package org.ballerinalang.nativeimpl.socket;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Socket;
import java.nio.channels.ByteChannel;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.ballerinalang.bre.Context;
import org.ballerinalang.bre.bvm.BLangVMStructs;
import org.ballerinalang.bre.bvm.BlockingNativeCallableUnit;
import org.ballerinalang.model.types.TypeKind;
import org.ballerinalang.model.values.BStruct;
import org.ballerinalang.nativeimpl.io.IOConstants;
import org.ballerinalang.nativeimpl.io.channels.SocketIOChannel;
import org.ballerinalang.nativeimpl.io.utils.IOUtils;
import org.ballerinalang.natives.annotations.Argument;
import org.ballerinalang.natives.annotations.BallerinaFunction;
import org.ballerinalang.natives.annotations.ReturnType;
import org.ballerinalang.util.codegen.PackageInfo;
import org.ballerinalang.util.codegen.StructureTypeInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@BallerinaFunction(orgName = "ballerina", packageName = "io", functionName = "openSecureSocket", args = {@Argument(name = "host", type = TypeKind.STRING), @Argument(name = "port", type = TypeKind.INT), @Argument(name = "option", type = TypeKind.RECORD, structType = "SocketProperties", structPackage = "ballerina.io")}, returnType = {@ReturnType(type = TypeKind.OBJECT, structType = OpenSecureSocket.SOCKET_STRUCT_TYPE, structPackage = "ballerina.io"), @ReturnType(type = TypeKind.RECORD, structType = "IOError", structPackage = "ballerina.io")}, isPublic = true)
/* loaded from: input_file:org/ballerinalang/nativeimpl/socket/OpenSecureSocket.class */
public class OpenSecureSocket extends BlockingNativeCallableUnit {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) OpenSecureSocket.class);
    private static final String SEPARATOR = ",";
    private static final String SOCKET_PACKAGE = "ballerina.io";
    private static final String SOCKET_STRUCT_TYPE = "Socket";
    private static final String BYTE_CHANNEL_STRUCT_TYPE = "ByteChannel";

    @Override // org.ballerinalang.bre.bvm.BlockingNativeCallableUnit
    public void execute(Context context) {
        String stringArgument = context.getStringArgument(0);
        int intArgument = (int) context.getIntArgument(0);
        if (log.isDebugEnabled()) {
            log.debug("Remote host: " + stringArgument);
            log.debug("Remote port: " + intArgument);
        }
        BStruct bStruct = (BStruct) context.getRefArgument(0);
        try {
            Socket createSocket = getSslContext(bStruct).getSocketFactory().createSocket(stringArgument, intArgument);
            if (log.isDebugEnabled()) {
                log.debug("Socket connected: " + createSocket.isConnected());
                log.debug("Local port: " + createSocket.getLocalPort());
            }
            if (!(createSocket instanceof SSLSocket)) {
                log.error("Socket is not a SSLSocket instance.");
                throw new RuntimeException("Failed to get a SSLSocket instance.");
            }
            SSLSocket sSLSocket = (SSLSocket) createSocket;
            sSLSocket.setUseClientMode(true);
            String stringField = bStruct.getStringField(6);
            if (stringField != null && !stringField.isEmpty()) {
                if (log.isDebugEnabled()) {
                    log.debug("Setting ciphers: " + stringField);
                }
                sSLSocket.setEnabledCipherSuites(stringField.replaceAll("\\s+", "").split(","));
            }
            String stringField2 = bStruct.getStringField(5);
            if (stringField2 != null && !stringField2.isEmpty()) {
                if (log.isDebugEnabled()) {
                    log.debug("Enabled protocols: " + stringField2);
                }
                sSLSocket.setEnabledProtocols(stringField2.replaceAll("\\s+", "").split(","));
            }
            log.debug("Start handshake!!!");
            sSLSocket.startHandshake();
            log.debug("Secure handshake successful.");
            context.setReturnValues(createReturnStruct(context, sSLSocket, new SocketByteChannel(sSLSocket)));
        } catch (Throwable th) {
            String str = "Failed to open a connection to [" + stringArgument + ":" + intArgument + "] : " + th.getMessage();
            log.error(str, th);
            context.setReturnValues(IOUtils.createError(context, str));
        }
    }

