package com.sun.messaging.jmq.jmsserver.util;

import com.sun.grizzly.portunif.TLSPUPreProcessor;
import com.sun.messaging.jmq.jmsserver.Broker;
import com.sun.messaging.jmq.jmsserver.Globals;
import com.sun.messaging.jmq.jmsserver.config.BrokerConfig;
import com.sun.messaging.jmq.jmsserver.net.tls.DefaultTrustManager;
import com.sun.messaging.jmq.jmsserver.resources.BrokerResources;
import com.sun.messaging.jmq.util.Password;
import com.sun.messaging.jmq.util.StringUtil;
import com.sun.messaging.jmq.util.log.Logger;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Properties;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:com/sun/messaging/jmq/jmsserver/util/KeystoreUtil.class */
public class KeystoreUtil implements SSLPropertyMap {
    public static final String KEYSTORE_DIR_PROP = "imq.keystore.file.dirpath";
    public static final String KEYSTORE_FILE_PROP = "imq.keystore.file.name";
    public static final String KEYSTORE_PASSWORD_PROP = "imq.keystore.password";
    private static String keystore_location = null;
    private static String pass_phrase = null;
    protected static final BrokerResources br = Globals.getBrokerResources();
    public static final String KEYSTORE_FILE = "javax.net.ssl.keyStore";
    public static final String KEYSTORE_PASSWORD = "javax.net.ssl.keyStorePassword";
    public static final String KEYSTORE_TYPE = "javax.net.ssl.keyStoreType";
    public static final String TRUSTSTORE_FILE = "javax.net.ssl.trustStore";
    public static final String TRUSTSTORE_PASSWORD = "javax.net.ssl.trustStorePassword";
    public static final String TRUSTSTORE_TYPE = "javax.net.ssl.trustStoreType";
    public static final String KEYSTORE_ALGORITHM = "ssl.KeyManagerFactory.algorithm";
    public static final String TRUSTSTORE_ALGORITHM = "ssl.TrustManagerFactory.algorithm";
    public static final String SECURESOCKET_PROTOCOL = "securesocket.protocol";

    public static void clear() {
        keystore_location = null;
    }

    public static String getKeystoreLocation() throws IOException {
        if (keystore_location == null) {
            BrokerConfig config = Globals.getConfig();
            String property = System.getProperty("file.separator");
            String property2 = config.getProperty(KEYSTORE_DIR_PROP);
            keystore_location = (property2 != null ? StringUtil.expandVariables(property2, config) : config.getProperty("imq.varhome") + property + "security") + property + config.getProperty(KEYSTORE_FILE_PROP);
        }
        return keystore_location;
    }

    public static String getKeystorePassword() throws IOException {
        if (pass_phrase == null) {
            pass_phrase = Globals.getConfig().getProperty(KEYSTORE_PASSWORD_PROP);
            int i = 0;
            Password password = new Password();
            while (true) {
                if ((pass_phrase != null && !pass_phrase.equals("")) || i > 5) {
                    break;
                }
                System.err.print(br.getString(BrokerResources.M_ENTER_KEY_PWD, getKeystoreLocation()));
                System.err.flush();
                if (Broker.getBroker().background) {
                    System.err.print("\n");
                    break;
                }
                pass_phrase = password.getPassword();
                i++;
            }
        }
        return pass_phrase;
    }

    @Override // com.sun.messaging.jmq.jmsserver.util.SSLPropertyMap
    public String mapSSLProperty(String str) {
        return str;
    }

