package org.dcm4cheri.util;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.net.ServerSocketFactory;
import javax.net.SocketFactory;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.log4j.Logger;
import org.dcm4che.util.HandshakeFailedEvent;
import org.dcm4che.util.HandshakeFailedListener;
import org.dcm4che.util.SSLContextAdapter;

/* loaded from: input_file:ExportManager/dcm4che.jar:org/dcm4cheri/util/SSLContextAdapterImpl.class */
public class SSLContextAdapterImpl extends SSLContextAdapter {
    static final Logger log;
    private final SSLContext ctx;
    private final KeyManagerFactory kmf;
    private final TrustManagerFactory tmf;
    static Class class$org$dcm4cheri$util$SSLContextAdapterImpl;
    private String[] protocols = {"TLSv1", "SSLv3"};
    private SecureRandom random = null;
    private KeyManager[] kms = null;
    private TrustManager[] tms = null;
    private boolean dirty = true;
    private boolean needClientAuth = true;
    private SSLServerSocket unboundSSLServerSocket = null;
    private List hcl = null;
    private List hfl = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:ExportManager/dcm4che.jar:org/dcm4cheri/util/SSLContextAdapterImpl$ConfigurationError.class */
    public static class ConfigurationError extends Error {
        ConfigurationError(String str, Exception exc) {
            super(str, exc);
        }
    }

    /* loaded from: input_file:ExportManager/dcm4che.jar:org/dcm4cheri/util/SSLContextAdapterImpl$SSLServerSocketFactoryAdapter.class */
    private class SSLServerSocketFactoryAdapter extends ServerSocketFactory {
        final SSLServerSocketFactory ssf;
        final String[] cipherSuites;
        private final SSLContextAdapterImpl this$0;

        SSLServerSocketFactoryAdapter(SSLContextAdapterImpl sSLContextAdapterImpl, String[] strArr) throws GeneralSecurityException {
            this.this$0 = sSLContextAdapterImpl;
            this.ssf = sSLContextAdapterImpl.getSSLContext().getServerSocketFactory();
            this.cipherSuites = strArr != null ? SSLContextAdapterImpl.supported(strArr, this.ssf.getSupportedCipherSuites()) : null;
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i, int i2) throws IOException {
            return init((SSLServerSocket) this.ssf.createServerSocket(i, i2));
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
            return init((SSLServerSocket) this.ssf.createServerSocket(i, i2, inetAddress));
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i) throws IOException {
            return init((SSLServerSocket) this.ssf.createServerSocket(i));
        }

        private ServerSocket init(SSLServerSocket sSLServerSocket) {
            sSLServerSocket.setNeedClientAuth(this.this$0.isNeedClientAuth());
            sSLServerSocket.setEnabledProtocols(this.this$0.getEnabledProtocols());
            if (this.cipherSuites != null) {
                sSLServerSocket.setEnabledCipherSuites(this.cipherSuites);
            }
            return sSLServerSocket;
        }
    }

    /* loaded from: input_file:ExportManager/dcm4che.jar:org/dcm4cheri/util/SSLContextAdapterImpl$SSLSocketFactoryAdapter.class */
    private class SSLSocketFactoryAdapter extends SocketFactory {
        final SSLSocketFactory sf;
        final String[] cipherSuites;
        private final SSLContextAdapterImpl this$0;

        SSLSocketFactoryAdapter(SSLContextAdapterImpl sSLContextAdapterImpl, String[] strArr) throws GeneralSecurityException {
            this.this$0 = sSLContextAdapterImpl;
            this.sf = sSLContextAdapterImpl.getSSLContext().getSocketFactory();
            this.cipherSuites = strArr != null ? SSLContextAdapterImpl.supported(strArr, this.sf.getSupportedCipherSuites()) : null;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket() throws IOException {
            SSLSocket sSLSocket = (SSLSocket) this.sf.createSocket();
            if (this.cipherSuites != null) {
                sSLSocket.setEnabledCipherSuites(this.cipherSuites);
            }
            sSLSocket.setEnabledProtocols(this.this$0.getEnabledProtocols());
            if (this.this$0.hcl != null) {
                int size = this.this$0.hcl.size();
                for (int i = 0; i < size; i++) {
                    sSLSocket.addHandshakeCompletedListener((HandshakeCompletedListener) this.this$0.hcl.get(i));
                }
            }
            return sSLSocket;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
            return init((SSLSocket) this.sf.createSocket(inetAddress, i));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
            return init((SSLSocket) this.sf.createSocket(inetAddress, i, inetAddress2, i2));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
            return init((SSLSocket) this.sf.createSocket(str, i, inetAddress, i2));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i) throws IOException {
            return init((SSLSocket) this.sf.createSocket(str, i));
        }

