package com.elluminate.net;

import com.elluminate.util.log.LogSupport;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.PushbackInputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.util.LinkedList;
import java.util.StringTokenizer;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:classroom-util-1.0-snapshot.jar:com/elluminate/net/EndpointSecurity.class */
public class EndpointSecurity extends AbstractEndpointSecurity {
    protected EndpointSecurity() {
    }

    public static boolean isSecure(Endpoint endpoint) {
        if (!(endpoint instanceof ProxyEndpoint)) {
            return false;
        }
        Socket realSocket = ((ProxyEndpoint) endpoint).getRealSocket();
        try {
            setup();
            return realSocket instanceof SSLSocket;
        } catch (Throwable th) {
            return false;
        }
    }

    public static String getCipher(Endpoint endpoint) {
        if (!(endpoint instanceof ProxyEndpoint)) {
            return null;
        }
        try {
            SSLSocket sSLSocket = (SSLSocket) ((ProxyEndpoint) endpoint).getRealSocket();
            setup();
            return sSLSocket.getSession().getCipherSuite();
        } catch (Throwable th) {
            return null;
        }
    }

    public static boolean isSecureCaller(Endpoint endpoint) throws IOException {
        if (isSecureCaller(endpoint, V2HANDSHAKE)) {
            return true;
        }
        return isSecureCaller(endpoint, V3HANDSHAKE);
    }

    private static boolean isSecureCaller(Endpoint endpoint, int[] iArr) throws IOException {
        byte[] bArr = new byte[iArr.length];
        int i = 0;
        int soTimeout = endpoint.getSoTimeout();
        PushbackInputStream pushbackInputStream = (PushbackInputStream) endpoint.getInputStream();
        try {
            endpoint.setSoTimeout(2000);
            while (i < bArr.length) {
                int read = pushbackInputStream.read();
                int i2 = iArr[i];
                if (read < 0) {
                    if (i > 0) {
                        pushbackInputStream.unread(bArr, 0, i);
                    }
                    endpoint.setSoTimeout(soTimeout);
                    return false;
                }
                int i3 = i;
                i++;
                bArr[i3] = (byte) read;
                if (!checkSignature(read, i2)) {
                    if (i > 0) {
                        pushbackInputStream.unread(bArr, 0, i);
                    }
                    endpoint.setSoTimeout(soTimeout);
                    return false;
                }
            }
            if (i > 0) {
                pushbackInputStream.unread(bArr, 0, i);
            }
            endpoint.setSoTimeout(soTimeout);
            return true;
        } catch (Throwable th) {
            if (i > 0) {
                pushbackInputStream.unread(bArr, 0, i);
            }
            endpoint.setSoTimeout(soTimeout);
            throw th;
        }
    }

    public static Endpoint secureServer(Endpoint endpoint, File file, char[] cArr, File file2, char[] cArr2, boolean z) throws IOException, FileNotFoundException, EndpointSecurityException {
        return secure(endpoint, file, cArr, file2, cArr2, null, 0, false, z);
    }

    public static Endpoint secureClient(Endpoint endpoint, String str, int i) throws EndpointSecurityException, IOException {
        return secure(endpoint, str, i, true, false);
    }

    public static Endpoint secureClient(Endpoint endpoint, File file, char[] cArr, File file2, char[] cArr2, String str, int i) throws IOException, FileNotFoundException, EndpointSecurityException {
        return secure(endpoint, file, cArr, file2, cArr2, str, i, true, false);
    }

    public static Endpoint secure(Endpoint endpoint, String str, int i, boolean z, boolean z2) throws IOException, EndpointSecurityException {
        setup();
        return doSecure(endpoint, dftFactory, str, i, z, z2);
    }

    public static Endpoint secure(Endpoint endpoint, File file, char[] cArr, File file2, char[] cArr2, String str, int i, boolean z, boolean z2) throws IOException, FileNotFoundException, EndpointSecurityException {
        setup();
        return doSecure(endpoint, getFactory(file, cArr, file2, cArr2), str, i, z, z2);
    }

    public static void verifyDestination(Endpoint endpoint, String str, SSLTargetQuery sSLTargetQuery) throws EndpointSecurityException {
        if (endpoint instanceof ProxyEndpoint) {
            Socket realSocket = ((ProxyEndpoint) endpoint).getRealSocket();
            if (realSocket instanceof SSLSocket) {
                try {
                    SSLSession session = ((SSLSocket) realSocket).getSession();
                    X509Certificate[] peerCertificateChain = session.getPeerCertificateChain();
                    InetAddress inetAddress = realSocket.getInetAddress();
                    if (NetDebug.SSL.show()) {
                        LogSupport.message(EndpointSecurity.class, "verifyDestination", "Session encrypted using " + session.getCipherSuite());
                    }
                    verifyDestination(inetAddress, peerCertificateChain, str, sSLTargetQuery);
                } catch (Exception e) {
                    throw new EndpointSecurityException("Unable to verify target of SSL connections.");
                }
            }
        }
    }

    private static Endpoint doSecure(Endpoint endpoint, SSLSocketFactory sSLSocketFactory, String str, int i, boolean z, boolean z2) throws IOException, EndpointSecurityException {
        try {
            SSLSocket sSLSocket = (SSLSocket) sSLSocketFactory.createSocket(endpoint.getSocket(), str, i, true);
            setCiphers(sSLSocket);
            sSLSocket.setUseClientMode(z);
            if (!z) {
                sSLSocket.setNeedClientAuth(z2);
            }
            sSLSocket.startHandshake();
            ProxyEndpoint proxyEndpoint = new ProxyEndpoint(sSLSocket);
            proxyEndpoint.setProxy(endpoint.getProxyAddress(), endpoint.getProxyPort());
            proxyEndpoint.setFullDuplex(endpoint.isFullDuplex());
            proxyEndpoint.setCipher(getCipher(sSLSocket));
            return proxyEndpoint;
        } catch (Throwable th) {
            if (th instanceof IOException) {
                throw ((IOException) th);
            }
            LogSupport.exception(EndpointSecurity.class, "doSecure", th, true);
            throw new EndpointSecurityException(i18n.getString(StringsProperties.ENDPOINTSECURITY_SECUREFAILED, th.toString()));
        }
    }

    private static void setCiphers(SSLSocket sSLSocket) throws IOException {
        String property = System.getProperty("com.elluminate.net.SSLCipherSuites");
        if (property == null) {
            return;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(property, ",");
        LinkedList linkedList = new LinkedList();
        while (stringTokenizer.hasMoreTokens()) {
            linkedList.add(stringTokenizer.nextToken());
        }
        try {
            sSLSocket.setEnabledCipherSuites((String[]) linkedList.toArray(new String[linkedList.size()]));
        } catch (Throwable th) {
            if (!(th instanceof IOException)) {
                throw new IOException(i18n.getString(StringsProperties.ENDPOINTSECURITY_CANTSETUSERCIPHERS, property));
            }
            throw ((IOException) th);
        }
    }

    public static String getCipher(Socket socket) {
        try {
            setup();
            return ((SSLSocket) socket).getSession().getCipherSuite();
        } catch (Throwable th) {
            return null;
        }
    }
}
