package com.claymoresystems.ptls.demo;

import com.claymoresystems.cert.X509Cert;
import com.claymoresystems.ptls.SSLContext;
import com.claymoresystems.ptls.SSLDebug;
import com.claymoresystems.ptls.SSLServerSocket;
import com.claymoresystems.ptls.SSLSocket;
import com.claymoresystems.sslg.SSLPolicyInt;
import com.oscar.protocol.Osecurity;
import gnu.getopt.Getopt;
import gnu.getopt.LongOpt;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.util.Vector;
import org.apache.commons.io.IOUtils;
import org.springframework.security.config.Elements;

/* loaded from: input_file:WEB-INF/lib/shentongjdbc-4.0.jar:com/claymoresystems/ptls/demo/SSLServer.class */
class SSLServer {
    private static int port = 4433;
    private static String keyfile = "server.pem";
    private static String rootfile = "root.pem";
    private static String password = "password";
    private static LongOpt[] Longopts = new LongOpt[11];
    private static boolean clientauth = false;
    private static boolean renegotiate = false;
    private static boolean fakeseed = false;
    private static short[] cipherSuites = null;
    private static int iterate = -1;
    private static String dhfile = null;

    SSLServer() {
    }

    private static void webServe(SSLSocket sSLSocket) throws IOException {
        String readLine;
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(sSLSocket.getInputStream()));
        BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(sSLSocket.getOutputStream()));
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                return;
            } else {
                readLine.trim();
            }
        } while (readLine.length() > 0);
        bufferedWriter.write("HTTP/1.0 200 OK\r\n");
        bufferedWriter.write("Server: PureTLS Demo Server\r\n");
        bufferedWriter.write(IOUtils.LINE_SEPARATOR_WINDOWS);
        bufferedWriter.write("Success!\r\n");
        bufferedWriter.flush();
        sSLSocket.close();
    }

    private static void usage() {
        System.out.println("SSLClient usage ");
        System.out.println("SSLClient [args]");
        System.out.println("  --port, -h: the port to connect to (default 4433)");
        System.out.println("  --keyfile, -k: the keyfile to use (default dsakeys.pem)");
        System.out.println("  --rootfile, -r: the rootfile to use (default root.pem)");
        System.out.println("  --password, -P: the password to use (default password)");
        System.out.println("  --clientauth, -c: require client authentication");
        System.out.println("  --renegotiate, -C: negotiate w/o client auth and then");
        System.out.println("    renegotiate with");
        System.out.println("  --debug, -d: set the debugging flags");
        System.out.println("  --fakerandom, -f: seed the rng with null data");
        System.out.println("  --iterate, -i: Allow X connections before exiting");
        System.out.println("  --ciphersuites, -a: allowed ciphersuites");
        System.out.println("  --dhfile, -D: DH params file");
    }

    public static void main(String[] strArr) {
        Getopt getopt = new Getopt("SSLServer", strArr, "h:p:k:r:RcCd:fi:P:a:D:", Longopts);
        while (true) {
            int i = getopt.getopt();
            if (i != -1) {
                switch (i) {
                    case 67:
                        clientauth = false;
                        renegotiate = true;
                        break;
                    case 68:
                        dhfile = new String(getopt.getOptarg());
                        break;
                    case 80:
                        password = new String(getopt.getOptarg());
                        break;
                    case 97:
                        cipherSuites = Demo.parseCipherSuites(getopt.getOptarg());
                        break;
                    case 99:
                        clientauth = true;
                        break;
                    case 100:
                        SSLDebug.setDebug(Integer.parseInt(getopt.getOptarg()));
                        break;
                    case 102:
                        fakeseed = true;
                        break;
                    case 105:
                        iterate = Integer.parseInt(getopt.getOptarg());
                        break;
                    case 107:
                        keyfile = new String(getopt.getOptarg());
                        break;
                    case 112:
                        port = Integer.parseInt(getopt.getOptarg());
                        break;
                    case 114:
                        rootfile = new String(getopt.getOptarg());
                        break;
                    default:
                        usage();
                        return;
                }
            } else {
                SSLContext sSLContext = new SSLContext();
                if (fakeseed) {
                    sSLContext.seedRNG(null);
                }
                try {
                    sSLContext.loadRootCertificates(rootfile);
                    sSLContext.loadEAYKeyFile(keyfile, password);
                    if (dhfile != null) {
                        sSLContext.loadDHParams(dhfile);
                    }
                    SSLServerSocket sSLServerSocket = new SSLServerSocket(sSLContext, port);
                    SSLPolicyInt sSLPolicyInt = new SSLPolicyInt();
                    if (cipherSuites != null) {
                        sSLPolicyInt.setCipherSuites(cipherSuites);
                    }
                    sSLPolicyInt.requireClientAuth(clientauth);
                    sSLContext.setPolicy(sSLPolicyInt);
                    while (true) {
                        int i2 = iterate;
                        iterate = i2 - 1;
                        if (i2 == 0) {
                            return;
                        }
                        System.out.println("Waiting for connection on " + port);
                        SSLSocket sSLSocket = (SSLSocket) sSLServerSocket.accept();
                        System.out.println("Accepted connection");
                        if (renegotiate) {
                            sSLPolicyInt = new SSLPolicyInt();
                            if (cipherSuites != null) {
                                sSLPolicyInt.setCipherSuites(cipherSuites);
                            }
                            sSLPolicyInt.requireClientAuth(true);
                            sSLSocket.renegotiate(sSLPolicyInt);
                        }
                        if (sSLPolicyInt.requireClientAuthP()) {
                            System.out.println("Cert chain");
                            Vector certificateChain = sSLSocket.getCertificateChain();
                            for (int i3 = 0; i3 < certificateChain.size(); i3++) {
                                X509Cert x509Cert = (X509Cert) certificateChain.elementAt(i3);
                                System.out.println("Issuer " + x509Cert.getIssuerName().getNameString());
                                System.out.println("Subject " + x509Cert.getSubjectName().getNameString());
                                System.out.println("Serial " + x509Cert.getSerial());
                                System.out.println("Validity " + x509Cert.getValidityNotBefore() + "-" + x509Cert.getValidityNotAfter());
                            }
                        }
                        webServe(sSLSocket);
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                    return;
                }
            }
        }
    }

    static {
        int i = 0 + 1;
        Longopts[0] = new LongOpt("port", 1, null, 112);
        int i2 = i + 1;
        Longopts[i] = new LongOpt(Osecurity.keyfile, 1, null, 107);
        int i3 = i2 + 1;
        Longopts[i2] = new LongOpt(Osecurity.rootfile, 1, null, 114);
        int i4 = i3 + 1;
        Longopts[i3] = new LongOpt("clientauth", 0, null, 99);
        int i5 = i4 + 1;
        Longopts[i4] = new LongOpt("password", 1, null, 80);
        int i6 = i5 + 1;
        Longopts[i5] = new LongOpt("renegotiate", 0, null, 67);
        int i7 = i6 + 1;
        Longopts[i6] = new LongOpt(Elements.DEBUG, 1, null, 100);
        int i8 = i7 + 1;
        Longopts[i7] = new LongOpt("fakerandom", 0, null, 102);
        int i9 = i8 + 1;
        Longopts[i8] = new LongOpt("iterate", 1, null, 105);
        int i10 = i9 + 1;
        Longopts[i9] = new LongOpt("ciphersuites", 1, null, 97);
        int i11 = i10 + 1;
        Longopts[i10] = new LongOpt("dhfile", 1, null, 68);
    }
}
