package edu.stanford.smi.protege.server.socket;

import edu.stanford.smi.protege.util.ApplicationProperties;
import edu.stanford.smi.protege.util.Log;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.rmi.server.RMIClientSocketFactory;
import java.rmi.server.RMIServerSocketFactory;
import java.security.KeyStore;
import java.util.HashSet;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: input_file:edu/stanford/smi/protege/server/socket/SSLFactory.class */
public class SSLFactory implements RMIClientSocketFactory, RMIServerSocketFactory {
    private static Logger log = Log.getLogger(SSLFactory.class);
    private static Set<Thread> authorized = new HashSet();
    private static Context policy;
    public static final String SSL_POLICY = "protege.rmi.ssl.policy";
    public static final String SSL_KEYSTORE = "protege.rmi.ssl.keystore";
    public static final String SSL_PASSWORD = "protege.rmi.ssl.password";
    public static final String KEYSTORE_TYPE = "protege.rmi.ssl.keystore.type";
    public static final String DEFAULT_KEYSTORE_TYPE = "JKS";
    public static final String KEYMANAGER_ALGORITHM = "protege.rmi.ssl.keymanager.algorithm";
    public static final String DEFAULT_KEYMANAGER_ALGORITHM = "SunX509";
    public static final String SSL_PROTOCOL = "protege.rmi.ssl.protocol";
    public static final String DEFAULT_SSL_PROTOCOL = "TLS";
    private SSLServerSocketFactory factory;

    /* loaded from: input_file:edu/stanford/smi/protege/server/socket/SSLFactory$Context.class */
    public enum Context {
        NONE,
        LOGIN,
        ALWAYS
    }

    private void initializeSSLServerFactory() throws IOException {
        if (this.factory != null) {
            return;
        }
        try {
            char[] charArray = getPassword().toCharArray();
            KeyStore keyStore = KeyStore.getInstance(getKeystoreType());
            keyStore.load(new FileInputStream(getKeyStore()), charArray);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(getKeymanagerAlgorithm());
            keyManagerFactory.init(keyStore, charArray);
            SSLContext sSLContext = SSLContext.getInstance(getSSLProtocol());
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            this.factory = sSLContext.getServerSocketFactory();
        } catch (Exception e) {
            IOException iOException = new IOException("Could not initialize ssl socket factory " + e);
            iOException.initCause(e);
            throw iOException;
        }
    }

    public ServerSocket createServerSocket(int i) throws IOException {
        if (this.factory == null) {
            initializeSSLServerFactory();
        }
        return this.factory.createServerSocket(i);
    }

    public Socket createSocket(String str, int i) throws IOException {
        InetSocketAddress inetSocketAddress = new InetSocketAddress(str, i);
        InetSocketAddress inetSocketAddress2 = new InetSocketAddress(0);
        Socket createSocket = SSLSocketFactory.getDefault().createSocket();
        createSocket.setReuseAddress(true);
        createSocket.bind(inetSocketAddress2);
        createSocket.connect(inetSocketAddress);
        authorized.add(Thread.currentThread());
        return createSocket;
    }

    public static int getServerPort(Context context) {
        return useSSL(context) ? Integer.getInteger(RmiSocketFactory.SERVER_SSL_PORT, 0).intValue() : Integer.getInteger("protege.rmi.server.port", 0).intValue();
    }

    public static boolean useSSL(Context context) {
        if (policy == null) {
            policy = Context.NONE;
            String applicationOrSystemProperty = ApplicationProperties.getApplicationOrSystemProperty(SSL_POLICY);
            if (applicationOrSystemProperty != null) {
                String upperCase = applicationOrSystemProperty.toUpperCase();
                if (upperCase.equals("NONE")) {
                    policy = Context.NONE;
                } else if (upperCase.equals("LOGIN")) {
                    policy = Context.LOGIN;
                } else {
                    policy = Context.ALWAYS;
                }
                if (policy != Context.NONE) {
                    Log.getLogger().config("SSL policy set to " + policy);
                }
            }
        }
        boolean z = context.compareTo(policy) <= 0;
        if (log.isLoggable(Level.FINE)) {
            log.fine("Policy = " + policy + " context = " + context + " use ssl = " + z);
        }
        return z;
    }

    public static void resetAuth() {
        authorized.remove(Thread.currentThread());
    }

    public static boolean checkAuth() throws SecurityException {
        return authorized.contains(Thread.currentThread());
    }

    private static File getKeyStore() throws IOException {
        String applicationOrSystemProperty = ApplicationProperties.getApplicationOrSystemProperty(SSL_KEYSTORE);
        if (applicationOrSystemProperty == null) {
            throw new IOException("keystore not specified. Set protege.rmi.ssl.keystore");
        }
        return new File(applicationOrSystemProperty);
    }

    private static String getPassword() {
        return ApplicationProperties.getApplicationOrSystemProperty(SSL_PASSWORD);
    }

    private static String getKeystoreType() {
        return ApplicationProperties.getApplicationOrSystemProperty(KEYSTORE_TYPE, DEFAULT_KEYSTORE_TYPE);
    }

    private static String getKeymanagerAlgorithm() {
        return ApplicationProperties.getApplicationOrSystemProperty(KEYMANAGER_ALGORITHM, DEFAULT_KEYMANAGER_ALGORITHM);
    }

    private static String getSSLProtocol() {
        return ApplicationProperties.getApplicationOrSystemProperty(SSL_PROTOCOL, DEFAULT_SSL_PROTOCOL);
    }
}
