package cgl.narada.transport.ssl;

import cgl.narada.test.NTLMTest;
import cgl.narada.transport.AccessDeniedException;
import cgl.narada.transport.TransportException;
import cgl.narada.transport.sslHttpBase.TransportImpl;
import cgl.narada.util.Base64;
import cgl.narada.util.Log;
import cgl.narada.util.ntlm.NTLMAuthen;
import com.sun.net.ssl.internal.ssl.Provider;
import com.twmacinta.util.MD5;
import digestauth.DigestAuthen;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.Socket;
import java.security.Security;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Properties;
import java.util.Random;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.apache.commons.httpclient.ConnectMethod;
import org.exolab.castor.persist.spi.QueryExpression;

/* loaded from: input_file:WEB-INF/lib/NaradaBrokering.jar:cgl/narada/transport/ssl/SSLTransportJSSEImpl.class */
public class SSLTransportJSSEImpl extends TransportImpl implements SSLTransport {
    private static final int MAX_PAYLOAD_SIZE = 10000000;
    private static final String NARADA_USER_AGENT = "Narada SSL";
    private String m_host;
    private int m_port;
    private String m_domain;
    private String m_hostname;
    private String m_proxyHost;
    private int m_proxyPort;
    private Socket m_socket;
    private boolean m_ioerror;
    private SSLSocketFactory m_sslFactory;
    private static final int DIGEST_REALM = 0;
    private static final int DIGEST_METHOD = 1;
    private static final int DIGEST_NONCE = 2;
    private String m_username;
    private String m_password;
    private static Random s_rand = new Random(System.currentTimeMillis());

    public SSLTransportJSSEImpl() {
        this.m_host = null;
        this.m_port = 443;
        this.m_domain = "";
        this.m_hostname = "";
        this.m_proxyHost = null;
        this.m_proxyPort = 0;
        this.m_socket = null;
        this.m_ioerror = false;
        this.m_sslFactory = null;
        this.m_username = System.getProperty("user.name");
        this.m_password = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSLTransportJSSEImpl(Socket socket) {
        this.m_host = null;
        this.m_port = 443;
        this.m_domain = "";
        this.m_hostname = "";
        this.m_proxyHost = null;
        this.m_proxyPort = 0;
        this.m_socket = null;
        this.m_ioerror = false;
        this.m_sslFactory = null;
        this.m_username = System.getProperty("user.name");
        this.m_password = null;
        this.m_socket = socket;
        try {
            start();
        } catch (IOException e) {
            Log.err("SSLTrasportJSSEImpl", "Unable to start send/receive thread");
        }
    }

    @Override // cgl.narada.transport.sslHttpBase.Transport
    public boolean isConnected() {
        return this.m_socket != null;
    }

    @Override // cgl.narada.transport.sslHttpBase.Transport
    public boolean isInErrorState() {
        return this.m_ioerror;
    }

    @Override // cgl.narada.transport.sslHttpBase.Transport
    public String getType() {
        return "ssl";
    }

