package freenet.crypt;

import freenet.config.InvalidConfigValueException;
import freenet.config.SubConfig;
import freenet.support.Logger;
import freenet.support.api.BooleanCallback;
import freenet.support.api.StringCallback;
import freenet.support.io.Closer;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.net.ServerSocket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import javax.net.ServerSocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;

/* loaded from: input_file:freenet.jar:freenet/crypt/SSL.class */
public class SSL {
    private static volatile boolean enable;
    private static KeyStore keystore;
    private static ServerSocketFactory ssf;
    private static String keyStore;
    private static String keyStorePass;
    private static String keyPass;

    public static boolean available() {
        return ssf != null;
    }

    public static void init(SubConfig subConfig) {
        int i = 0 + 1;
        subConfig.register("sslEnable", false, 0, true, true, "SSL.enable", "SSL.enableLong", new BooleanCallback() { // from class: freenet.crypt.SSL.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // freenet.config.ConfigCallback
            public Boolean get() {
                return Boolean.valueOf(SSL.enable);
            }

            @Override // freenet.config.ConfigCallback
            public void set(Boolean bool) throws InvalidConfigValueException {
                if (get().equals(bool)) {
                    return;
                }
                boolean unused = SSL.enable = bool.booleanValue();
                if (!SSL.enable) {
                    ServerSocketFactory unused2 = SSL.ssf = null;
                    String unused3 = SSL.keyStore = null;
                    return;
                }
                try {
                    SSL.loadKeyStore();
                    SSL.createSSLContext();
                } catch (Exception e) {
                    boolean unused4 = SSL.enable = false;
                    e.printStackTrace(System.out);
                    throw new InvalidConfigValueException("Cannot enabled ssl, config error");
                }
            }
        });
        int i2 = i + 1;
        subConfig.register("sslKeyStore", "datastore/certs", i, true, true, "SSL.keyStore", "SSL.keyStoreLong", new StringCallback() { // from class: freenet.crypt.SSL.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // freenet.config.ConfigCallback
            public String get() {
                return SSL.keyStore;
            }

            @Override // freenet.config.ConfigCallback
            public void set(String str) throws InvalidConfigValueException {
                if (str.equals(get())) {
                    return;
                }
                String str2 = SSL.keyStore;
                String unused = SSL.keyStore = str;
                try {
                    SSL.loadKeyStore();
                } catch (Exception e) {
                    String unused2 = SSL.keyStore = str2;
                    e.printStackTrace(System.out);
                    throw new InvalidConfigValueException("Cannot change keystore file");
                }
            }
        });
        int i3 = i2 + 1;
        subConfig.register("sslKeyStorePass", "freenet", i2, true, true, "SSL.keyStorePass", "SSL.keyStorePassLong", new StringCallback() { // from class: freenet.crypt.SSL.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // freenet.config.ConfigCallback
            public String get() {
                return SSL.keyStorePass;
            }

            @Override // freenet.config.ConfigCallback
            public void set(String str) throws InvalidConfigValueException {
                if (str.equals(get())) {
                    return;
                }
                String str2 = SSL.keyStorePass;
                String unused = SSL.keyStorePass = str;
                try {
                    SSL.storeKeyStore();
                } catch (Exception e) {
                    String unused2 = SSL.keyStorePass = str2;
                    e.printStackTrace(System.out);
                    throw new InvalidConfigValueException("Cannot change keystore password");
                }
            }
        });
        int i4 = i3 + 1;
        subConfig.register("sslKeyPass", "freenet", i3, true, true, "SSL.keyPass", "SSL.keyPassLong", new StringCallback() { // from class: freenet.crypt.SSL.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // freenet.config.ConfigCallback
            public String get() {
                return SSL.keyPass;
            }

