package org.mortbay.http;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import org.mortbay.jetty.servlet.ServletSSL;
import org.mortbay.util.Code;
import org.mortbay.util.InetAddrPort;
import org.mortbay.util.Log;

/* loaded from: input_file:org/mortbay/http/JsseListener.class */
public abstract class JsseListener extends SocketListener {
    public static final String KEYSTORE_PROPERTY = "jetty.ssl.keystore";
    public static final String PASSWORD_PROPERTY = "jetty.ssl.password";
    public static final String KEYPASSWORD_PROPERTY = "jetty.ssl.keypassword";
    static final String CACHED_INFO_ATTR;
    private boolean _needClientAuth;
    private String _nonPersistentUserAgent;
    static Class class$org$mortbay$http$JsseListener$CachedInfo;
    public static final String KEYSTORE_TYPE_PROPERTY = "jetty.ssl.keystore.type";
    public static final String DEFAULT_KEYSTORE_TYPE = System.getProperty(KEYSTORE_TYPE_PROPERTY, KeyStore.getDefaultType());
    public static final String KEYSTORE_PROVIDER_CLASS_PROPERTY = "jetty.ssl.keystore.provider.class";
    public static final String DEFAULT_KEYSTORE_PROVIDER_CLASS = System.getProperty(KEYSTORE_PROVIDER_CLASS_PROPERTY);
    public static final String DEFAULT_KEYSTORE = new StringBuffer().append(System.getProperty("user.home")).append(File.separator).append(".keystore").toString();
    public static final String KEYSTORE_PROVIDER_NAME_PROPERTY = "jetty.ssl.keystore.provider.name";
    public static final String DEFAULT_KEYSTORE_PROVIDER_NAME = System.getProperty(KEYSTORE_PROVIDER_NAME_PROPERTY);

    /* loaded from: input_file:org/mortbay/http/JsseListener$CachedInfo.class */
    private class CachedInfo {
        private Integer _keySize;
        private X509Certificate[] _certs;
        private final JsseListener this$0;

        CachedInfo(JsseListener jsseListener, Integer num, X509Certificate[] x509CertificateArr) {
            this.this$0 = jsseListener;
            this._keySize = num;
            this._certs = x509CertificateArr;
        }

        Integer getKeySize() {
            return this._keySize;
        }

        X509Certificate[] getCerts() {
            return this._certs;
        }
    }

    public JsseListener() {
        this._needClientAuth = false;
        this._nonPersistentUserAgent = "MSIE 5";
        setDefaultScheme(HttpMessage.__SSL_SCHEME);
    }

    public JsseListener(InetAddrPort inetAddrPort) {
        super(inetAddrPort);
        this._needClientAuth = false;
        this._nonPersistentUserAgent = "MSIE 5";
        if (inetAddrPort.getPort() == 0) {
            inetAddrPort.setPort(443);
            setPort(443);
        }
        setDefaultScheme(HttpMessage.__SSL_SCHEME);
    }

    public void setNeedClientAuth(boolean z) {
        this._needClientAuth = z;
    }

    public boolean getNeedClientAuth() {
        return this._needClientAuth;
    }

    @Override // org.mortbay.http.SocketListener, org.mortbay.http.HttpListener
    public boolean isIntegral(HttpConnection httpConnection) {
        return true;
    }

    @Override // org.mortbay.http.SocketListener, org.mortbay.http.HttpListener
    public boolean isConfidential(HttpConnection httpConnection) {
        return true;
    }

    public String getNonPersistentUserAgent() {
        return this._nonPersistentUserAgent;
    }

    public void setNonPersistentUserAgent(String str) {
        this._nonPersistentUserAgent = str;
    }

    protected abstract SSLServerSocketFactory createFactory() throws Exception;