    @Override // cgl.narada.transport.sslHttpBase.Transport
    public void setProperties(Properties properties) {
        Properties properties2 = System.getProperties();
        String property = properties.getProperty("truststore");
        if (property != null && property.length() > 0) {
            properties2.put("javax.net.ssl.trustStore", property);
            Log.log("SSLTransport_JSSE", new StringBuffer().append("Setting truststore to ").append(property).toString());
        }
        String property2 = properties.getProperty("keystore");
        if (property2 != null && property2.length() > 0) {
            properties2.put("javax.net.ssl.keyStore", property2);
            Log.log("SSLTransport_JSSE", new StringBuffer().append("Setting keystore to ").append(property2).toString());
        }
        String property3 = properties.getProperty("keystorePassword");
        if (property3 != null && property3.length() > 0) {
            properties2.put("javax.net.ssl.keyStorePassword", property3);
            Log.log("SSLTransport_JSSE", new StringBuffer().append("Setting keystore password to ").append(property3).toString());
        }
        String property4 = properties.getProperty("truststorePassword");
        if (property4 != null && property4.length() > 0) {
            properties2.put("javax.net.ssl.trustStorePassword", property4);
            Log.log("SSLTransport_JSSE", new StringBuffer().append("Setting truststore password to ").append(property4).toString());
        }
        String property5 = properties.getProperty("https.proxyHost");
        if (property5 == null || property5.length() <= 0) {
            String property6 = System.getProperty("https.proxyHost");
            if (property6 != null && property6.length() > 0) {
                this.m_proxyHost = property6;
                this.m_proxyPort = NTLMTest.PROXY_PORT;
            }
        } else {
            this.m_proxyHost = property5;
            this.m_proxyPort = NTLMTest.PROXY_PORT;
        }
        String property7 = properties.getProperty("username");
        if (property7 != null && property7.length() > 0) {
            this.m_username = property7;
            Log.log("SSLTransport_JSSE", new StringBuffer().append("Setting account name to: ").append(this.m_username).toString());
        }
        String property8 = properties.getProperty("password");
        if (property8 != null && property8.length() > 0) {
            this.m_password = property8;
        }
        String property9 = properties.getProperty("secure");
        if (property9 == null || !property9.equalsIgnoreCase("true")) {
            Log.debug("SSLTransport_JSSE", "Setting to unsecure mode");
        } else {
            Security.addProvider(new Provider());
            this.m_sslFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            Log.debug("SSLTransport_JSSE", "Setting to secure mode");
        }
        System.setProperties(properties2);
        String property10 = properties.getProperty("host");
        if (property10 != null && property10.length() > 0) {
            this.m_host = property10;
            Log.debug("SSLTransport_JSSE", new StringBuffer().append("Will connect to host: ").append(this.m_host).toString());
        }
        try {
            this.m_port = Integer.parseInt(properties.getProperty("port"));
        } catch (Exception e) {
        }
        Log.debug("SSLTransport_JSSE", new StringBuffer().append("Will connect to port: ").append(this.m_port).toString());
        String property11 = properties.getProperty("domain");
        if (property11 != null) {
            this.m_domain = property11;
        }
        Log.debug("SSLTransport_JSSE", new StringBuffer().append("Domain set to: ").append(this.m_domain).toString());
        String property12 = properties.getProperty("hostname");
        if (property12 != null) {
            this.m_hostname = property12;
        }
        Log.debug("SSLTransport_JSSE", new StringBuffer().append("Local Hostname set to: ").append(this.m_hostname).toString());
        String property13 = properties.getProperty("https.proxyPort");
        if (property13 == null || property13.length() <= 0) {
            String property14 = System.getProperty("https.proxyPort");
            if (property14 != null && property14.length() > 0) {
                try {
                    this.m_proxyPort = Integer.parseInt(property14);
                } catch (NumberFormatException e2) {
                    Log.err("SSLTransport_JSSE", new StringBuffer().append("Illegal HTTPS proxy port number ").append(property14).append(" found. Using default of ").append(this.m_proxyPort).toString());
                }
            }
        } else {
            try {
                this.m_proxyPort = Integer.parseInt(property13);
            } catch (NumberFormatException e3) {
                Log.err("SSLTransport_JSSE", new StringBuffer().append("Illegal HTTPS proxy port number ").append(property13).append(" specified. Using default of ").append(this.m_proxyPort).toString());
            }
        }
        if (this.m_proxyHost != null) {
            Log.log("SSLTransport_JSSE", new StringBuffer().append("Using HTTPS proxy @ ").append(this.m_proxyHost).append(":").append(this.m_proxyPort).toString());
        }
    }

    @Override // cgl.narada.transport.sslHttpBase.Transport
    public void connect() throws TransportException {
        if (this.m_host == null) {
            throw new TransportException("Unspecified endpoint host");
        }
        connect(this.m_host, this.m_port);
    }

    @Override // cgl.narada.transport.ssl.SSLTransport
    public void connect(String str, int i) throws TransportException {
        try {
            if (this.m_proxyHost != null) {
                this.m_socket = new Socket(this.m_proxyHost, this.m_proxyPort);
                Log.debug("SSLTransport_JSSE", new StringBuffer().append("Connected to proxy @ ").append(this.m_proxyHost).append(":").append(this.m_proxyPort).toString());
            } else {
                this.m_socket = new Socket(str, i);
                Log.debug("SSLTransport_JSSE", new StringBuffer().append("Connected to server @: ").append(str).append(":").append(i).toString());
            }
            if (this.m_proxyHost != null) {
                this.m_socket = doProxyConnect(this.m_socket, str, i);
            }
            this.m_socket.setSoLinger(false, 0);
            this.m_socket.setTcpNoDelay(true);
            if (this.m_sslFactory != null) {
                this.m_socket = setupSSL(this.m_socket, str, i);
                Log.debug("SSLTransport_JSSE", new StringBuffer().append("Completed SSL handshake to ").append(str).append(":").append(i).toString());
            }
            start();
        } catch (IOException e) {
            throw new TransportException(new StringBuffer().append("IOError: ").append(e.getMessage()).toString());
        }
    }

