package com.xdja.pki.gmssl.hsm.server.config;

import com.xdja.pki.gmssl.crypto.init.GMSSLHSMConstants;
import java.io.File;
import org.apache.catalina.connector.Connector;
import org.apache.http.HttpHost;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;

@EnableConfigurationProperties({TomcatGMSSLConnectorProperties.class})
@Configuration
@PropertySource(value = {"classpath:/tomcat.gmssl.properties"}, ignoreResourceNotFound = true)
/* loaded from: input_file:BOOT-INF/classes/com/xdja/pki/gmssl/hsm/server/config/TomcatGMSSLConfig.class */
public class TomcatGMSSLConfig {

    @ConfigurationProperties(prefix = "tomcat.gmssl")
    /* loaded from: input_file:BOOT-INF/classes/com/xdja/pki/gmssl/hsm/server/config/TomcatGMSSLConfig$TomcatGMSSLConnectorProperties.class */
    public static class TomcatGMSSLConnectorProperties {
        private String protocol = "org.apache.coyote.http11.Http11NioProtocol";
        private Integer port = 8443;
        private File keystore;
        private String keystorePassword;
        private File truststore;
        private String truststorePassword;
        private String clientAuth;

        public String getProtocol() {
            return this.protocol;
        }

        public void setProtocol(String str) {
            this.protocol = str;
        }

        public Integer getPort() {
            return this.port;
        }

        public void setPort(Integer num) {
            this.port = num;
        }

        public File getKeystore() {
            return this.keystore;
        }

        public void setKeystore(File file) {
            this.keystore = file;
        }

        public String getKeystorePassword() {
            return this.keystorePassword;
        }

        public void setKeystorePassword(String str) {
            this.keystorePassword = str;
        }

        public File getTruststore() {
            return this.truststore;
        }

        public void setTruststore(File file) {
            this.truststore = file;
        }

        public String getTruststorePassword() {
            return this.truststorePassword;
        }

        public void setTruststorePassword(String str) {
            this.truststorePassword = str;
        }

        public String getClientAuth() {
            return this.clientAuth;
        }

        public void setClientAuth(String str) {
            this.clientAuth = str;
        }
    }

    @Bean
    public TomcatServletWebServerFactory servletContainer(TomcatGMSSLConnectorProperties tomcatGMSSLConnectorProperties) {
        TomcatServletWebServerFactory tomcatServletWebServerFactory = new TomcatServletWebServerFactory();
        if (tomcatGMSSLConnectorProperties != null) {
            tomcatServletWebServerFactory.addAdditionalTomcatConnectors(httpsConnector(tomcatGMSSLConnectorProperties));
        }
        return tomcatServletWebServerFactory;
    }

    private Connector httpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme(HttpHost.DEFAULT_SCHEME_NAME);
        connector.setPort(8080);
        connector.setSecure(false);
        connector.setRedirectPort(8443);
        return connector;
    }

    private Connector httpsConnector(TomcatGMSSLConnectorProperties tomcatGMSSLConnectorProperties) {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setPort(tomcatGMSSLConnectorProperties.port.intValue());
        connector.setScheme("https");
        connector.setSecure(true);
        connector.setAttribute("SSLEnabled", true);
        connector.setAttribute("clientAuth", tomcatGMSSLConnectorProperties.getClientAuth());
        connector.setAttribute("sslProtocol", GMSSLHSMConstants.SSL_PROTOCOL);
        connector.setAttribute("keystorePass", tomcatGMSSLConnectorProperties.getKeystorePassword());
        connector.setAttribute("keystoreFile", tomcatGMSSLConnectorProperties.getKeystore().getAbsolutePath());
        connector.setAttribute("keystoreProvider", "BC");
        connector.setAttribute("keystoreType", "BKS");
        connector.setAttribute("truststorePass", tomcatGMSSLConnectorProperties.getTruststorePassword());
        connector.setAttribute("truststoreFile", tomcatGMSSLConnectorProperties.getTruststore().getAbsolutePath());
        connector.setAttribute("truststoreProvider", "BC");
        connector.setAttribute("truststoreType", "BKS");
        connector.setProperty("sslImplementationName", "com.xdja.pki.gmssl.tomcat.plugin.XDJAJSSEImplementation");
        return connector;
    }
}
