package net.jxta.impl.endpoint.tls;

import COM.claymoresystems.ptls.SSLSocket;
import java.io.File;
import java.io.IOException;
import java.util.Enumeration;
import net.jxta.document.TextElement;
import net.jxta.endpoint.EndpointAddress;
import net.jxta.endpoint.Message;
import net.jxta.impl.endpoint.MessageImpl;
import net.jxta.peergroup.PeerGroup;
import net.jxta.protocol.PeerAdvertisement;
import org.apache.log4j.Category;
import org.apache.log4j.Priority;

/* loaded from: input_file:lib/ptolemy.jar:/ptolemy/vendors/sun/jxta/jxta.jar:net/jxta/impl/endpoint/tls/TlsConn.class */
public class TlsConn {
    private static final Category LOG;
    TlsManager manager;
    TlsTransport transport;
    static final String userPassword = "password";
    JTlsOutputStream jout;
    JTlsInputStream jin;
    JTlsParams params;
    String passphrase;
    String rootCertFile;
    boolean unverifiedCerts;
    boolean clientAuthorization;
    EndpointAddress destAddr;
    int which;
    static Class class$net$jxta$impl$endpoint$tls$TlsConn;
    SSLSocket ssls = null;
    String rootdir = null;
    String rootfile = null;
    String keyfile = null;
    String dhfile = null;
    String suites = null;
    String ppPath = null;
    boolean checkDates = true;
    ReadPlaintextMessage readerThread = null;
    private boolean handshakeDone = false;
    private boolean inputDead = false;

    /* loaded from: input_file:lib/ptolemy.jar:/ptolemy/vendors/sun/jxta/jxta.jar:net/jxta/impl/endpoint/tls/TlsConn$ReadPlaintextMessage.class */
    private class ReadPlaintextMessage implements Runnable {
        JTlsInputStream ptin;
        TlsTransport tp;
        int nErrors = 0;
        Thread th;
        private static final long ERRORWAIT = 30000;
        private final TlsConn this$0;

        public ReadPlaintextMessage(TlsConn tlsConn, JTlsInputStream jTlsInputStream, TlsTransport tlsTransport) {
            this.this$0 = tlsConn;
            this.ptin = null;
            this.tp = null;
            this.th = null;
            this.ptin = jTlsInputStream;
            this.tp = tlsTransport;
            this.th = new Thread(this, "jxtatlsInputThread");
            this.th.setDaemon(true);
            this.th.start();
        }

        @Override // java.lang.Runnable
        public void run() {
            while (true) {
                MessageImpl messageImpl = new MessageImpl();
                if (this.ptin.readMessage(messageImpl) == 0) {
                    if (TlsConn.LOG.isEnabledFor(Priority.INFO)) {
                        TlsConn.LOG.info("Dispatching msg to TlsTransport");
                    }
                    this.tp.processReceivedMessage(messageImpl);
                    this.nErrors = 0;
                } else {
                    if (TlsConn.LOG.isEnabledFor(Priority.INFO)) {
                        TlsConn.LOG.info("I/O error while reading decrypted Message");
                    }
                    this.nErrors++;
                    if (this.nErrors == 10) {
                        this.this$0.inputDead = true;
                        try {
                            Thread.currentThread();
                            Thread.sleep(ERRORWAIT);
                        } catch (InterruptedException e) {
                        }
                        this.nErrors = 0;
                    }
                }
            }
        }
    }

    public boolean getHandshakeDone() {
        return this.handshakeDone;
    }

    public boolean getInputDead() {
        return this.inputDead;
    }

    public TlsConn(TlsManager tlsManager, TlsTransport tlsTransport, EndpointAddress endpointAddress, boolean z, Message message) throws IOException {
        this.manager = null;
        this.transport = null;
        this.jout = null;
        this.jin = null;
        this.params = null;
        this.passphrase = null;
        this.rootCertFile = null;
        this.unverifiedCerts = true;
        this.clientAuthorization = false;
        this.destAddr = null;
        this.which = 0;
        this.manager = tlsManager;
        this.transport = tlsTransport;
        this.destAddr = endpointAddress;
        if (LOG.isEnabledFor(Priority.DEBUG)) {
            LOG.debug(new StringBuffer().append("TlsConn, contacting: ").append(endpointAddress.getProtocolAddress()).toString());
        }
        setPathnames();
        String str = new String(TlsConfig.passitOn);
        if (LOG.isEnabledFor(Priority.DEBUG)) {
            LOG.debug(new StringBuffer().append("TlsConn, password = ").append(str).toString());
        }
        if (str == null) {
            throw new IOException("TlsConn: null password. Cannot proceed.");
        }
        this.passphrase = JTlsUtil.readPassPhrase(this.ppPath, str);
        this.unverifiedCerts = true;
        this.clientAuthorization = false;
        String rootCert = getRootCert(endpointAddress);
        this.rootCertFile = rootCert;
        if (rootCert == null) {
            this.rootCertFile = this.rootfile;
            if (LOG.isEnabledFor(Priority.INFO)) {
                LOG.info(new StringBuffer().append("NOT Verifying ").append(z ? "Server" : "Client").append(" cert, root = ").append(this.rootCertFile).toString());
            }
        } else if (z) {
            if (LOG.isEnabledFor(Priority.INFO)) {
                LOG.info(new StringBuffer().append("Verifying certs, root = ").append(this.rootCertFile).toString());
            }
            this.unverifiedCerts = false;
        } else {
            if (LOG.isEnabledFor(Priority.INFO)) {
                LOG.info(new StringBuffer().append("Authorizing client, root = ").append(this.rootCertFile).toString());
            }
            this.clientAuthorization = true;
        }
        if (z) {
            if (LOG.isEnabledFor(Priority.INFO)) {
                LOG.info("TLS Client");
            }
            this.params = new JTlsParams();
            this.params.setClientParameters(this.rootCertFile, this.keyfile, this.passphrase, this.suites, this.unverifiedCerts, this.checkDates);
            this.which = 1;
        } else {
            if (LOG.isEnabledFor(Priority.INFO)) {
                LOG.info("TLS Server");
            }
            this.params = new JTlsParams();
            this.params.setServerParameters(this.rootCertFile, this.keyfile, this.dhfile, this.passphrase, this.clientAuthorization);
            this.which = 2;
        }
        if (!this.unverifiedCerts || this.clientAuthorization) {
            removeRootCertFile();
        }
        this.rootCertFile = null;
        this.jin = new JTlsInputStream(this);
        if (message != null) {
            this.jin.queueIncomingMessage(message);
        }
        this.jout = new JTlsOutputStream(this, tlsTransport, endpointAddress);
    }