    @Override // cgl.narada.transport.ssl.SSLTransport
    public void connect(String str) throws TransportException {
        connect(str, 443);
    }

    @Override // cgl.narada.transport.sslHttpBase.Transport
    public synchronized void disconnect() throws IOException {
        if (this.m_socket != null) {
            stop();
            this.m_socket.close();
            this.m_socket = null;
        }
    }

    @Override // cgl.narada.transport.sslHttpBase.Transport
    public boolean isSecure() {
        return this.m_sslFactory != null;
    }

    public String toString() {
        return this.m_host != null ? new StringBuffer().append("=>").append(this.m_host).append(":").append(this.m_port).toString() : new StringBuffer().append(QueryExpression.OpLessEquals).append(this.m_socket.getInetAddress().getHostName()).append(":").append(this.m_socket.getLocalPort()).toString();
    }

    protected void throwBadConnectionException() throws IOException {
        if (!this.m_ioerror) {
            throw new IOException("Connection closed");
        }
        throw new IOException("Connection in error state.  disconnected");
    }

    @Override // cgl.narada.transport.sslHttpBase.TransportImpl
    protected void sendDataImmediately(byte[] bArr) throws IOException {
        if (this.m_socket == null) {
            throwBadConnectionException();
        }
        OutputStream outputStream = this.m_socket.getOutputStream();
        outputStream.write(TransportImpl.intToBytes(bArr.length));
        outputStream.write(bArr);
        outputStream.flush();
    }

    @Override // cgl.narada.transport.sslHttpBase.TransportImpl
    protected byte[] receiveDataImmediately() throws IOException {
        if (this.m_socket == null) {
            throwBadConnectionException();
        }
        InputStream inputStream = this.m_socket.getInputStream();
        int bytesToInt = TransportImpl.bytesToInt(readBytes(inputStream, 4));
        if (bytesToInt > MAX_PAYLOAD_SIZE) {
            throw new IOException(new StringBuffer().append("Bad size or payload too large: ").append(bytesToInt).toString());
        }
        return readBytes(inputStream, bytesToInt);
    }

    @Override // cgl.narada.transport.sslHttpBase.TransportImpl
    protected void handleReceiveException(Exception exc) {
        try {
            this.m_ioerror = true;
            disconnect();
        } catch (IOException e) {
        }
    }

    @Override // cgl.narada.transport.sslHttpBase.TransportImpl
    protected void handleSendException(Exception exc) {
        try {
            this.m_ioerror = true;
            disconnect();
        } catch (IOException e) {
        }
    }

    private byte[] readBytes(InputStream inputStream, int i) throws IOException {
        byte[] bArr = new byte[i];
        int i2 = i;
        while (true) {
            int read = inputStream.read(bArr, i - i2, i2);
            if (read >= i2) {
                return bArr;
            }
            if (read < 0) {
                throw new IOException(new StringBuffer().append("Stream terminated before chunk can be fully read[size=").append(i).append("]").toString());
            }
            i2 -= read;
        }
    }

    private SSLSocket setupSSL(Socket socket, String str, int i) throws IOException {
        long currentTimeMillis = System.currentTimeMillis();
        SSLSocket sSLSocket = (SSLSocket) this.m_sslFactory.createSocket(socket, str, i, true);
        Log.perf("SSLTransport_JSSE", new StringBuffer().append("Took ").append(System.currentTimeMillis() - currentTimeMillis).append(" ms to create SSL socket instance").toString());
        sSLSocket.addHandshakeCompletedListener(new HandshakeCompletedListener(this, System.currentTimeMillis()) { // from class: cgl.narada.transport.ssl.SSLTransportJSSEImpl.1
            private final long val$handshakeTime;
            private final SSLTransportJSSEImpl this$0;

            {
                this.this$0 = this;
                this.val$handshakeTime = r6;
            }

