package eu.emi.security.canl.axis2;

import eu.emi.security.authn.x509.CrlCheckingMode;
import eu.emi.security.authn.x509.NamespaceCheckingMode;
import eu.emi.security.authn.x509.ProxySupport;
import eu.emi.security.authn.x509.RevocationParameters;
import eu.emi.security.authn.x509.StoreUpdateListener;
import eu.emi.security.authn.x509.impl.CertificateUtils;
import eu.emi.security.authn.x509.impl.KeyAndCertCredential;
import eu.emi.security.authn.x509.impl.OpensslCertChainValidator;
import eu.emi.security.authn.x509.impl.PEMCredential;
import eu.emi.security.authn.x509.impl.SocketFactoryCreator;
import eu.emi.security.authn.x509.impl.ValidatorParams;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Properties;
import javax.net.ssl.SSLSocket;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;

/* loaded from: input_file:eu/emi/security/canl/axis2/CANLAXIS2SocketFactory.class */
public class CANLAXIS2SocketFactory implements ProtocolSocketFactory {
    private static final String SSL_TIMEOUT_SETTING = null;
    private static final String TIMEOUT_DEFAULT = null;
    private static ThreadLocal theAXIS2SocketFactoryProperties = new ThreadLocal();

    public static Properties getCurrentProperties() {
        Properties properties = (Properties) theAXIS2SocketFactoryProperties.get();
        if (properties == null) {
            properties = System.getProperties();
        }
        return properties;
    }

    public static void clearCurrentProperties() {
        theAXIS2SocketFactoryProperties.set(null);
    }

    public static void setCurrentProperties(Properties properties) {
        theAXIS2SocketFactoryProperties.set(properties);
    }

    private Socket createSocket() throws IOException {
        KeyAndCertCredential pEMCredential;
        Properties currentProperties = getCurrentProperties();
        StoreUpdateListener storeUpdateListener = new StoreUpdateListener() { // from class: eu.emi.security.canl.axis2.CANLAXIS2SocketFactory.1
            public void loadingNotification(String str, String str2, StoreUpdateListener.Severity severity, Exception exc) {
                if (severity != StoreUpdateListener.Severity.NOTIFICATION) {
                    System.out.println("Error when creating or using SSL socket. Type " + str2 + " level: " + severity + " cause: " + exc.getClass() + ":" + exc.getMessage());
                }
            }
        };
        ArrayList arrayList = new ArrayList();
        arrayList.add(storeUpdateListener);
        RevocationParameters revocationParameters = new RevocationParameters(CrlCheckingMode.REQUIRE);
        String str = (String) currentProperties.get("crlcheckingmode");
        if (str != null) {
            if (str.equalsIgnoreCase("ifvalid")) {
                revocationParameters = new RevocationParameters(CrlCheckingMode.IF_VALID);
            }
            if (str.equalsIgnoreCase("ignore")) {
                revocationParameters = new RevocationParameters(CrlCheckingMode.IGNORE);
            }
        }
        ProxySupport proxySupport = ProxySupport.ALLOW;
        String str2 = (String) currentProperties.get("proxysupport");
        if (str2 != null && (str2.equalsIgnoreCase("no") || str2.equalsIgnoreCase("false"))) {
            proxySupport = ProxySupport.DENY;
        }
        ValidatorParams validatorParams = new ValidatorParams(revocationParameters, proxySupport, arrayList);
        String str3 = (String) currentProperties.get("truststore");
        if (str3 == null) {
            throw new IOException("No truststore defined, unable to load CA certificates and thus create SSL socket.");
        }
        String str4 = (String) currentProperties.get("namespace");
        NamespaceCheckingMode namespaceCheckingMode = NamespaceCheckingMode.EUGRIDPMA_AND_GLOBUS;
        if (str4 != null) {
            if (str4.equalsIgnoreCase("no") || str4.equalsIgnoreCase("false") || str4.equalsIgnoreCase("off")) {
                namespaceCheckingMode = NamespaceCheckingMode.IGNORE;
            } else if (str4.equalsIgnoreCase("require")) {
                namespaceCheckingMode = NamespaceCheckingMode.EUGRIDPMA_AND_GLOBUS_REQUIRE;
            }
        }
        String str5 = (String) currentProperties.get("updateinterval");
        long j = 3600000;
        if (str5 != null) {
            j = Long.parseLong(str5);
        }
        OpensslCertChainValidator opensslCertChainValidator = new OpensslCertChainValidator(str3, namespaceCheckingMode, j, validatorParams);
        String str6 = (String) currentProperties.get("proxy");
        if (str6 != null) {
            try {
                pEMCredential = new PEMCredential(str6, (char[]) null);
            } catch (KeyStoreException e) {
                throw new IOException("Error opening proxy from " + str6 + ": ", e);
            } catch (CertificateException e2) {
                throw new IOException("Error reading proxy from " + str6 + ": ", e2);
            }
        } else {
            String str7 = (String) currentProperties.get("cert");
            if (str7 == null) {
                throw new IOException("Variable hostcert undefined, cannot start server with SSL/TLS without host certificate.");
            }
            X509Certificate[] loadCertificateChain = CertificateUtils.loadCertificateChain(new FileInputStream(str7), CertificateUtils.Encoding.PEM);
            String str8 = (String) currentProperties.get("password");
            String str9 = (String) currentProperties.get("key");
            if (str9 == null) {
                throw new IOException("Variable hostkey undefined, cannot start server with SSL/TLS without host private key.");
            }
            try {
                pEMCredential = new KeyAndCertCredential(CertificateUtils.loadPrivateKey(new FileInputStream(str9), CertificateUtils.Encoding.PEM, str8 == null ? null : str8.toCharArray()), loadCertificateChain);
            } catch (KeyStoreException e3) {
                throw new IOException("Error while creating keystore: " + e3 + ": " + e3.getMessage(), e3);
            }
        }
        return (SSLSocket) SocketFactoryCreator.getSocketFactory(pEMCredential, opensslCertChainValidator).createSocket();
    }

    private Socket createSocket(Socket socket, boolean z) throws IOException {
        throw new IOException("createSocket(s, ac) unimplemented");
    }

    private final Socket connectSocket(Socket socket, SocketAddress socketAddress, SocketAddress socketAddress2, int i) throws IOException {
        int i2 = i;
        if (socketAddress2 != null) {
            socket.bind(socketAddress2);
        }
        if (i == 0) {
            i2 = Integer.parseInt(getCurrentProperties().getProperty(SSL_TIMEOUT_SETTING, TIMEOUT_DEFAULT));
        }
        socket.setSoTimeout(i2);
        socket.connect(socketAddress, i2);
        return socket;
    }

    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2, HttpConnectionParams httpConnectionParams) throws IOException, UnknownHostException {
        Socket createSocket = createSocket();
        connectSocket(createSocket, new InetSocketAddress(str, i), new InetSocketAddress(inetAddress, i2), httpConnectionParams.getConnectionTimeout());
        return createSocket;
    }

    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        Socket createSocket = createSocket();
        connectSocket(createSocket, new InetSocketAddress(str, i), new InetSocketAddress(inetAddress, i2), 0);
        return createSocket;
    }

    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        Socket createSocket = createSocket();
        connectSocket(createSocket, new InetSocketAddress(str, i), null, 0);
        return createSocket;
    }

    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException, UnknownHostException {
        Socket createSocket = createSocket(socket, z);
        connectSocket(createSocket, new InetSocketAddress(str, i), null, 0);
        return createSocket;
    }
}