    public void openTLSConnection() throws IOException {
        String protocolAddress = this.destAddr.getProtocolAddress();
        boolean z = this.which == 1;
        long j = 0;
        if (LOG.isEnabledFor(Priority.INFO)) {
            j = System.currentTimeMillis();
            LOG.info(new StringBuffer().append(z ? "Client:" : "Server:").append(" Handshake START").toString());
        }
        this.handshakeDone = false;
        this.ssls = new SSLSocket(this.params.getContext(), this.jin, this.jout, protocolAddress, 1376911, this.which);
        this.handshakeDone = true;
        if (LOG.isEnabledFor(Priority.INFO)) {
            LOG.info(new StringBuffer().append(z ? "Client:" : "Server:").append("Handshake DONE in ").append((System.currentTimeMillis() - j) / 1000).append(" secs\n").toString());
        }
        this.jin.setPlaintextInputStream(this.ssls);
        this.jout.setPlaintextOutputStream(this.ssls);
        this.readerThread = new ReadPlaintextMessage(this, this.jin, this.transport);
        if (LOG.isEnabledFor(Priority.INFO)) {
            LOG.info("TLS: Started plaintext reader thread");
        }
    }

    public void sendMessage(Message message) throws IOException {
        this.jout.writeMessage(message);
    }

    private void setPathnames() {
        JTlsUtil.getPCEPath();
        String pCERootPath = JTlsUtil.getPCERootPath();
        this.rootdir = pCERootPath;
        String pCEClientPath = JTlsUtil.getPCEClientPath();
        this.rootfile = new StringBuffer().append(pCERootPath).append("peer-root.pem").toString();
        this.keyfile = new StringBuffer().append(pCEClientPath).append("peer-service.pem").toString();
        this.ppPath = new StringBuffer().append(pCEClientPath).append("peer.phrase").toString();
        this.dhfile = null;
    }

    private String getRootCert(EndpointAddress endpointAddress) {
        String stringBuffer = new StringBuffer().append("urn:jxta:").append(endpointAddress.getProtocolAddress()).toString();
        try {
            Enumeration localAdvertisements = this.transport.getPeerGroup().getDiscoveryService().getLocalAdvertisements(0, "PID", stringBuffer);
            if (!localAdvertisements.hasMoreElements()) {
                if (!LOG.isEnabledFor(Priority.INFO)) {
                    return null;
                }
                LOG.info(new StringBuffer().append("getRootCert: enum is empty\n  PID = ").append(stringBuffer).toString());
                return null;
            }
            String stringBuffer2 = new StringBuffer().append((String) ((TextElement) ((PeerAdvertisement) localAdvertisements.nextElement()).getServiceParam(PeerGroup.peerGroupClassID).getChildren("RootCert").nextElement()).getValue()).append("\n").toString();
            String stringBuffer3 = new StringBuffer().append(this.rootdir).append(stringBuffer).append(".pem").toString();
            try {
                JTlsUtil.writeRootCert(stringBuffer2, stringBuffer3);
                return stringBuffer3;
            } catch (Exception e) {
                if (!LOG.isEnabledFor(Priority.WARN)) {
                    return null;
                }
                LOG.warn(new StringBuffer().append("genRootCert, Exception: ").append(e.getMessage()).toString());
                return null;
            }
        } catch (Exception e2) {
            if (!LOG.isEnabledFor(Priority.INFO)) {
                return null;
            }
            LOG.info(new StringBuffer().append("getRootCert, Exception: ").append(e2.getMessage()).toString());
            e2.printStackTrace();
            return null;
        }
    }

    private void removeRootCertFile() {
        File file = new File(this.rootCertFile);
        try {
            if (LOG.isEnabledFor(Priority.INFO)) {
                LOG.info(new StringBuffer().append("Removed ").append(this.rootCertFile).toString());
            } else {
                file.delete();
            }
        } catch (Exception e) {
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$jxta$impl$endpoint$tls$TlsConn == null) {
            cls = class$("net.jxta.impl.endpoint.tls.TlsConn");
            class$net$jxta$impl$endpoint$tls$TlsConn = cls;
        } else {
            cls = class$net$jxta$impl$endpoint$tls$TlsConn;
        }
        LOG = Category.getInstance(cls.getName());
    }
}
