package org.apache.cxf.transport.https_jetty;

import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.configuration.security.SSLServerPolicy;
import org.apache.cxf.transport.http_jetty.JettyConnectorFactory;
import org.apache.cxf.transport.https.SSLUtils;
import org.mortbay.jetty.AbstractConnector;
import org.mortbay.jetty.security.SslSocketConnector;

/* loaded from: classes.dex */
public final class JettySslConnectorFactory implements JettyConnectorFactory {
    private static final long serialVersionUID = 1;
    SSLServerPolicy sslPolicy;
    private static final Logger LOG = LogUtils.getL7dLogger(JettySslConnectorFactory.class);
    private static final String[] UNSUPPORTED = {"SessionCaching", "SessionCacheKey", "MaxChainLength", "CertValidator", "TrustStoreAlgorithm", "TrustStoreType"};
    private static final String[] DERIVATIVE = {"CiphersuiteFilters"};

    public JettySslConnectorFactory(SSLServerPolicy sSLServerPolicy) {
        this.sslPolicy = sSLServerPolicy;
    }

    protected void addLogHandler(Handler handler) {
        LOG.addHandler(handler);
    }

    @Override // org.apache.cxf.transport.http_jetty.JettyConnectorFactory
    public AbstractConnector createConnector(int i) {
        SslSocketConnector sslSocketConnector = new SslSocketConnector();
        sslSocketConnector.setPort(i);
        decorate(sslSocketConnector);
        return sslSocketConnector;
    }

    public void decorate(SslSocketConnector sslSocketConnector) {
        String keystore = SSLUtils.getKeystore(this.sslPolicy.getKeystore(), LOG);
        sslSocketConnector.setKeystore(keystore);
        String keystoreType = SSLUtils.getKeystoreType(this.sslPolicy.getKeystoreType(), LOG);
        sslSocketConnector.setKeystoreType(keystoreType);
        String keystorePassword = SSLUtils.getKeystorePassword(this.sslPolicy.getKeystorePassword(), LOG);
        sslSocketConnector.setPassword(keystorePassword);
        String keyPassword = SSLUtils.getKeyPassword(this.sslPolicy.getKeyPassword(), LOG);
        sslSocketConnector.setKeyPassword(keyPassword);
        String keystoreAlgorithm = SSLUtils.getKeystoreAlgorithm(this.sslPolicy.getKeystoreAlgorithm(), LOG);
        sslSocketConnector.setSslKeyManagerFactoryAlgorithm(keystoreAlgorithm);
        System.setProperty("javax.net.ssl.trustStore", SSLUtils.getTrustStore(this.sslPolicy.getTrustStore(), LOG));
        String secureSocketProtocol = SSLUtils.getSecureSocketProtocol(this.sslPolicy.getSecureSocketProtocol(), LOG);
        sslSocketConnector.setProtocol(secureSocketProtocol);
        sslSocketConnector.setWantClientAuth(SSLUtils.getWantClientAuthentication(this.sslPolicy.isSetWantClientAuthentication(), this.sslPolicy.isWantClientAuthentication(), LOG));
        sslSocketConnector.setNeedClientAuth(SSLUtils.getRequireClientAuthentication(this.sslPolicy.isSetRequireClientAuthentication(), this.sslPolicy.isRequireClientAuthentication(), LOG));
        try {
            sslSocketConnector.setExcludeCipherSuites(SSLUtils.getCiphersuites(this.sslPolicy.getCiphersuites(), SSLUtils.getServerSupportedCipherSuites(SSLUtils.getSSLContext(secureSocketProtocol, SSLUtils.getKeyStoreManagers(keystore, keystoreType, keystorePassword, keyPassword, keystoreAlgorithm, secureSocketProtocol, LOG), null)), this.sslPolicy.getCiphersuiteFilters(), LOG, true));
        } catch (Exception e) {
            LogUtils.log(LOG, Level.SEVERE, "SSL_CONTEXT_INIT_FAILURE", (Throwable) e);
        }
        SSLUtils.logUnSupportedPolicies(this.sslPolicy, false, UNSUPPORTED, LOG);
    }

    protected String[] getDerivative() {
        return DERIVATIVE;
    }

    protected String[] getUnSupported() {
        return UNSUPPORTED;
    }
}
