package org.red5.server.net.rtmps;

import java.io.File;
import java.io.NotActiveException;
import java.security.Provider;
import java.security.Security;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import org.apache.mina.core.session.IoSession;
import org.apache.mina.filter.ssl.KeyStoreFactory;
import org.apache.mina.filter.ssl.SslContextFactory;
import org.apache.mina.filter.ssl.SslFilter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.red5.server.net.rtmp.InboundHandshake;
import org.red5.server.net.rtmp.RTMPConnection;
import org.red5.server.net.rtmp.RTMPHandler;
import org.red5.server.net.rtmp.RTMPMinaConnection;
import org.red5.server.net.rtmp.RTMPMinaIoHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/red5/server/net/rtmps/RTMPSMinaIoHandler.class */
public class RTMPSMinaIoHandler extends RTMPMinaIoHandler {
    private static Logger log = LoggerFactory.getLogger(RTMPSMinaIoHandler.class);
    private String keystorePassword;
    private String truststorePassword;
    private String keystoreFile;
    private String truststoreFile;
    private String[] cipherSuites;
    private String[] protocols;
    private boolean useClientMode;
    private boolean needClientAuth;
    private boolean wantClientAuth;

    @Override // org.red5.server.net.rtmp.RTMPMinaIoHandler
    public void sessionCreated(IoSession ioSession) throws Exception {
        log.debug("Session created: RTMPS");
        if (this.keystoreFile == null || this.truststoreFile == null) {
            throw new NotActiveException("Keystore or truststore are null");
        }
        SSLContext sSLContext = null;
        try {
            log.debug("Keystore: {}", this.keystoreFile);
            File file = new File(this.keystoreFile);
            log.trace("Keystore - read: {} path: {}", Boolean.valueOf(file.canRead()), file.getCanonicalPath());
            log.debug("Truststore: {}", this.truststoreFile);
            File file2 = new File(this.truststoreFile);
            log.trace("Truststore - read: {} path: {}", Boolean.valueOf(file2.canRead()), file2.getCanonicalPath());
            if (file.exists() && file2.exists()) {
                KeyStoreFactory keyStoreFactory = new KeyStoreFactory();
                keyStoreFactory.setDataFile(file);
                keyStoreFactory.setPassword(this.keystorePassword);
                KeyStoreFactory keyStoreFactory2 = new KeyStoreFactory();
                keyStoreFactory2.setDataFile(file2);
                keyStoreFactory2.setPassword(this.truststorePassword);
                SslContextFactory sslContextFactory = new SslContextFactory();
                sslContextFactory.setKeyManagerFactoryKeyStore(keyStoreFactory.newInstance());
                sslContextFactory.setTrustManagerFactoryKeyStore(keyStoreFactory2.newInstance());
                sslContextFactory.setKeyManagerFactoryKeyStorePassword(this.keystorePassword);
                sSLContext = sslContextFactory.newInstance();
                log.debug("SSL provider is: {}", sSLContext.getProvider());
                SSLParameters defaultSSLParameters = sSLContext.getDefaultSSLParameters();
                if (log.isDebugEnabled()) {
                    log.debug("SSL context params - need client auth: {} want client auth: {} endpoint id algorithm: {}", new Object[]{Boolean.valueOf(defaultSSLParameters.getNeedClientAuth()), Boolean.valueOf(defaultSSLParameters.getWantClientAuth()), defaultSSLParameters.getEndpointIdentificationAlgorithm()});
                    for (String str : defaultSSLParameters.getProtocols()) {
                        log.debug("SSL context supported protocol: {}", str);
                    }
                }
            } else {
                log.warn("Keystore or Truststore file does not exist");
            }
        } catch (Exception e) {
            log.error("Exception getting SSL context", e);
        }
        SslFilter sslFilter = new SslFilter(sSLContext);
        sslFilter.setUseClientMode(this.useClientMode);
        sslFilter.setNeedClientAuth(this.needClientAuth);
        sslFilter.setWantClientAuth(this.wantClientAuth);
        if (this.cipherSuites != null) {
            sslFilter.setEnabledCipherSuites(this.cipherSuites);
        }
        if (this.protocols != null) {
            if (log.isDebugEnabled()) {
                log.debug("Using these protocols: {}", Arrays.toString(this.protocols));
            }
            sslFilter.setEnabledProtocols(this.protocols);
        }
        ioSession.getFilterChain().addFirst("sslFilter", sslFilter);
        ioSession.setAttribute(SslFilter.USE_NOTIFICATION, Boolean.TRUE);
        log.debug("isSslStarted: {}", Boolean.valueOf(sslFilter.isSslStarted(ioSession)));
        ioSession.getFilterChain().addAfter("sslFilter", "rtmpsFilter", new RTMPSIoFilter());
        RTMPMinaConnection createRTMPMinaConnection = createRTMPMinaConnection();
        createRTMPMinaConnection.setIoSession(ioSession);
        createRTMPMinaConnection.setHandler(this.handler);
        ioSession.setAttribute(RTMPConnection.RTMP_SESSION_ID, createRTMPMinaConnection.getSessionId());
        InboundHandshake inboundHandshake = new InboundHandshake();
        inboundHandshake.setUnvalidatedConnectionAllowed(((RTMPHandler) this.handler).isUnvalidatedConnectionAllowed());
        ioSession.setAttribute(RTMPConnection.RTMP_HANDSHAKE, inboundHandshake);
    }

    public void setKeystorePassword(String str) {
        this.keystorePassword = str;
    }

    public void setTruststorePassword(String str) {
        this.truststorePassword = str;
    }

    public void setKeystoreFile(String str) {
        this.keystoreFile = str;
    }

    public void setTruststoreFile(String str) {
        this.truststoreFile = str;
    }

    public String[] getCipherSuites() {
        return this.cipherSuites;
    }

    public void setCipherSuites(String[] strArr) {
        this.cipherSuites = strArr;
    }

    public String[] getProtocols() {
        return this.protocols;
    }

    public void setProtocols(String[] strArr) {
        this.protocols = strArr;
    }

    public void setUseClientMode(boolean z) {
        this.useClientMode = z;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
        if (log.isTraceEnabled()) {
            for (Provider provider : Security.getProviders()) {
                log.trace("Provider: {} = {}", provider.getName(), provider.getInfo());
            }
        }
    }
}
