipher_suite";
    private static final String KEYSIZE = "javax.servlet.request.key_size";
    private static final String CERTCHAIN = "javax.servlet.request.X509Certificate";
    private static final String CLIENT_CERT_AUTH = "CLIENT_CERT";
    private boolean ssl_enabled;
    private httpd daemon;
    private URL url;
    static Class class$java$lang$Throwable;
    static Class class$javax$net$ssl$SSLSession;
    static Class class$org$w3c$jigsaw$https$socket$SSLSocketClientFactory;

    public static final void fillInStackTrace(Throwable th, Throwable th2) {
        if (null != initCause) {
            try {
                initCause.invoke(th, th2);
            } catch (Exception e) {
            }
        }
    }

    private static final SSLSession getSession(Request request) {
        Client client = request.getClient();
        if (client instanceof SSLSocketClient) {
            return ((SSLSocketClient) client).getSession();
        }
        return null;
    }

    private static final Integer getKeySize(String str) {
        if (null == str) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, "_");
        while (stringTokenizer.hasMoreTokens()) {
            try {
                return Integer.valueOf(stringTokenizer.nextToken());
            } catch (NumberFormatException e) {
            }
        }
        return null;
    }

    private static final Integer getKeySize(String str, SSLSession sSLSession) {
        Object value = sSLSession.getValue(new StringBuffer().append("javax.servlet.request.key_size.").append(str).toString());
        if (value instanceof Integer) {
            return (Integer) value;
        }
        if (null != value) {
            return null;
        }
        Integer keySize = getKeySize(str);
        if (null != keySize) {
            sSLSession.putValue(new StringBuffer().append("javax.servlet.request.key_size.").append(str).toString(), keySize);
            return keySize;
        }
        sSLSession.putValue(new StringBuffer().append("javax.servlet.request.key_size.").append(str).toString(), NO_ENTRY);
        return null;
    }

    private static final Certificate[] getPeerCertificates(SSLSession sSLSession) throws SSLPeerUnverifiedException {
        try {
            if (supportsNewStyleCertificates) {
                return sSLSession.getPeerCertificates();
            }
            if (null == x509Factory) {
                throw new SSLPeerUnverifiedException("No suitable certificate compatibility applicable");
            }
            X509Certificate[] peerCertificateChain = sSLSession.getPeerCertificateChain();
            if (null == peerCertificateChain) {
                throw new SSLPeerUnverifiedException("No peer certificates available");
            }
            int length = peerCertificateChain.length;
            java.security.cert.X509Certificate[] x509CertificateArr = new java.security.cert.X509Certificate[length];
            for (int i = 0; i < length; i++) {
                x509CertificateArr[i] = (java.security.cert.X509Certificate) x509Factory.generateCertificate(new ByteArrayInputStream(peerCertificateChain[i].getEncoded()));
            }
            return x509CertificateArr;
        } catch (SSLPeerUnverifiedException e) {
            throw e;
        } catch (Exception e2) {
            SSLPeerUnverifiedException sSLPeerUnverifiedException = new SSLPeerUnverifiedException(e2.toString());
            fillInStackTrace(sSLPeerUnverifiedException, e2);
            throw sSLPeerUnverifiedException;
        }
    }

    public SSLAdapter(httpd httpdVar) {
        this.ssl_enabled = false;
        this.daemon = null;
        this.url = null;
        if (null == httpdVar) {
            throw new NullPointerException("No daemon intance supplied for  creating SSL adapter");
        }
        this.ssl_enabled = false;
        this.daemon = httpdVar;
        this.url = null;
    }

    public void initializeProperties() throws ServerHandlerInitException {
        Class cls;
        ObservableProperties properties = this.daemon.getProperties();
        if (properties.getBoolean(SSLProperties.SSL_ENABLED_P, true)) {
            String string = properties.getString(httpd.CLIENT_FACTORY_P, null);
            if (null == string) {
                throw new ServerHandlerInitException("No socket client factory specified");
            }
            try {
                Class<?> cls2 = Class.forName(string);
                if (class$org$w3c$jigsaw$https$socket$SSLSocketClientFactory == null) {
                    cls = class$("org.w3c.jigsaw.https.socket.SSLSocketClientFactory");
                    class$org$w3c$jigsaw$https$socket$SSLSocketClientFactory = cls;
                } else {
                    cls = class$org$w3c$jigsaw$https$socket$SSLSocketClientFactory;
                }
                this.ssl_enabled = cls.isAssignableFrom(cls2);
            } catch (Exception e) {
                this.daemon.fatal(e, "Initialization failed");
                if (debug) {
                    System.out.println("Initialization failed");
                    e.printStackTrace();
                }
                ServerHandlerInitException serverHandlerInitException = new ServerHandlerInitException(e.getMessage());
                fillInStackTrace(serverHandlerInitException, e);
                throw serverHandlerInitException;
            }
        } else {
            this.ssl_enabled = false;
        }
        this.url = null;
    }