    @Override // org.mortbay.util.ThreadedServer
    protected ServerSocket newServerSocket(InetAddrPort inetAddrPort, int i) throws IOException {
        try {
            SSLServerSocketFactory createFactory = createFactory();
            SSLServerSocket sSLServerSocket = inetAddrPort == null ? (SSLServerSocket) createFactory.createServerSocket(0, i) : (SSLServerSocket) createFactory.createServerSocket(inetAddrPort.getPort(), i, inetAddrPort.getInetAddress());
            sSLServerSocket.setNeedClientAuth(this._needClientAuth);
            Log.event(new StringBuffer().append("JsseListener.needClientAuth=").append(this._needClientAuth).toString());
            return sSLServerSocket;
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            Code.warning(e2);
            throw new IOException(new StringBuffer().append("Could not create JsseListener: ").append(e2.toString()).toString());
        }
    }

    protected Socket accept(ServerSocket serverSocket) throws IOException {
        try {
            SSLSocket sSLSocket = (SSLSocket) serverSocket.accept();
            if (getMaxIdleTimeMs() > 0) {
                sSLSocket.setSoTimeout(getMaxIdleTimeMs());
            }
            sSLSocket.startHandshake();
            return sSLSocket;
        } catch (SSLException e) {
            Code.warning(e);
            throw new IOException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.mortbay.http.SocketListener
    public void customizeRequest(Socket socket, HttpRequest httpRequest) {
        Integer num;
        X509Certificate[] certChain;
        super.customizeRequest(socket, httpRequest);
        String field = httpRequest.getField(HttpFields.__UserAgent);
        if (field != null && field.indexOf(this._nonPersistentUserAgent) >= 0 && HttpMessage.__SSL_SCHEME.equalsIgnoreCase(httpRequest.getScheme())) {
            Code.debug("Force close");
            httpRequest.getHttpResponse().setField(HttpFields.__Connection, "close");
            httpRequest.getHttpConnection().forceClose();
        }
        if (socket instanceof SSLSocket) {
            try {
                SSLSession session = ((SSLSocket) socket).getSession();
                String cipherSuite = session.getCipherSuite();
                CachedInfo cachedInfo = (CachedInfo) session.getValue(CACHED_INFO_ATTR);
                if (cachedInfo != null) {
                    num = cachedInfo.getKeySize();
                    certChain = cachedInfo.getCerts();
                } else {
                    num = new Integer(ServletSSL.deduceKeyLength(cipherSuite));
                    certChain = getCertChain(session);
                    session.putValue(CACHED_INFO_ATTR, new CachedInfo(this, num, certChain));
                }
                if (certChain != null) {
                    httpRequest.setAttribute("javax.servlet.request.X509Certificate", certChain);
                } else if (this._needClientAuth) {
                    throw new HttpException(403);
                }
                httpRequest.setAttribute("javax.servlet.request.cipher_suite", cipherSuite);
                httpRequest.setAttribute("javax.servlet.request.key_size", num);
            } catch (Exception e) {
                Code.warning(e);
            }
        }
    }

    private static X509Certificate[] getCertChain(SSLSession sSLSession) {
        try {
            javax.security.cert.X509Certificate[] peerCertificateChain = sSLSession.getPeerCertificateChain();
            if (peerCertificateChain == null || peerCertificateChain.length == 0) {
                return null;
            }
            int length = peerCertificateChain.length;
            X509Certificate[] x509CertificateArr = new X509Certificate[length];
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (int i = 0; i < length; i++) {
                x509CertificateArr[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(peerCertificateChain[i].getEncoded()));
            }
            return x509CertificateArr;
        } catch (SSLPeerUnverifiedException e) {
            return null;
        } catch (Exception e2) {
            Code.warning(e2);
            return null;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$mortbay$http$JsseListener$CachedInfo == null) {
            cls = class$("org.mortbay.http.JsseListener$CachedInfo");
            class$org$mortbay$http$JsseListener$CachedInfo = cls;
        } else {
            cls = class$org$mortbay$http$JsseListener$CachedInfo;
        }
        CACHED_INFO_ATTR = cls.getName();
    }
}
