package com.sansec.devicev4.crypto_hsm.sds.cmd.hsm.socket;

import ch.qos.logback.core.AsyncAppenderBase;
import com.sansec.devicev4.crypto_hsm.config.ConfigFile;
import com.sansec.devicev4.crypto_hsm.sds.cmd.hsm.socket.bean.HSMInfo;
import com.sansec.devicev4.crypto_hsm.sds.cmd.hsm.socket.bean.ReqLogin;
import com.sansec.devicev4.crypto_hsm.sds.cmd.hsm.socket.bean.RespHeader;
import com.sansec.devicev4.crypto_hsm.sds.cmd.hsm.socket.bean.Response;
import com.sansec.devicev4.gb.GBCMDConst_SWC;
import com.sansec.devicev4.log.CryptoLogger;
import com.sansec.devicev4.util.BytesUtil;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;

/* compiled from: HSMSocket.java from InputFileObject */
/* loaded from: input_file:BOOT-INF/lib/crypto-0.0.1-SNAPSHOT.jar:com/sansec/devicev4/crypto_hsm/sds/cmd/hsm/socket/HSMSocket.class */
public class HSMSocket implements HandshakeCompletedListener {
    private Logger logger;
    private String ip;
    private int port;
    private String passwd;
    private int connectTimeout;
    private int serviceTimeout;
    private int status;
    private Socket socket;
    private OutputStream out;
    private InputStream in;
    private boolean ssl;
    private String protocol;
    private String keyStore;
    private String keyStorePassword;
    private String keyStoreType;
    private String trustKeyStore;
    private String trustKeyStorePassword;
    private String trustKeyStoreType;
    private String includeCipherSuiteFilter;
    private String excludeCipherSuiteFilter;
    private int indexOfSession;

    public HSMSocket(String str, String str2, int i, int i2, int i3) {
        this.logger = CryptoLogger.logger;
        this.status = 1;
        this.ssl = false;
        this.protocol = null;
        this.keyStore = null;
        this.keyStorePassword = null;
        this.keyStoreType = null;
        this.trustKeyStore = null;
        this.trustKeyStorePassword = null;
        this.trustKeyStoreType = null;
        this.includeCipherSuiteFilter = null;
        this.excludeCipherSuiteFilter = null;
        this.indexOfSession = 0;
        this.ip = str;
        this.passwd = str2;
        this.port = i;
        this.connectTimeout = i2;
        this.serviceTimeout = i3;
        this.ssl = false;
        this.indexOfSession = 1;
    }

    public HSMSocket(ConfigFile configFile, HSMInfo hSMInfo, int i, String str, String str2, String str3) {
        this.logger = CryptoLogger.logger;
        this.status = 1;
        this.ssl = false;
        this.protocol = null;
        this.keyStore = null;
        this.keyStorePassword = null;
        this.keyStoreType = null;
        this.trustKeyStore = null;
        this.trustKeyStorePassword = null;
        this.trustKeyStoreType = null;
        this.includeCipherSuiteFilter = null;
        this.excludeCipherSuiteFilter = null;
        this.indexOfSession = 0;
        this.ip = hSMInfo.getIp();
        this.passwd = hSMInfo.getConnectPwd();
        if (str != null && str.trim().length() != 0) {
            this.passwd = str;
        }
        if (this.passwd == null || this.passwd.trim().length() == 0) {
            throw new RuntimeException("HSM password cannot be null");
        }
        this.port = hSMInfo.getPort();
        this.connectTimeout = configFile.getConnectTimeout();
        this.serviceTimeout = configFile.getServiceTimeout();
        this.ssl = configFile.isSsl();
        this.protocol = configFile.getProtocol();
        this.keyStore = configFile.getKeyStore();
        this.keyStorePassword = configFile.getKeyStorePassword();
        if (str2 != null) {
            this.keyStorePassword = str2;
        }
        if (this.ssl && (this.keyStorePassword == null || this.keyStorePassword.trim().length() == 0)) {
            throw new RuntimeException("KeyStore password cannot be null");
        }
        this.keyStoreType = configFile.getKeyStoreType();
        this.trustKeyStore = configFile.getTrustKeyStore();
        this.trustKeyStorePassword = configFile.getTrustKeyStorePassword();
        if (str3 != null) {
            this.trustKeyStorePassword = str3;
        }
        if (this.ssl && (this.trustKeyStorePassword == null || this.trustKeyStorePassword.trim().length() == 0)) {
            throw new RuntimeException("TrustKeyStore password cannot be null");
        }
        this.trustKeyStoreType = configFile.getTrustKeyStoreType();
        this.includeCipherSuiteFilter = configFile.getIncludeCipherSuiteFilter();
        this.excludeCipherSuiteFilter = configFile.getExcludeCipherSuiteFilter();
        this.indexOfSession = i;
    }

    public int getIndexOfSession() {
        return this.indexOfSession;
    }

    public void repair(long j) throws HSMSocketException {
        if (this.logger.isLoggable(Level.FINER)) {
            this.logger.finer("-> repair()...");
        }
        close();
        login();
        if (this.logger.isLoggable(Level.FINER)) {
            this.logger.finer("<- repair() end");
        }
    }