            @Override // javax.net.ssl.HandshakeCompletedListener
            public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                Log.debug("SSLTransport_JSSE", new StringBuffer().append("Handshake finished: ").append(System.currentTimeMillis() - this.val$handshakeTime).append(" ms").toString());
                Log.debug("SSLTransport_JSSE", new StringBuffer().append("\t CipherSuite:").append(handshakeCompletedEvent.getCipherSuite()).toString());
                Log.debug("SSLTransport_JSSE", new StringBuffer().append("\t SessionId ").append(handshakeCompletedEvent.getSession()).toString());
                Log.debug("SSLTransport_JSSE", new StringBuffer().append("\t PeerHost ").append(handshakeCompletedEvent.getSession().getPeerHost()).toString());
            }
        });
        sSLSocket.startHandshake();
        return sSLSocket;
    }

    private Socket doProxyConnect(Socket socket, String str, int i) throws AccessDeniedException, IOException {
        return doProxyConnect(socket, str, i, null);
    }

    private Socket doProxyConnect(Socket socket, String str, int i, String str2) throws AccessDeniedException, IOException {
        String lowerCase = sendConnectCommand(str2, str, i, socket.getInputStream(), socket.getOutputStream()).toLowerCase();
        if (lowerCase.indexOf("200 connection established") >= 0) {
            Log.debug("SSLTransport_JSSE", "Proxy tunnel established");
            Log.debug("SSLTransport_JSSE", "Proxy tunnel established");
            return socket;
        }
        if (lowerCase.indexOf("407 proxy authentication required") < 0) {
            throw new IOException(new StringBuffer().append("Unable to tunnel through .  Proxy returns \"").append(lowerCase).append("\"").toString());
        }
        if (str2 != null) {
            throw new AccessDeniedException(new StringBuffer().append("Authorization failed: ").append(lowerCase).toString());
        }
        socket.close();
        Socket socket2 = new Socket(this.m_proxyHost, this.m_proxyPort);
        doUserAuthentication(socket2, str, i, lowerCase);
        return socket2;
    }

    private void doUserAuthentication(Socket socket, String str, int i, String str2) throws AccessDeniedException, IOException {
        if (this.m_username == null || this.m_password == null) {
            throw new AccessDeniedException(new StringBuffer().append("Authorization to proxy required.  No username/password set: ").append(str2).toString());
        }
        new Vector();
        boolean z = false;
        int indexOf = str2.indexOf("proxy-authenticate: ");
        while (true) {
            int i2 = indexOf;
            if (z || i2 < 0) {
                break;
            }
            int indexOf2 = str2.indexOf("\n", i2);
            if (indexOf2 < 0) {
                indexOf2 = str2.length();
            }
            String substring = str2.substring(i2, indexOf2);
            StringTokenizer stringTokenizer = new StringTokenizer(substring);
            stringTokenizer.nextToken();
            String lowerCase = stringTokenizer.nextToken().toLowerCase();
            try {
                if (lowerCase.equals("basic")) {
                    Log.debug("SSLTransport_JSSE", "Responding to Basic.");
                    doProxyConnect(socket, str, i, new StringBuffer().append(new StringBuffer().append("Proxy-Authorization: ").append("Basic ").toString()).append(Base64.encodeString(new StringBuffer().append(this.m_username).append(":").append(this.m_password).toString())).toString());
                    z = true;
                } else if (lowerCase.equals("digest")) {
                    Log.debug("SSLTransport_JSSE", "Responding to Digest.");
                    doProxyConnect(socket, str, i, new StringBuffer().append("Proxy-Authorization: ").append(constructDigestResponse(substring, str, i)).toString());
                    z = true;
                } else if (lowerCase.equals("ntlm")) {
                    Log.debug("SSLTransport_JSSE", "Responding to NTLM");
                    doNTLMAuthentication(socket, str, i);
                    z = true;
                } else {
                    Log.debug("SSLTransport_JSSE", new StringBuffer().append("Unsupported authentication type: ").append(lowerCase).toString());
                }
            } catch (Exception e) {
                Log.debug("SSLTransport_JSSE", new StringBuffer().append("Invalid authentication: ").append(e.getMessage()).toString());
            }
            indexOf = str2.indexOf("proxy-authenticate: ", i2 + 1);
        }
        if (!z) {
            throw new AccessDeniedException("Unable to successfully authenticate");
        }
    }

    private Socket doNTLMAuthentication(Socket socket, String str, int i) throws IOException {
        try {
            NTLMAuthen nTLMAuthen = new NTLMAuthen(this.m_domain, this.m_hostname, this.m_username, this.m_password);
            OutputStream outputStream = socket.getOutputStream();
            InputStream inputStream = socket.getInputStream();
            String extractField = extractField(sendConnectCommand(new StringBuffer().append("Proxy-Authorization: ").append(nTLMAuthen.generateNTLM1Header()).toString(), str, i, inputStream, outputStream), "proxy-authenticate: ");
            if (extractField.toLowerCase().indexOf("ntlm ") < 0) {
                throw new IOException(new StringBuffer().append("Invalid NTLM type 2 message response: ").append(extractField).toString());
            }
            nTLMAuthen.parseNTLM2Nonce(extractField);
            String sendConnectCommand = sendConnectCommand(new StringBuffer().append("Proxy-Authorization: ").append(nTLMAuthen.generateNTLM3Header()).toString(), str, i, inputStream, outputStream);
            if (sendConnectCommand.toLowerCase().indexOf("200 connection established") < 0) {
                throw new IOException(sendConnectCommand);
            }
            return socket;
        } catch (Exception e) {
            throw new IOException(new StringBuffer().append("NTLM Failed: ").append(e.getMessage()).toString());
        }
    }

