package utils.crypto.sm.tomcat.ssl;

import com.google.common.io.Resources;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import java.util.Vector;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import org.apache.juli.logging.Log;
import org.apache.tomcat.util.net.SSLContext;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.SSLUtilBase;
import org.apache.tomcat.util.res.StringManager;
import utils.crypto.sm.GmSSLProvider;

/* loaded from: input_file:utils/crypto/sm/tomcat/ssl/GMUtil.class */
public class GMUtil extends SSLUtilBase {
    public static final boolean DEBUG = false;
    private static final StringManager sm = StringManager.getManager(GMUtil.class);
    private static final Set<String> implementedProtocols;
    private static final Set<String> implementedCiphers;
    private SSLHostConfigCertificate conf;

    public GMUtil(SSLHostConfigCertificate sSLHostConfigCertificate) {
        this(sSLHostConfigCertificate, true);
    }

    public GMUtil(SSLHostConfigCertificate sSLHostConfigCertificate, boolean z) {
        super(sSLHostConfigCertificate, z);
        this.conf = null;
        this.conf = sSLHostConfigCertificate;
    }

    public KeyManager[] getKeyManagers() throws Exception {
        String certificateKeystoreFile = this.conf.getCertificateKeystoreFile();
        String certificateKeystorePassword = this.conf.getCertificateKeystorePassword();
        String certificateKeystoreType = this.conf.getCertificateKeystoreType();
        this.conf.getSSLHostConfig().getCiphers();
        KeyManager[] keyManagerArr = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(certificateKeystoreType);
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream(certificateKeystoreFile);
            if (resourceAsStream == null) {
                resourceAsStream = Resources.asByteSource(new URL(certificateKeystoreFile)).openStream();
            }
            keyStore.load(resourceAsStream, certificateKeystorePassword.toCharArray());
            if (keyStore != null) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509", GmSSLProvider.GM_PROVIDER);
                keyManagerFactory.init(keyStore, certificateKeystorePassword.toCharArray());
                keyManagerArr = keyManagerFactory.getKeyManagers();
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return keyManagerArr;
    }

    public TrustManager[] getTrustManagers() throws Exception {
        return new TrustManager[]{new GMTrustManager()};
    }

    protected Set<String> getImplementedProtocols() {
        return implementedProtocols;
    }

    protected Set<String> getImplementedCiphers() {
        return implementedCiphers;
    }

    public String[] getEnabledProtocols() {
        String[] enabledProtocols = super.getEnabledProtocols();
        String[] strArr = new String[enabledProtocols.length + 2];
        for (int i = 0; i < enabledProtocols.length; i++) {
            strArr[i] = enabledProtocols[i];
        }
        strArr[enabledProtocols.length] = GmSSLProvider.GMTLS;
        strArr[enabledProtocols.length + 1] = "TLSv1.2";
        return strArr;
    }

    public String[] getEnabledCiphers() {
        String[] enabledCiphers = super.getEnabledCiphers();
        Vector vector = new Vector();
        for (int i = 0; i < enabledCiphers.length; i++) {
            if (enabledCiphers[i].indexOf("ECDSA") == -1 && enabledCiphers[i].indexOf("_DSS_") == -1) {
                vector.addElement(enabledCiphers[i]);
            }
        }
        this.conf.getSSLHostConfig().getCipherList();
        this.conf.getSSLHostConfig().getCiphers();
        vector.addElement("SSL_RSA_WITH_3DES_EDE_CBC_SHA");
        vector.addElement("TLS_RSA_WITH_AES_128_CBC_SHA256");
        vector.addElement("ECC_SM4_GCM_SM3");
        vector.addElement(GmSSLProvider.ECC_SM4_CBC_SM_3);
        vector.addElement("ECDHE_SM4_GCM_SM3");
        vector.addElement("ECDHE_SM4_CBC_SM3");
        String[] strArr = new String[vector.size()];
        for (int i2 = 0; i2 < vector.size(); i2++) {
            strArr[i2] = (String) vector.elementAt(i2);
        }
        return strArr;
    }

    protected boolean isTls13RenegAuthAvailable() {
        return false;
    }

    public SSLContext createSSLContextInternal(List<String> list) throws Exception {
        return new GMSSLContext(this.sslHostConfig.getSslProtocol());
    }

    protected Log getLog() {
        return new Log() { // from class: utils.crypto.sm.tomcat.ssl.GMUtil.1
            public boolean isDebugEnabled() {
                return false;
            }

            public boolean isErrorEnabled() {
                return false;
            }

            public boolean isFatalEnabled() {
                return false;
            }

            public boolean isInfoEnabled() {
                return false;
            }

            public boolean isTraceEnabled() {
                return false;
            }

            public boolean isWarnEnabled() {
                return false;
            }

            public void trace(Object obj) {
            }

            public void trace(Object obj, Throwable th) {
            }

            public void debug(Object obj) {
            }

            public void debug(Object obj, Throwable th) {
            }

            public void info(Object obj) {
            }

            public void info(Object obj, Throwable th) {
            }

            public void warn(Object obj) {
            }

            public void warn(Object obj, Throwable th) {
            }

            public void error(Object obj) {
            }

            public void error(Object obj, Throwable th) {
            }

            public void fatal(Object obj) {
            }

            public void fatal(Object obj, Throwable th) {
            }
        };
    }

    static {
        try {
            GMSSLContext gMSSLContext = new GMSSLContext(GmSSLProvider.GMTLS);
            gMSSLContext.init((KeyManager[]) null, (TrustManager[]) null, (SecureRandom) null);
            String[] protocols = gMSSLContext.getSupportedSSLParameters().getProtocols();
            implementedProtocols = new HashSet(protocols.length);
            for (String str : protocols) {
                String upperCase = str.toUpperCase(Locale.ENGLISH);
                if ("SSLV2HELLO".equals(upperCase) || "SSLV3".equals(upperCase) || !upperCase.contains("SSL")) {
                    implementedProtocols.add(str);
                }
            }
            String[] cipherSuites = gMSSLContext.getSupportedSSLParameters().getCipherSuites();
            implementedCiphers = new HashSet(cipherSuites.length);
            implementedCiphers.addAll(Arrays.asList(cipherSuites));
        } catch (Exception e) {
            e.printStackTrace();
            throw new IllegalArgumentException(e);
        }
    }
}