    private BStruct createReturnStruct(Context context, SSLSocket sSLSocket, ByteChannel byteChannel) throws IOException {
        PackageInfo packageInfo = context.getProgramFile().getPackageInfo("ballerina.io");
        StructureTypeInfo structInfo = packageInfo.getStructInfo("ByteChannel");
        SocketIOChannel socketIOChannel = new SocketIOChannel(byteChannel, 0);
        BStruct createBStruct = BLangVMStructs.createBStruct(structInfo, socketIOChannel);
        createBStruct.addNativeData(IOConstants.BYTE_CHANNEL_NAME, socketIOChannel);
        BStruct createBStruct2 = BLangVMStructs.createBStruct(packageInfo.getStructInfo(SOCKET_STRUCT_TYPE), new Object[0]);
        createBStruct2.setRefField(0, createBStruct);
        createBStruct2.setIntField(0, sSLSocket.getPort());
        createBStruct2.setIntField(1, sSLSocket.getLocalPort());
        createBStruct2.setStringField(0, sSLSocket.getInetAddress().getHostAddress());
        createBStruct2.setStringField(1, sSLSocket.getLocalAddress().getHostAddress());
        createBStruct2.addNativeData(IOConstants.CLIENT_SOCKET_NAME, byteChannel);
        return createBStruct2;
    }

    private SSLContext getSslContext(BStruct bStruct) throws UnrecoverableKeyException, CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
        String property = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        if (property == null) {
            property = "SunX509";
        }
        if (log.isDebugEnabled()) {
            log.debug("SSL algorithm : " + property);
        }
        String stringField = bStruct.getStringField(0);
        String stringField2 = bStruct.getStringField(1);
        String stringField3 = bStruct.getStringField(2);
        String stringField4 = bStruct.getStringField(3);
        String stringField5 = bStruct.getStringField(4);
        String stringField6 = bStruct.getStringField(7);
        String stringField7 = (stringField6 == null || stringField6.isEmpty()) ? "TLS" : bStruct.getStringField(7);
        if (log.isDebugEnabled()) {
            log.debug("KeyStore path: " + stringField);
            log.debug("TrustStore path: " + stringField3);
            log.debug("Protocol: " + stringField7);
        }
        KeyManager[] keyManagers = getKeyManagers(stringField5, stringField, stringField2, property);
        TrustManager[] trustManagers = getTrustManagers(stringField3, stringField4, property);
        SSLContext sSLContext = SSLContext.getInstance(stringField7);
        sSLContext.init(keyManagers, trustManagers, null);
        return sSLContext;
    }

    private TrustManager[] getTrustManagers(String str, String str2, String str3) throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException {
        KeyStore keyStore = getKeyStore(str, str2);
        TrustManager[] trustManagerArr = null;
        if (keyStore != null) {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(str3);
            trustManagerFactory.init(keyStore);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        }
        return trustManagerArr;
    }

    private KeyManager[] getKeyManagers(String str, String str2, String str3, String str4) throws IOException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, CertificateException {
        KeyStore keyStore = getKeyStore(str2, str3);
        KeyManager[] keyManagerArr = null;
        if (keyStore != null) {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(str4);
            keyManagerFactory.init(keyStore, str != null ? str.toCharArray() : str3.toCharArray());
            keyManagerArr = keyManagerFactory.getKeyManagers();
        }
        return keyManagerArr;
    }

    private KeyStore getKeyStore(String str, String str2) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        KeyStore keyStore = null;
        if (str != null && !str.isEmpty() && str2 != null) {
            FileInputStream fileInputStream = new FileInputStream(new File(str));
            Throwable th = null;
            try {
                try {
                    keyStore = KeyStore.getInstance("PKCS12");
                    keyStore.load(fileInputStream, str2.toCharArray());
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (fileInputStream != null) {
                    if (th != null) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                throw th3;
            }
        }
        return keyStore;
    }
}