    public Response sendAndReceive(byte[] bArr) throws HSMSocketException {
        if (this.logger.isLoggable(Level.FINER)) {
            this.logger.finer("-> sendAndReceive()...");
        }
        if (this.logger.isLoggable(Level.FINEST)) {
            this.logger.finest("=> command=" + BytesUtil.bytes2hex(bArr));
        }
        boolean z = false;
        try {
            if (this.in.available() > 0) {
                z = true;
            }
        } catch (Exception e) {
        }
        if (this.logger.isLoggable(Level.FINEST)) {
            this.logger.finest("=> doReapir=" + z);
            this.logger.finest("=> socket.isClosed()=" + this.socket.isClosed());
            this.logger.finest("=> socket.isConnected()=" + this.socket.isConnected());
        }
        if (z || this.socket.isClosed() || !this.socket.isConnected()) {
            repair(Thread.currentThread().getId());
        }
        try {
            this.out.write(bArr);
            this.out.flush();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                byte[] bArr2 = new byte[12];
                int read = this.in.read(bArr2, 0, bArr2.length);
                if (bArr2.length != read) {
                    throw new HSMSocketException("Read return header error,retLen=" + read + ",buf=" + BytesUtil.bytes2hex(bArr2));
                }
                byteArrayOutputStream.write(bArr2);
                RespHeader respHeader = new RespHeader(bArr2);
                int totalLength = respHeader.getTotalLength() - respHeader.size();
                byte[] bArr3 = new byte[totalLength > 8000 ? GBCMDConst_SWC.MAX_BUFFER_SIZE : totalLength];
                while (totalLength > 0) {
                    int read2 = this.in.read(bArr3, 0, bArr3.length);
                    if (read2 == -1) {
                        throw new HSMSocketException("Read response error");
                    }
                    byteArrayOutputStream.write(bArr3, 0, read2);
                    totalLength -= read2;
                }
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                if (this.logger.isLoggable(Level.FINEST)) {
                    this.logger.finest("=> response=" + BytesUtil.bytes2hex(byteArray));
                }
                if (this.logger.isLoggable(Level.FINER)) {
                    this.logger.finer("<- sendAndReceive() end");
                }
                return new Response(byteArray);
            } catch (Exception e2) {
                throw new HSMSocketException("Read return response failed[ " + e2.getMessage() + " ]", e2);
            }
        } catch (Exception e3) {
            if (this.logger.isLoggable(Level.SEVERE)) {
                this.logger.log(Level.SEVERE, "Write command to out error", (Throwable) e3);
            }
            throw new HSMSocketException("Send command failed[ " + e3.getMessage() + " ]", e3);
        }
    }

    public void login() throws HSMSocketException {
        this.logger.finer("-> login()...");
        this.logger.finest("=> ip=" + this.ip);
        this.logger.finest("=> port=" + this.port);
        this.logger.finest("=> status=" + this.status);
        this.logger.finest("=> connectTimeout=" + this.connectTimeout);
        this.logger.finest("=> serviceTimeout=" + this.serviceTimeout);
        ReqLogin reqLogin = new ReqLogin();
        reqLogin.setConnectPwd(this.passwd.getBytes());
        byte[] encode = reqLogin.encode();
        try {
            this.socket = createSocket();
            this.socket.setReceiveBufferSize(16384);
            this.socket.setSendBufferSize(16384);
            this.socket.setTcpNoDelay(true);
            this.socket.connect(new InetSocketAddress(this.ip, this.port), this.connectTimeout * AsyncAppenderBase.DEFAULT_MAX_FLUSH_TIME);
            this.socket.setSoTimeout(this.serviceTimeout * AsyncAppenderBase.DEFAULT_MAX_FLUSH_TIME);
            this.socket.setKeepAlive(true);
            this.in = this.socket.getInputStream();
            this.out = this.socket.getOutputStream();
        } catch (IOException e) {
            close();
            if (this.logger.isLoggable(Level.FINER)) {
                this.logger.log(Level.FINER, "The first connection to hsm failed, try again...", (Throwable) e);
            }
            try {
                this.socket = createSocket();
                this.socket.setReceiveBufferSize(16384);
                this.socket.setSendBufferSize(16384);
                this.socket.setTcpNoDelay(true);
                this.socket.connect(new InetSocketAddress(this.ip, this.port), AsyncAppenderBase.DEFAULT_MAX_FLUSH_TIME);
                this.socket.setSoTimeout(this.serviceTimeout * AsyncAppenderBase.DEFAULT_MAX_FLUSH_TIME);
                this.socket.setKeepAlive(true);
                this.in = this.socket.getInputStream();
                this.out = this.socket.getOutputStream();
            } catch (IOException e2) {
                close();
                throw new HSMSocketException("Try to connect to hsm failed again", e2);
            }
        }
        try {
            Response sendAndReceive = sendAndReceive(encode);
            if (sendAndReceive.getErrorCode() != 0) {
                close();
                throw new HSMSocketException("Socket[" + this + "] return [" + sendAndReceive.getErrorInfo() + "]");
            }
            this.status = 0;
            this.logger.finer("<- login() end");
        } catch (HSMSocketException e3) {
            close();
            throw new HSMSocketException("Send login request failed", e3);
        }
    }