    private String constructDigestResponse(String str, String str2, int i) throws IOException {
        String substring = str.substring(str.indexOf("digest ") + "digest ".length(), str.length());
        StringTokenizer stringTokenizer = new StringTokenizer(substring, ",");
        Vector vector = new Vector();
        while (stringTokenizer.hasMoreElements()) {
            vector.addElement(stringTokenizer.nextToken().trim());
        }
        Hashtable hashtable = new Hashtable();
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            String str3 = (String) elements.nextElement();
            int indexOf = str3.indexOf(QueryExpression.OpEquals);
            if (indexOf >= 0) {
                String substring2 = str3.substring(0, indexOf);
                String substring3 = str3.substring(indexOf + 1, str3.length());
                if (substring3.startsWith("\"") && substring3.endsWith("\"")) {
                    substring3 = substring3.substring(1, substring3.length() - 1);
                }
                hashtable.put(substring2, substring3);
            }
        }
        String str4 = (String) hashtable.get("realm");
        if (str4 == null) {
            throw new IOException(new StringBuffer().append("Digest realm not found in: ").append(substring).toString());
        }
        String str5 = (String) hashtable.get("nonce");
        if (str5 == null) {
            throw new IOException(new StringBuffer().append("Digest nonce not found in: ").append(substring).toString());
        }
        String str6 = (String) hashtable.get("qop");
        DigestAuthen digestAuthen = new DigestAuthen(this.m_username, this.m_password, ConnectMethod.NAME, "/");
        digestAuthen.setAlgorithm("MD5");
        digestAuthen.setNonce(str5);
        digestAuthen.setRealm(str4);
        if (str6 != null) {
            digestAuthen.setQop(str6);
        }
        if (str6 != null) {
            byte[] bArr = new byte[32];
            s_rand.nextBytes(bArr);
            digestAuthen.setCNonce(MD5.asHex(bArr));
        }
        return digestAuthen.createHeader();
    }

    public String sendConnectCommand(String str, String str2, int i, InputStream inputStream, OutputStream outputStream) throws IOException {
        byte[] bytes;
        String stringBuffer = new StringBuffer().append("CONNECT ").append(str2).append(":").append(i).append(" HTTP/1.0\r\n").append("User-Agent: ").append(NARADA_USER_AGENT).append("\r\n").toString();
        if (str != null) {
            stringBuffer = new StringBuffer().append(stringBuffer).append(str).append("\r\n").toString();
        }
        String stringBuffer2 = new StringBuffer().append(stringBuffer).append("\r\n").toString();
        try {
            bytes = stringBuffer2.getBytes("ASCII7");
        } catch (UnsupportedEncodingException e) {
            bytes = stringBuffer2.getBytes();
        }
        Log.debug("SSLTransport_JSSE", new StringBuffer().append("Proxy connection request:\n").append(stringBuffer2).toString());
        outputStream.write(bytes);
        outputStream.flush();
        return readHttpReply(inputStream);
    }

    private String readHttpReply(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = 0;
        while (i < 2) {
            int read = inputStream.read();
            if (read < 0) {
                throw new IOException("Unexpected EOF from proxy");
            }
            if (read == 10) {
                i++;
            } else if (read != 13) {
                i = 0;
            }
            byteArrayOutputStream.write(read);
        }
        String str = new String(byteArrayOutputStream.toByteArray());
        try {
            inputStream.read(new byte[Integer.parseInt(extractField(str, "content-length:"))]);
        } catch (IOException e) {
        }
        return str;
    }

    private String extractField(String str, String str2) throws IOException {
        int indexOf = str.toLowerCase().indexOf(str2.toLowerCase());
        if (indexOf < 0) {
            throw new IOException(new StringBuffer().append("No field '").append(str2).append("' in ").append(str).toString());
        }
        int indexOf2 = str.indexOf("\n", indexOf);
        if (indexOf2 < 0) {
            indexOf2 = str.length();
        }
        return str.substring(indexOf + str2.length(), indexOf2).trim();
    }
}
