package wse.server;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Random;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import wse.WSE;
import wse.server.servlet.HttpServletRequest;
import wse.server.servlet.HttpServletResponse;
import wse.server.shttp.SHttpServerSessionStore;
import wse.utils.HttpCodes;
import wse.utils.Protocol;
import wse.utils.SHttp;
import wse.utils.http.HttpMethod;
import wse.utils.shttp.SKey;
import wse.utils.ssl.SSLAuth;

/* loaded from: classes2.dex */
public class ServiceReceiverHttps extends ServiceReceiver {
    private static final String DEFAULT_METHOD = "AES128";
    public static final String METHOD_PATTERN = "AES[0-9][0-9][0-9]?";
    private boolean acceptHttps;
    private boolean acceptShttp;
    private SSLAuth auth;
    private Random random;
    private List<Integer> shttpRedirect;
    private SSLServerSocket socket;
    private SHttpServerSessionStore store;

    public ServiceReceiverHttps(ServiceManager serviceManager, int i, Restrictions restrictions) {
        super(serviceManager, i, restrictions);
        this.acceptHttps = true;
        this.acceptShttp = false;
        this.random = new Random();
        this.shttpRedirect = new ArrayList();
    }

    private int getRandomSHttpRedirectPort() {
        if (this.shttpRedirect.size() == 0) {
            return -1;
        }
        if (this.shttpRedirect.size() == 1) {
            return this.shttpRedirect.get(0).intValue();
        }
        List<Integer> list = this.shttpRedirect;
        return list.get(this.random.nextInt(list.size())).intValue();
    }

    public void addAvailableSHttpPort(int i) {
        this.shttpRedirect.add(Integer.valueOf(i));
    }

    public void bindToSSLStore(SSLAuth sSLAuth) {
        this.auth = sSLAuth;
    }

    @Override // wse.server.ServiceReceiver
    public String getProtocol() {
        Restrictions restrictions = getRestrictions();
        StringBuilder sb = new StringBuilder();
        sb.append(Protocol.HTTPS.toString());
        sb.append("/");
        sb.append(restrictions.getNeedClientAuth() ? "cc" : "anon");
        return sb.toString();
    }

    public SHttpServerSessionStore getSHttpSessionStore() {
        return this.store;
    }

    public SSLAuth getSSLAuth() {
        return this.auth;
    }

    @Override // wse.server.ServiceReceiver
    public SSLServerSocket getServerSocket() {
        return this.socket;
    }

    @Override // wse.server.ServiceReceiver
    protected void initSocket() throws IOException {
        SSLAuth sSLAuth = this.auth;
        SSLServerSocketFactory sSLServerSocketFactory = sSLAuth != null ? sSLAuth.getSSLServerSocketFactory() : (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
        Restrictions restrictions = getRestrictions();
        this.socket = (SSLServerSocket) ServiceReceiver.makeSocket(getPort(), restrictions, sSLServerSocketFactory);
        if (restrictions.getNeedClientAuth()) {
            this.socket.setNeedClientAuth(true);
        }
        this.socket.setReuseAddress(true);
        this.socket.setSoTimeout(0);
    }

    public void setAcceptHttps(boolean z) {
        this.acceptHttps = z;
    }

    public void setAcceptSHttp(boolean z) {
        if (!this.acceptShttp && z && this.store == null) {
            this.store = new SHttpServerSessionStore();
        }
        this.acceptShttp = z;
    }

    @Override // wse.server.ServiceReceiver, wse.server.HttpCallTreatment
    public void treatCall(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (httpServletRequest.getMethod() == HttpMethod.GET && SHttp.INIT_PATH.equals(httpServletRequest.getRequestPath())) {
            if (this.acceptShttp) {
                treatSHttpInit(httpServletRequest, httpServletResponse);
                return;
            } else {
                httpServletResponse.sendError(HttpCodes.FORBIDDEN, "sHttp not supported on this location");
                return;
            }
        }
        if (this.acceptHttps) {
            super.treatCall(httpServletRequest, httpServletResponse);
        } else {
            httpServletResponse.sendMethodNotAllowed(HttpMethod.GET, HttpMethod.SECURE);
        }
    }

    public void treatSHttpInit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (!SHttp.INIT_PATH.equals(httpServletRequest.getRequestPath())) {
            httpServletResponse.sendError(HttpCodes.BAD_REQUEST, "Invalid sHttp init path");
            return;
        }
        if (!DEFAULT_METHOD.matches(METHOD_PATTERN)) {
            httpServletResponse.sendError(HttpCodes.BAD_REQUEST, "Encryption method not supported, supported: AESx, x=[" + SHttp.getKeyLengthsSupported() + "]");
            return;
        }
        try {
            int parseInt = Integer.parseInt("128");
            if (!SHttp.keyLengthSupported(parseInt) || parseInt % 8 != 0) {
                httpServletResponse.sendError(HttpCodes.BAD_REQUEST, "Key length not supported, supported: [" + SHttp.getKeyLengthsSupported() + "]");
                return;
            }
            SKey generateKey = SHttpServerSessionStore.generateKey(parseInt);
            this.store.storeKey(generateKey);
            int randomSHttpRedirectPort = getRandomSHttpRedirectPort();
            StringBuilder sb = new StringBuilder(200);
            sb.append(generateKey.getKeyName());
            sb.append(' ');
            sb.append(WSE.printBase64Binary(generateKey.getKey()));
            sb.append(' ');
            sb.append(randomSHttpRedirectPort);
            sb.append(' ');
            sb.append(generateKey.getLifeLength());
            sb.append(' ');
            sb.append(generateKey.getKey().length * 8);
            byte[] bytes = sb.toString().getBytes();
            httpServletResponse.setContentLength(bytes.length);
            httpServletResponse.write(bytes);
        } catch (Exception unused) {
            httpServletResponse.sendError(HttpCodes.BAD_REQUEST, "Encryption method not supported, supported: AESx, x=[" + SHttp.getKeyLengthsSupported() + "]");
        }
    }
}