    public void perform(RequestInterface requestInterface) throws ProtocolException {
        Request request = (Request) requestInterface;
        if (this.ssl_enabled) {
            URL url = request.getURL();
            try {
                request.setURL(new URL("https", url.getHost(), url.getPort(), url.getFile()));
                SSLSession session = getSession(request);
                if (null != session) {
                    String cipherSuite = session.getCipherSuite();
                    request.setState(ALGORITHM, cipherSuite);
                    Integer keySize = getKeySize(cipherSuite, session);
                    if (null != keySize) {
                        request.setState(KEYSIZE, keySize);
                    }
                    try {
                        Certificate[] peerCertificates = getPeerCertificates(session);
                        if (peerCertificates instanceof java.security.cert.X509Certificate[]) {
                            java.security.cert.X509Certificate[] x509CertificateArr = (java.security.cert.X509Certificate[]) peerCertificates;
                            request.setState(CERTCHAIN, x509CertificateArr);
                            request.setState(AuthFilter.STATE_AUTHTYPE, CLIENT_CERT_AUTH);
                            if (x509CertificateArr.length > 0) {
                                request.setState(AuthFilter.STATE_AUTHUSER, x509CertificateArr[0].getSubjectDN().getName());
                            }
                        }
                    } catch (SSLPeerUnverifiedException e) {
                        if (debug) {
                            e.printStackTrace();
                        }
                    }
                }
            } catch (MalformedURLException e2) {
                this.daemon.fatal(e2, "Bad url during switching to https");
                if (debug) {
                    System.out.println("Bad url during switching to https");
                    e2.printStackTrace();
                }
                ProtocolException protocolException = new ProtocolException(e2.getMessage());
                fillInStackTrace(protocolException, e2);
                throw protocolException;
            }
        }
    }

    public URL getURL() {
        if (this.url == null) {
            if (this.ssl_enabled) {
                try {
                    if (this.daemon.getPort() != 443) {
                        this.url = new URL("https", this.daemon.getHost(), this.daemon.getPort(), "/");
                    } else {
                        this.url = new URL("https", this.daemon.getHost(), "/");
                    }
                } catch (MalformedURLException e) {
                    if (debug) {
                        e.printStackTrace();
                    }
                    throw new RuntimeException(new StringBuffer().append("Unable to construct server uri. (").append(e.getMessage()).append(")").toString());
                }
            } else {
                try {
                    if (this.daemon.getPort() != 80) {
                        this.url = new URL("http", this.daemon.getHost(), this.daemon.getPort(), "/");
                    } else {
                        this.url = new URL("http", this.daemon.getHost(), "/");
                    }
                } catch (MalformedURLException e2) {
                    throw new RuntimeException(new StringBuffer().append("Unable to construct server uri. (").append(e2.getMessage()).append(")").toString());
                }
            }
        }
        return this.url;
    }

    public boolean sslEnabled() {
        return this.ssl_enabled;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    /* JADX WARN: Finally extract failed */
    static {
        Class cls;
        Class<?> cls2;
        Class cls3;
        if (class$java$lang$Throwable == null) {
            cls = class$("java.lang.Throwable");
            class$java$lang$Throwable = cls;
        } else {
            cls = class$java$lang$Throwable;
        }
        Class cls4 = cls;
        Class<?>[] clsArr = new Class[1];
        if (class$java$lang$Throwable == null) {
            cls2 = class$("java.lang.Throwable");
            class$java$lang$Throwable = cls2;
        } else {
            cls2 = class$java$lang$Throwable;
        }
        clsArr[0] = cls2;
        Method method = null;
        try {
            method = cls4.getMethod("initCause", clsArr);
            initCause = method;
        } catch (Exception e) {
            initCause = null;
        } catch (Throwable th) {
            initCause = method;
            throw th;
        }
        boolean z = false;
        CertificateFactory certificateFactory = null;
        try {
            try {
                if (class$javax$net$ssl$SSLSession == null) {
                    cls3 = class$("javax.net.ssl.SSLSession");
                    class$javax$net$ssl$SSLSession = cls3;
                } else {
                    cls3 = class$javax$net$ssl$SSLSession;
                }
                supportsNewStyleCertificates = null != cls3.getMethod("getPeerCertificates", (Class[]) null);
                x509Factory = null;
            } catch (Exception e2) {
                z = false;
                try {
                    certificateFactory = CertificateFactory.getInstance("X.509");
                } catch (Exception e3) {
                    certificateFactory = null;
                }
                supportsNewStyleCertificates = false;
                x509Factory = certificateFactory;
            }
            debug = false;
            NO_ENTRY = Configurator.NULL;
        } catch (Throwable th2) {
            supportsNewStyleCertificates = z;
            x509Factory = certificateFactory;
            throw th2;
        }
    }
}