    public void close() {
        this.logger.finer("-> close()...");
        try {
            if (this.in != null) {
                this.in.close();
                this.in = null;
            }
            if (this.out != null) {
                this.out.close();
                this.out = null;
            }
            if (this.socket != null) {
                this.socket.close();
                this.socket = null;
            }
        } catch (Exception e) {
        }
        this.logger.finer("<- close() end");
    }

    public String toString() {
        return this.socket == null ? "[IP=" + this.ip + ",Port=" + this.port + "]" : this.socket.toString();
    }

    public String getIp() {
        return this.ip;
    }

    public int getStatus() {
        return this.status;
    }

    public void setStatus(int i) {
        this.status = i;
    }

    public int getConnectTimeout() {
        return this.connectTimeout;
    }

    public Logger getLogger() {
        return this.logger;
    }

    public int getPort() {
        return this.port;
    }

    public String getPasswd() {
        return this.passwd;
    }

    public int getServiceTimeout() {
        return this.serviceTimeout;
    }

    public Socket getSocket() {
        return this.socket;
    }

    public OutputStream getOut() {
        return this.out;
    }

    public InputStream getIn() {
        return this.in;
    }

    public boolean isSsl() {
        return this.ssl;
    }

    public String getProtocol() {
        return this.protocol;
    }

    public String getKeyStore() {
        return this.keyStore;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    public String getTrustKeyStore() {
        return this.trustKeyStore;
    }

    public String getTrustKeyStorePassword() {
        return this.trustKeyStorePassword;
    }

    public String getTrustKeyStoreType() {
        return this.trustKeyStoreType;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v56, types: [java.net.Socket] */
    private Socket createSocket() throws HSMSocketException {
        SSLSocket sSLSocket;
        if (this.ssl) {
            try {
                SSLSocket sSLSocket2 = (SSLSocket) TLSManagers.getSSLContext(this.protocol, this.keyStoreType, this.keyStore, this.keyStorePassword, this.trustKeyStoreType, this.trustKeyStore, this.trustKeyStorePassword).getSocketFactory().createSocket();
                sSLSocket2.setEnabledProtocols(new String[]{this.protocol});
                ArrayList arrayList = new ArrayList();
                String[] supportedCipherSuites = sSLSocket2.getSupportedCipherSuites();
                if (this.includeCipherSuiteFilter != null && !this.includeCipherSuiteFilter.equals("")) {
                    for (String str : supportedCipherSuites) {
                        if (isMatch(this.includeCipherSuiteFilter, str)) {
                            arrayList.add(str);
                        }
                    }
                    supportedCipherSuites = (String[]) arrayList.toArray(new String[0]);
                }
                if (this.excludeCipherSuiteFilter != null && !this.excludeCipherSuiteFilter.equals("")) {
                    arrayList.clear();
                    for (String str2 : supportedCipherSuites) {
                        if (!isMatch(this.excludeCipherSuiteFilter, str2)) {
                            arrayList.add(str2);
                        }
                    }
                }
                if (!arrayList.isEmpty()) {
                    sSLSocket2.setEnabledCipherSuites((String[]) arrayList.toArray(new String[0]));
                }
                sSLSocket = sSLSocket2;
            } catch (Exception e) {
                throw new HSMSocketException("Create SSLSocket error :" + e.getMessage(), e);
            }
        } else {
            sSLSocket = new Socket();
        }
        return sSLSocket;
    }

    private boolean isMatch(String str, String str2) {
        return Pattern.matches(str, str2);
    }

    @Override // javax.net.ssl.HandshakeCompletedListener
    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
        if (this.logger.isLoggable(Level.INFO)) {
            try {
                this.logger.info("Use SSL protocol is " + handshakeCompletedEvent.getSession().getProtocol());
                this.logger.info("Use SSL cipher suite is " + handshakeCompletedEvent.getSession().getCipherSuite());
                X509Certificate x509Certificate = (X509Certificate) handshakeCompletedEvent.getPeerCertificates()[0];
                this.logger.info("Server certificate issuer is " + x509Certificate.getIssuerDN());
                this.logger.info("Server certificate subject is " + x509Certificate.getSubjectDN());
                X509Certificate x509Certificate2 = (X509Certificate) handshakeCompletedEvent.getLocalCertificates()[0];
                this.logger.info("Client certificate issuer is " + x509Certificate2.getIssuerDN());
                this.logger.info("Client certificate subject is " + x509Certificate2.getSubjectDN());
            } catch (SSLPeerUnverifiedException e) {
                if (this.logger.isLoggable(Level.SEVERE)) {
                    this.logger.severe("Get Server certifiacte error: " + e.getMessage());
                }
            }
        }
    }
}