        private Socket init(SSLSocket sSLSocket) throws IOException {
            if (this.cipherSuites != null) {
                sSLSocket.setEnabledCipherSuites(this.cipherSuites);
            }
            sSLSocket.setEnabledProtocols(this.this$0.getEnabledProtocols());
            if (this.this$0.hcl != null) {
                int size = this.this$0.hcl.size();
                for (int i = 0; i < size; i++) {
                    sSLSocket.addHandshakeCompletedListener((HandshakeCompletedListener) this.this$0.hcl.get(i));
                }
            }
            this.this$0.startHandshake(sSLSocket);
            return sSLSocket;
        }
    }

    public static void main(String[] strArr) throws Exception {
        SSLContextAdapterImpl sSLContextAdapterImpl = new SSLContextAdapterImpl();
        System.out.println(new StringBuffer().append("SupportedCipherSuites").append(Arrays.asList(sSLContextAdapterImpl.getSupportedCipherSuites())).toString());
        System.out.println(new StringBuffer().append("SupportedProtocols").append(Arrays.asList(sSLContextAdapterImpl.getSupportedProtocols())).toString());
    }

    public SSLContextAdapterImpl() {
        try {
            this.ctx = SSLContext.getInstance("TLS");
            this.kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            this.tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        } catch (GeneralSecurityException e) {
            throw new ConfigurationError("could not instantiate SSLContext", e);
        }
    }

    public String toString() {
        return this.ctx.toString();
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void addHandshakeCompletedListener(HandshakeCompletedListener handshakeCompletedListener) {
        this.hcl = addToList(this.hcl, handshakeCompletedListener);
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void addHandshakeFailedListener(HandshakeFailedListener handshakeFailedListener) {
        this.hfl = addToList(this.hfl, handshakeFailedListener);
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void removeHandshakeCompletedListener(HandshakeCompletedListener handshakeCompletedListener) {
        this.hcl = removeFromList(this.hcl, handshakeCompletedListener);
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void removeHandshakeFailedListener(HandshakeFailedListener handshakeFailedListener) {
        this.hfl = removeFromList(this.hfl, handshakeFailedListener);
    }

    static List addToList(List list, Object obj) {
        if (list == null) {
            list = new ArrayList();
        }
        list.add(obj);
        return list;
    }

    static List removeFromList(List list, Object obj) {
        if (list == null) {
            return list;
        }
        list.remove(obj);
        if (list.size() == 0) {
            list = null;
        }
        return list;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public SSLContext getSSLContext() throws GeneralSecurityException {
        init();
        return this.ctx;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void setKey(KeyStore keyStore, char[] cArr) throws GeneralSecurityException {
        this.kmf.init(keyStore, cArr);
        this.kms = this.kmf.getKeyManagers();
        this.dirty = true;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void setTrust(KeyStore keyStore) throws GeneralSecurityException {
        this.tmf.init(keyStore);
        this.tms = this.tmf.getTrustManagers();
        this.dirty = true;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public KeyManager[] getKeyManagers() {
        return this.kms;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public TrustManager[] getTrustManagers() {
        return this.tms;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void seedRandom(long j) {
        try {
            this.random = SecureRandom.getInstance("SHA1PRNG");
            this.random.setSeed(j);
            this.dirty = true;
        } catch (GeneralSecurityException e) {
            throw new ConfigurationError("could not instantiate SecureRandom", e);
        }
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void setEnabledProtocols(String[] strArr) {
        this.protocols = (String[]) strArr.clone();
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public String[] getEnabledProtocols() {
        return (String[]) this.protocols.clone();
    }

    private SSLServerSocket getUnboundSSLServerSocket() {
        if (this.unboundSSLServerSocket != null) {
            return this.unboundSSLServerSocket;
        }
        try {
            this.unboundSSLServerSocket = (SSLServerSocket) this.ctx.getServerSocketFactory().createServerSocket();
            return this.unboundSSLServerSocket;
        } catch (IOException e) {
            throw new ConfigurationError("could not create unbounded ServerSocket", e);
        }
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public String[] getSupportedCipherSuites() {
        return getUnboundSSLServerSocket().getSupportedCipherSuites();
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public String[] getSupportedProtocols() {
        return getUnboundSSLServerSocket().getSupportedProtocols();
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public ServerSocketFactory getServerSocketFactory(String[] strArr) throws GeneralSecurityException {
        return new SSLServerSocketFactoryAdapter(this, strArr);
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public SocketFactory getSocketFactory(String[] strArr) throws GeneralSecurityException {
        return new SSLSocketFactoryAdapter(this, strArr);
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void init() throws GeneralSecurityException {
        if (this.dirty) {
            this.ctx.init(this.kms, this.tms, this.random);
            this.dirty = false;
        }
    }

