package com.maconomy.coupling.protocol.security;

import com.maconomy.util.MiOpt;
import com.maconomy.util.typesafe.MiList;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/maconomy/coupling/protocol/security/McSecureSocketFactory.class */
public final class McSecureSocketFactory {
    private static final Logger logger = LoggerFactory.getLogger(McSecureSocketFactory.class);
    private static final String KEYSTORE_TYPE = "JKS";
    private static final String CS_PUBLIC_KEYSTORE_PASSWORD = "cspubpass";
    private static final String CS_PRIVATE_KEYSTORE_PASSWORD = "csprivpass";

    /* loaded from: input_file:com/maconomy/coupling/protocol/security/McSecureSocketFactory$CustomSSLServerSocketFactory.class */
    private static class CustomSSLServerSocketFactory extends SSLServerSocketFactory {
        private final SSLServerSocketFactory internalSSLServerSocketFactory;
        private final MiOpt<String> secureSocketProtocol;
        private final MiList<String> secureSocketCiphers;

        public CustomSSLServerSocketFactory(SSLServerSocketFactory sSLServerSocketFactory, MiOpt<String> miOpt, MiList<String> miList) {
            this.internalSSLServerSocketFactory = sSLServerSocketFactory;
            this.secureSocketProtocol = miOpt;
            this.secureSocketCiphers = miList;
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket() throws IOException {
            return customizeSecureSocket(this.internalSSLServerSocketFactory.createServerSocket());
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i) throws IOException {
            return customizeSecureSocket(this.internalSSLServerSocketFactory.createServerSocket(i));
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i, int i2) throws IOException {
            return customizeSecureSocket(this.internalSSLServerSocketFactory.createServerSocket(i, i2));
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
            return customizeSecureSocket(this.internalSSLServerSocketFactory.createServerSocket(i, i2, inetAddress));
        }

        @Override // javax.net.ssl.SSLServerSocketFactory
        public String[] getDefaultCipherSuites() {
            return McSecureSocketUtil.getSecureSocketCiphers(this.secureSocketCiphers);
        }

        @Override // javax.net.ssl.SSLServerSocketFactory
        public String[] getSupportedCipherSuites() {
            return McSecureSocketUtil.getSecureSocketCiphers(this.secureSocketCiphers);
        }

        private ServerSocket customizeSecureSocket(ServerSocket serverSocket) {
            if (serverSocket instanceof SSLServerSocket) {
                String[] secureSocketProtocol = McSecureSocketUtil.getSecureSocketProtocol(this.secureSocketProtocol);
                String[] secureSocketCiphers = McSecureSocketUtil.getSecureSocketCiphers(this.secureSocketCiphers);
                ((SSLServerSocket) serverSocket).setEnabledProtocols(secureSocketProtocol);
                ((SSLServerSocket) serverSocket).setEnabledCipherSuites(secureSocketCiphers);
                if (McSecureSocketFactory.logger.isDebugEnabled()) {
                    McSecureSocketFactory.logger.debug("Server secure socket using " + Arrays.toString(secureSocketProtocol) + " protocol with " + Arrays.toString(secureSocketCiphers) + " cipher(s)");
                }
            }
            return serverSocket;
        }
    }

    private McSecureSocketFactory() {
    }

    public static SSLSocketFactory createProxySSLClientSocketFactory() throws GeneralSecurityException {
        SecureRandom secureRandomNumberGenerator = getSecureRandomNumberGenerator();
        SSLContext sSLContext = SSLContext.getInstance(McSecureSocketUtil.getDefaultSecureSocketProtocol());
        sSLContext.init(null, null, secureRandomNumberGenerator);
        return sSLContext.getSocketFactory();
    }

    public static SSLSocketFactory createSSLClientSocketFactory(byte[] bArr) throws GeneralSecurityException, IOException {
        SecureRandom secureRandomNumberGenerator = getSecureRandomNumberGenerator();
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(setupKeyStore(bArr, CS_PUBLIC_KEYSTORE_PASSWORD));
        SSLContext sSLContext = SSLContext.getInstance(McSecureSocketUtil.getDefaultSecureSocketProtocol());
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), secureRandomNumberGenerator);
        return sSLContext.getSocketFactory();
    }

    public static SSLServerSocketFactory createSSLServerSocketFactory(byte[] bArr, MiOpt<String> miOpt, MiList<String> miList) throws GeneralSecurityException, IOException {
        SecureRandom secureRandomNumberGenerator = getSecureRandomNumberGenerator();
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(setupKeyStore(bArr, CS_PRIVATE_KEYSTORE_PASSWORD), CS_PRIVATE_KEYSTORE_PASSWORD.toCharArray());
        SSLContext sSLContext = SSLContext.getInstance(McSecureSocketUtil.getDefaultSecureSocketProtocol());
        sSLContext.init(keyManagerFactory.getKeyManagers(), null, secureRandomNumberGenerator);
        return new CustomSSLServerSocketFactory(sSLContext.getServerSocketFactory(), miOpt, miList);
    }

    private static SecureRandom getSecureRandomNumberGenerator() {
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.nextInt();
        return secureRandom;
    }

    private static KeyStore setupKeyStore(byte[] bArr, String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        keyStore.load(new ByteArrayInputStream(bArr), str.toCharArray());
        return keyStore;
    }
}
