package org.jivesoftware.openfire.net;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.jivesoftware.util.CertificateEventListener;
import org.jivesoftware.util.CertificateManager;
import org.jivesoftware.util.JiveGlobals;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jivesoftware/openfire/net/SSLConfig.class */
public class SSLConfig {
    private static SSLServerSocketFactory s2sFactory;
    private static SSLServerSocketFactory c2sFactory;
    private static SSLContext s2sContext;
    private static SSLContext c2sContext;
    private static KeyStore keyStore;
    private static String keyStoreLocation;
    private static String keypass;
    private static KeyStore s2sTrustStore;
    private static String s2sTrustStoreLocation;
    private static String s2sTrustpass;
    private static KeyStore c2sTrustStore;
    private static String c2sTrustStoreLocation;
    private static String c2sTrustpass;
    private static final Logger Log = LoggerFactory.getLogger(SSLConfig.class);
    private static String storeType = JiveGlobals.getProperty("xmpp.socket.ssl.storeType", "jks");

    private SSLConfig() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void resetFactory() {
        try {
            String property = JiveGlobals.getProperty("xmpp.socket.ssl.algorithm", "TLS");
            s2sContext = SSLContext.getInstance(property);
            c2sContext = SSLContext.getInstance(property);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, getKeyPassword().toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(s2sTrustStore);
            s2sContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
            s2sFactory = s2sContext.getServerSocketFactory();
            if (s2sTrustStore == c2sTrustStore) {
                c2sContext = s2sContext;
                c2sFactory = s2sFactory;
            } else {
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory2.init(c2sTrustStore);
                c2sContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory2.getTrustManagers(), new SecureRandom());
                c2sFactory = c2sContext.getServerSocketFactory();
            }
        } catch (Exception e) {
            Log.error("SSLConfig factory setup problem.\n  storeType: [" + storeType + "]\n  keyStoreLocation: [" + keyStoreLocation + "]\n  keypass: [" + keypass + "]\n  s2sTrustStoreLocation: [" + s2sTrustStoreLocation + "]\n  s2sTrustpass: [" + s2sTrustpass + "]  c2sTrustStoreLocation: [" + c2sTrustStoreLocation + "]\n  c2sTrustpass: [" + c2sTrustpass + "]", (Throwable) e);
            keyStore = null;
            s2sTrustStore = null;
            c2sTrustStore = null;
            s2sFactory = null;
            c2sFactory = null;
        }
    }

    public static String getKeyPassword() {
        return keypass;
    }

    public static String gets2sTrustPassword() {
        return s2sTrustpass;
    }

    public static String getc2sTrustPassword() {
        return c2sTrustpass;
    }

    public static String[] getDefaultCipherSuites() {
        return s2sFactory == null ? new String[0] : s2sFactory.getDefaultCipherSuites();
    }

    public static String[] getSupportedCipherSuites() {
        return s2sFactory == null ? new String[0] : s2sFactory.getSupportedCipherSuites();
    }

    public static KeyStore getKeyStore() throws IOException {
        if (keyStore == null) {
            throw new IOException();
        }
        return keyStore;
    }

    public static KeyStore gets2sTrustStore() throws IOException {
        if (s2sTrustStore == null) {
            throw new IOException();
        }
        return s2sTrustStore;
    }

    public static KeyStore getc2sTrustStore() throws IOException {
        if (c2sTrustStore == null) {
            throw new IOException();
        }
        return c2sTrustStore;
    }

    public static KeyStore initializeKeyStore() {
        try {
            keyStore = KeyStore.getInstance(storeType);
            keyStore.load(null, keypass.toCharArray());
        } catch (Exception e) {
            Log.error("Unable to initialize keystore: ", (Throwable) e);
        }
        return keyStore;
    }

    public static void saveStores() throws IOException {
        try {
            File parentFile = new File(keyStoreLocation).getParentFile();
            if (!parentFile.exists()) {
                parentFile.mkdirs();
            }
            keyStore.store(new FileOutputStream(keyStoreLocation), keypass.toCharArray());
            if (s2sTrustStore != null) {
                File parentFile2 = new File(s2sTrustStoreLocation).getParentFile();
                if (!parentFile2.exists()) {
                    parentFile2.mkdirs();
                }
                s2sTrustStore.store(new FileOutputStream(s2sTrustStoreLocation), s2sTrustpass.toCharArray());
            }
            if (c2sTrustStore != null && c2sTrustStore != s2sTrustStore) {
                File parentFile3 = new File(c2sTrustStoreLocation).getParentFile();
                if (!parentFile3.exists()) {
                    parentFile3.mkdirs();
                }
                c2sTrustStore.store(new FileOutputStream(c2sTrustStoreLocation), c2sTrustpass.toCharArray());
            }
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new IOException(e2.getMessage());
        }
    }

    public static ServerSocket createServerSocket(int i, InetAddress inetAddress) throws IOException {
        if (s2sFactory == null) {
            throw new IOException();
        }
        return s2sFactory.createServerSocket(i, -1, inetAddress);
    }