            @Override // freenet.config.ConfigCallback
            public void set(String str) throws InvalidConfigValueException {
                if (str.equals(get())) {
                    return;
                }
                String str2 = SSL.keyPass;
                String unused = SSL.keyPass = str;
                try {
                    Certificate[] certificateChain = SSL.keystore.getCertificateChain("freenet");
                    SSL.keystore.setKeyEntry("freenet", SSL.keystore.getKey("freenet", str2.toCharArray()), SSL.keyPass.toCharArray(), certificateChain);
                    SSL.createSSLContext();
                } catch (Exception e) {
                    String unused2 = SSL.keyPass = str2;
                    e.printStackTrace(System.out);
                    throw new InvalidConfigValueException("Cannot change private key password");
                }
            }
        });
        enable = subConfig.getBoolean("sslEnable");
        keyStore = subConfig.getString("sslKeyStore");
        keyStorePass = subConfig.getString("sslKeyStorePass");
        keyPass = subConfig.getString("sslKeyPass");
        try {
            keystore = KeyStore.getInstance("PKCS12");
            loadKeyStore();
            createSSLContext();
        } catch (Exception e) {
            Logger.error((Class<?>) SSL.class, "Cannot load keystore, ssl is disable", (Throwable) e);
        }
        subConfig.finishedInitialization();
    }

    public static ServerSocket createServerSocket() throws IOException {
        if (ssf == null) {
            throw new IOException("SSL not initialized");
        }
        return ssf.createServerSocket();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void loadKeyStore() throws NoSuchAlgorithmException, CertificateException, IOException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException, KeyStoreException, UnrecoverableKeyException, KeyManagementException {
        if (enable) {
            FileInputStream fileInputStream = null;
            try {
                try {
                    fileInputStream = new FileInputStream(keyStore);
                    keystore.load(fileInputStream, keyStorePass.toCharArray());
                    Closer.close(fileInputStream);
                } catch (FileNotFoundException e) {
                    keystore.load(null, keyStorePass.toCharArray());
                    try {
                        Class<?> cls = Class.forName("sun.security.x509.CertAndKeyGen");
                        Object newInstance = cls.getConstructor(String.class, String.class).newInstance("RSA", "SHA1WithRSA");
                        Class<?> cls2 = Class.forName("sun.security.x509.X500Name");
                        Object newInstance2 = cls2.getConstructor(String.class, String.class, String.class, String.class, String.class, String.class).newInstance("Freenet", "Freenet", "Freenet", "", "", "");
                        cls.getMethod("generate", Integer.TYPE).invoke(newInstance, 2048);
                        keystore.setKeyEntry("freenet", (PrivateKey) cls.getMethod("getPrivateKey", new Class[0]).invoke(newInstance, new Object[0]), keyPass.toCharArray(), new Certificate[]{(Certificate) cls.getMethod("getSelfCertificate", cls2, Long.TYPE).invoke(newInstance, newInstance2, 31536000L)});
                        storeKeyStore();
                        createSSLContext();
                        Closer.close(fileInputStream);
                    } catch (ClassNotFoundException e2) {
                        throw new UnsupportedOperationException("The JVM you are using is not supported!", e2);
                    } catch (NoSuchMethodException e3) {
                        throw new UnsupportedOperationException("The JVM you are using is not supported!", e3);
                    }
                }
            } catch (Throwable th) {
                Closer.close(fileInputStream);
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void storeKeyStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (enable) {
            FileOutputStream fileOutputStream = null;
            try {
                fileOutputStream = new FileOutputStream(keyStore);
                keystore.store(fileOutputStream, keyStorePass.toCharArray());
                Closer.close(fileOutputStream);
            } catch (Throwable th) {
                Closer.close(fileOutputStream);
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void createSSLContext() throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException {
        if (enable) {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            keyManagerFactory.init(keystore, keyPass.toCharArray());
            SSLContext sSLContext = SSLContext.getInstance("TLSv1");
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            ssf = sSLContext.getServerSocketFactory();
        }
    }
}