    public static Properties getDefaultSSLContextConfig(String str, SSLPropertyMap sSLPropertyMap) throws Exception {
        if (sSLPropertyMap == null) {
            sSLPropertyMap = new KeystoreUtil();
        }
        Properties properties = new Properties();
        String keystoreLocation = getKeystoreLocation();
        if (!new File(keystoreLocation).exists()) {
            throw new IOException(Globals.getBrokerResources().getKString(BrokerResources.E_KEYSTORE_NOT_EXIST, keystoreLocation));
        }
        properties.setProperty(sSLPropertyMap.mapSSLProperty("javax.net.ssl.keyStore"), keystoreLocation);
        properties.setProperty(sSLPropertyMap.mapSSLProperty("javax.net.ssl.trustStore"), keystoreLocation);
        String keystorePassword = getKeystorePassword();
        if (keystorePassword == null) {
            throw new IOException(Globals.getBrokerResources().getKString(BrokerResources.E_PASS_PHRASE_NULL));
        }
        properties.setProperty(sSLPropertyMap.mapSSLProperty("javax.net.ssl.keyStorePassword"), keystorePassword);
        properties.setProperty(sSLPropertyMap.mapSSLProperty("javax.net.ssl.trustStorePassword"), keystorePassword);
        properties.setProperty(sSLPropertyMap.mapSSLProperty("javax.net.ssl.keyStoreType"), "JKS");
        properties.setProperty(sSLPropertyMap.mapSSLProperty("javax.net.ssl.trustStoreType"), "JKS");
        String str2 = "SunX509";
        try {
            KeyManagerFactory.getInstance("SunX509");
        } catch (NoSuchAlgorithmException e) {
            str2 = KeyManagerFactory.getDefaultAlgorithm();
            Logger logger = Globals.getLogger();
            Globals.getLogger();
            logger.log(8, str + ":" + e.getMessage() + ", use default KeyManagerFactory algorithm " + str2);
        }
        properties.setProperty(sSLPropertyMap.mapSSLProperty("ssl.KeyManagerFactory.algorithm"), str2);
        String str3 = "SunX509";
        try {
            TrustManagerFactory.getInstance("SunX509");
        } catch (NoSuchAlgorithmException e2) {
            str3 = TrustManagerFactory.getDefaultAlgorithm();
            Logger logger2 = Globals.getLogger();
            Globals.getLogger();
            logger2.log(8, str + ":" + e2.getMessage() + ", use default TrustManagerFactory algorithm " + str3);
        }
        properties.setProperty(sSLPropertyMap.mapSSLProperty("ssl.TrustManagerFactory.algorithm"), str3);
        properties.setProperty(sSLPropertyMap.mapSSLProperty("securesocket.protocol"), TLSPUPreProcessor.ID);
        return properties;
    }

    public static SSLContext getDefaultSSLContext(String str, boolean z) throws Exception {
        KeyManagerFactory keyManagerFactory;
        TrustManager[] trustManagerArr;
        TrustManagerFactory trustManagerFactory;
        String keystoreLocation = getKeystoreLocation();
        if (!new File(keystoreLocation).exists()) {
            throw new IOException(Globals.getBrokerResources().getKString(BrokerResources.E_KEYSTORE_NOT_EXIST, keystoreLocation));
        }
        String keystorePassword = getKeystorePassword();
        if (keystorePassword == null) {
            throw new IOException(Globals.getBrokerResources().getKString(BrokerResources.E_PASS_PHRASE_NULL));
        }
        char[] charArray = keystorePassword.toCharArray();
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(new FileInputStream(keystoreLocation), charArray);
        try {
            keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        } catch (NoSuchAlgorithmException e) {
            String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
            Logger logger = Globals.getLogger();
            Globals.getLogger();
            logger.log(8, str + ":" + e.getMessage() + ", use default KeyManagerFactory algorithm " + defaultAlgorithm);
            keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        }
        keyManagerFactory.init(keyStore, charArray);
        if (z) {
            trustManagerArr = new TrustManager[]{new DefaultTrustManager()};
        } else {
            try {
                trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
            } catch (NoSuchAlgorithmException e2) {
                String defaultAlgorithm2 = TrustManagerFactory.getDefaultAlgorithm();
                Logger logger2 = Globals.getLogger();
                Globals.getLogger();
                logger2.log(8, str + ":" + e2.getMessage() + ", use default TrustManagerFactory algorithm " + defaultAlgorithm2);
                trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm2);
            }
            trustManagerFactory.init(keyStore);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        }
        SSLContext sSLContext = SSLContext.getInstance(TLSPUPreProcessor.ID);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerArr, SecureRandom.getInstance("SHA1PRNG"));
        return sSLContext;
    }
}