    public static ServerSocket createc2sServerSocket(int i, InetAddress inetAddress) throws IOException {
        if (c2sFactory == null) {
            throw new IOException();
        }
        return c2sFactory.createServerSocket(i, -1, inetAddress);
    }

    public static String getKeystoreLocation() {
        return keyStoreLocation;
    }

    public static String gets2sTruststoreLocation() {
        return s2sTrustStoreLocation;
    }

    public static String getc2sTruststoreLocation() {
        return c2sTrustStoreLocation;
    }

    public static String getStoreType() {
        return storeType;
    }

    public static SSLContext getSSLContext() {
        return s2sContext;
    }

    public static SSLContext getc2sSSLContext() {
        return c2sContext;
    }

    public static SSLServerSocketFactory getServerSocketFactory() {
        return s2sFactory;
    }

    public static SSLServerSocketFactory getc2sServerSocketFactory() {
        return c2sFactory;
    }

    static {
        keyStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.keystore", "resources" + File.separator + "security" + File.separator + "keystore");
        keyStoreLocation = JiveGlobals.getHomeDirectory() + File.separator + keyStoreLocation;
        keypass = JiveGlobals.getProperty("xmpp.socket.ssl.keypass", "changeit");
        keypass = keypass.trim();
        c2sTrustStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.client.truststore", "resources" + File.separator + "security" + File.separator + "client.truststore");
        c2sTrustStoreLocation = JiveGlobals.getHomeDirectory() + File.separator + c2sTrustStoreLocation;
        c2sTrustpass = JiveGlobals.getProperty("xmpp.socket.ssl.client.trustpass", "changeit");
        c2sTrustpass = c2sTrustpass.trim();
        s2sTrustStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.truststore", "resources" + File.separator + "security" + File.separator + "truststore");
        s2sTrustStoreLocation = JiveGlobals.getHomeDirectory() + File.separator + s2sTrustStoreLocation;
        s2sTrustpass = JiveGlobals.getProperty("xmpp.socket.ssl.trustpass", "changeit");
        s2sTrustpass = s2sTrustpass.trim();
        try {
            keyStore = KeyStore.getInstance(storeType);
            keyStore.load(new FileInputStream(keyStoreLocation), keypass.toCharArray());
        } catch (Exception e) {
            Log.error("SSLConfig startup problem.\n  storeType: [" + storeType + "]\n  keyStoreLocation: [" + keyStoreLocation + "]\n  keypass: [" + keypass + "]\n", (Throwable) e);
            keyStore = null;
            s2sFactory = null;
        }
        try {
            s2sTrustStore = KeyStore.getInstance(storeType);
            s2sTrustStore.load(new FileInputStream(s2sTrustStoreLocation), s2sTrustpass.toCharArray());
        } catch (Exception e2) {
            Log.error("SSLConfig startup problem.\n  storeType: [" + storeType + "]\n  s2sTrustStoreLocation: [" + s2sTrustStoreLocation + "]\n  s2sTrustpass: [" + s2sTrustpass + "]\n", (Throwable) e2);
            s2sTrustStore = null;
            s2sFactory = null;
        }
        try {
            if (s2sTrustStoreLocation.equals(c2sTrustStoreLocation)) {
                c2sTrustStore = s2sTrustStore;
                c2sTrustpass = s2sTrustpass;
            } else {
                c2sTrustStore = KeyStore.getInstance(storeType);
                c2sTrustStore.load(new FileInputStream(c2sTrustStoreLocation), c2sTrustpass.toCharArray());
            }
        } catch (Exception e3) {
            try {
                c2sTrustStore = KeyStore.getInstance(storeType);
                c2sTrustStore.load(null, c2sTrustpass.toCharArray());
            } catch (Exception e4) {
                Log.error("SSLConfig startup problem.\n  storeType: [" + storeType + "]\n  c2sTrustStoreLocation: [" + c2sTrustStoreLocation + "]\n  c2sTrustPass: [" + c2sTrustpass + "]", (Throwable) e3);
                c2sTrustStore = null;
                c2sFactory = null;
            }
        }
        resetFactory();
        CertificateManager.addListener(new CertificateEventListener() { // from class: org.jivesoftware.openfire.net.SSLConfig.1
            @Override // org.jivesoftware.util.CertificateEventListener
            public void certificateCreated(KeyStore keyStore2, String str, X509Certificate x509Certificate) {
                SSLConfig.resetFactory();
            }

            @Override // org.jivesoftware.util.CertificateEventListener
            public void certificateDeleted(KeyStore keyStore2, String str) {
                SSLConfig.resetFactory();
            }

            @Override // org.jivesoftware.util.CertificateEventListener
            public void certificateSigned(KeyStore keyStore2, String str, List<X509Certificate> list) {
                SSLConfig.resetFactory();
            }
        });
    }
}