    private String toKeyStoreType(String str) {
        return (str.endsWith(".p12") || str.endsWith(".P12")) ? "PKCS12" : "JKS";
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public KeyStore loadKeyStore(URL url, char[] cArr) throws GeneralSecurityException, IOException {
        InputStream openStream = url.openStream();
        try {
            return loadKeyStore(openStream, cArr, toKeyStoreType(url.getPath()));
        } finally {
            try {
                openStream.close();
            } catch (IOException e) {
            }
        }
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public KeyStore loadKeyStore(String str, char[] cArr) throws GeneralSecurityException, IOException {
        try {
            return loadKeyStore(new URL(str), cArr);
        } catch (MalformedURLException e) {
            return loadKeyStore(new File(str), cArr);
        }
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public KeyStore loadKeyStore(File file, char[] cArr) throws GeneralSecurityException, IOException {
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
        try {
            return loadKeyStore(bufferedInputStream, cArr, toKeyStoreType(file.getName()));
        } finally {
            try {
                bufferedInputStream.close();
            } catch (IOException e) {
            }
        }
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public KeyStore loadKeyStore(InputStream inputStream, char[] cArr, String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(inputStream, cArr);
        return keyStore;
    }

    static String[] supported(String[] strArr, String[] strArr2) {
        String[] strArr3 = new String[strArr.length];
        int i = 0;
        for (int i2 = 0; i2 < strArr.length; i2++) {
            if (contains(strArr2, strArr[i2])) {
                int i3 = i;
                i++;
                strArr3[i3] = strArr[i2];
            } else {
                log.warn(new StringBuffer().append("CipherSuite ").append(strArr[i2]).append(" not supported by JSSE provider.").toString());
            }
        }
        if (i < strArr3.length) {
            String[] strArr4 = new String[i];
            System.arraycopy(strArr3, 0, strArr4, 0, i);
            strArr3 = strArr4;
        }
        return strArr3;
    }

    static boolean contains(String[] strArr, String str) {
        for (String str2 : strArr) {
            if (str2.equals(str)) {
                return true;
            }
        }
        return false;
    }

    @Override // org.dcm4che.util.SSLContextAdapter
    public void startHandshake(SSLSocket sSLSocket) throws IOException {
        InetAddress inetAddress = sSLSocket.getInetAddress();
        try {
            sSLSocket.startHandshake();
            if (log.isInfoEnabled()) {
                SSLSession session = sSLSocket.getSession();
                try {
                    X509Certificate x509Certificate = (X509Certificate) session.getPeerCertificates()[0];
                    x509Certificate.checkValidity();
                    log.info(new StringBuffer().append(sSLSocket.getInetAddress().toString()).append(": accept ").append(session.getCipherSuite()).append(" with ").append(x509Certificate.getSubjectDN()).append(" valid from ").append(x509Certificate.getNotBefore()).append(" to ").append(x509Certificate.getNotAfter()).toString());
                } catch (CertificateException e) {
                    throw new IOException(e.getMessage());
                } catch (SSLPeerUnverifiedException e2) {
                    log.error("SSL peer not verified:", e2);
                }
            }
        } catch (IOException e3) {
            if (this.hfl != null) {
                HandshakeFailedEvent handshakeFailedEvent = new HandshakeFailedEvent(sSLSocket, inetAddress, e3);
                int size = this.hfl.size();
                for (int i = 0; i < size; i++) {
                    ((HandshakeFailedListener) this.hfl.get(i)).handshakeFailed(handshakeFailedEvent);
                }
            }
            throw e3;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$dcm4cheri$util$SSLContextAdapterImpl == null) {
            cls = class$("org.dcm4cheri.util.SSLContextAdapterImpl");
            class$org$dcm4cheri$util$SSLContextAdapterImpl = cls;
        } else {
            cls = class$org$dcm4cheri$util$SSLContextAdapterImpl;
        }
        log = Logger.getLogger(cls);
    }
}
