package io.trino.hadoop.$internal.com.microsoft.azure.datalake.store;

import io.trino.hadoop.$internal.org.apache.commons.cli.HelpFormatter;
import io.trino.hadoop.$internal.org.slf4j.Logger;
import io.trino.hadoop.$internal.org.slf4j.LoggerFactory;
import io.trino.hadoop.$internal.org.wildfly.openssl.OpenSSLProvider;
import io.trino.hadoop.$internal.org.wildfly.openssl.SSL;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.SocketException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.logging.Level;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import org.apache.hadoop.fs.azurebfs.constants.AbfsHttpConstants;

/* loaded from: input_file:io/trino/hadoop/$internal/com/microsoft/azure/datalake/store/SSLSocketFactoryEx.class */
public class SSLSocketFactoryEx extends SSLSocketFactory {
    private static SSLSocketFactoryEx instance = null;
    private static Object lock = new Object();
    private static final Logger log = LoggerFactory.getLogger("io.trino.hadoop.$internal.com.microsoft.azure.datalake.store.SSLSocketFactoryEx");
    private String userAgent;
    private SSLContext m_ctx;
    private String[] m_ciphers;
    private SSLChannelMode channelMode;

    /* loaded from: input_file:io/trino/hadoop/$internal/com/microsoft/azure/datalake/store/SSLSocketFactoryEx$SSLChannelMode.class */
    public enum SSLChannelMode {
        OpenSSL,
        Default,
        Default_JSE
    }

    public static SSLSocketFactoryEx getDefaultFactory(SSLChannelMode sSLChannelMode) throws IOException {
        if (instance == null) {
            synchronized (lock) {
                if (instance == null) {
                    instance = new SSLSocketFactoryEx(sSLChannelMode);
                    log.debug("SSLSocketFactoryEx created in " + sSLChannelMode.name() + " mode");
                }
            }
        }
        return instance;
    }

    public SSLSocketFactoryEx(SSLChannelMode sSLChannelMode) throws IOException {
        this.channelMode = sSLChannelMode;
        try {
            initSSLSocketFactoryEx(null, null, null);
            this.userAgent = this.m_ctx.getProvider().getName() + HelpFormatter.DEFAULT_OPT_PREFIX + this.m_ctx.getProvider().getVersion();
        } catch (KeyManagementException e) {
            throw new IOException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new IOException(e2);
        }
    }

    public String getUserAgent() {
        return this.userAgent;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return this.m_ciphers;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return this.m_ciphers;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket() throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.m_ctx.getSocketFactory().createSocket();
        configureSocket(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.m_ctx.getSocketFactory().createSocket(socket, str, i, z);
        configureSocket(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.m_ctx.getSocketFactory().createSocket(inetAddress, i, inetAddress2, i2);
        configureSocket(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.m_ctx.getSocketFactory().createSocket(str, i, inetAddress, i2);
        configureSocket(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.m_ctx.getSocketFactory().createSocket(inetAddress, i);
        configureSocket(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.m_ctx.getSocketFactory().createSocket(str, i);
        configureSocket(sSLSocket);
        return sSLSocket;
    }

    private void configureSocket(SSLSocket sSLSocket) throws SocketException {
        sSLSocket.setEnabledCipherSuites(this.m_ciphers);
    }

    private void initSSLSocketFactoryEx(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, SecureRandom secureRandom) throws NoSuchAlgorithmException, KeyManagementException, IOException {
        switch (this.channelMode) {
            case Default:
                try {
                    java.util.logging.Logger.getLogger(SSL.class.getName()).setLevel(Level.WARNING);
                    this.m_ctx = SSLContext.getInstance("openssl.TLS");
                    this.m_ctx.init(keyManagerArr, trustManagerArr, secureRandom);
                    this.channelMode = SSLChannelMode.OpenSSL;
                    break;
                } catch (NoSuchAlgorithmException e) {
                    log.info("Failed to load OpenSSL library. Fallback to default JSE. ", (Throwable) e);
                    this.m_ctx = SSLContext.getDefault();
                    this.channelMode = SSLChannelMode.Default_JSE;
                    break;
                }
            case Default_JSE:
                this.m_ctx = SSLContext.getDefault();
                break;
            case OpenSSL:
                this.m_ctx = SSLContext.getInstance("openssl.TLS");
                this.m_ctx.init(keyManagerArr, trustManagerArr, secureRandom);
                break;
        }
        String[] supportedCipherSuites = this.m_ctx.getSocketFactory().getSupportedCipherSuites();
        this.m_ciphers = (this.channelMode == SSLChannelMode.Default_JSE && System.getProperty(AbfsHttpConstants.JAVA_VERSION).startsWith("1.8")) ? alterCipherList(supportedCipherSuites) : supportedCipherSuites;
    }

    private String[] alterCipherList(String[] strArr) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < strArr.length; i++) {
            if (strArr[i].contains("_GCM_")) {
                log.info("Removed Cipher - " + strArr[i]);
            } else {
                arrayList.add(strArr[i]);
            }
        }
        this.m_ciphers = (String[]) arrayList.toArray(new String[0]);
        return this.m_ciphers;
    }

    static {
        OpenSSLProvider.register();
    }
}
