package com.cloudera.keytrustee.impl;

import com.cloudera.keytrustee.KeyTrusteeConstants;
import com.cloudera.keytrustee.KeyTrusteeException;
import com.cloudera.keytrustee.ServerInfo;
import com.cloudera.keytrustee.URLConnector;
import com.cloudera.keytrustee.crypto.Fingerprint;
import com.cloudera.keytrustee.crypto.certs.CertLoader;
import java.io.IOException;
import java.net.URISyntaxException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/keytrustee/impl/ServerInfoImpl.class */
public final class ServerInfoImpl implements ServerInfo {
    private final String hostname;
    private final Fingerprint fingerprint;
    private final String certificatePath;
    private final Certificate certificate;
    private final boolean sslInsecure;
    private String protocol;
    private boolean tokenSync;
    private boolean singleServerPort;
    private int ktsPort;
    private int hkpPort;
    private SSLContext sslContext;
    private static Logger LOG = LoggerFactory.getLogger(ServerInfoImpl.class);

    public static int[] checkServerPorts(String str, int i, int i2, boolean z) throws KeyTrusteeException {
        int[] iArr = {-1, -1};
        int checkForKTSPort = checkForKTSPort(str, i, z);
        iArr[0] = checkForKTSPort;
        if (checkForKTSPort > 0) {
            iArr[1] = checkForHKPPort(str, checkForKTSPort, i2, z);
        }
        return iArr;
    }

    static int checkForKTSPort(String str, int i, boolean z) {
        if (i < 0) {
            return checkForKTSPort(str, KeyTrusteeConstants.KTS_PORT, z);
        }
        try {
            if (new URLConnector(KeyTrusteeConstants.SECURE_PROTOCOL, str, i, z).execQuery("/", "a=fingerprint", null).getStatusCode() == 200) {
                return i;
            }
        } catch (IOException e) {
            if ((e instanceof SSLException) && LOG.isWarnEnabled()) {
                LOG.warn("SSL failure on attempt to contact KTS. To debug, re-run JVM with '-Djavax.net.debug=ssl:handshake'");
            }
            if (LOG.isWarnEnabled()) {
                LOG.warn("Could not connect to KTS on port [" + i + "]. Attempting to resolve. " + e.getMessage());
            }
        } catch (URISyntaxException e2) {
            if (LOG.isErrorEnabled()) {
                LOG.error("Could not connect to KTS. " + e2.getMessage());
            }
        }
        if (i == 11371) {
            return -1;
        }
        return i == 443 ? checkForKTSPort(str, KeyTrusteeConstants.COMBINED_PORT, z) : checkForKTSPort(str, KeyTrusteeConstants.KTS_PORT, z);
    }

    static int checkForHKPPort(String str, int i, int i2, boolean z) {
        int statusCode;
        if (i2 < 0) {
            return checkForHKPPort(str, i, 80, z);
        }
        URLConnector uRLConnector = i == i2 ? new URLConnector(KeyTrusteeConstants.SECURE_PROTOCOL, str, i2, z) : new URLConnector(KeyTrusteeConstants.INSECURE_PROTOCOL, str, i2, z);
        try {
            statusCode = uRLConnector.execQuery("/ping", "", null).getStatusCode();
        } catch (IOException e) {
            if (LOG.isWarnEnabled()) {
                LOG.warn("Could not connect to HKP on port [" + i2 + "]. Attempting to resolve. " + e.getMessage());
            }
        } catch (URISyntaxException e2) {
            if (LOG.isErrorEnabled()) {
                LOG.error("Could not connect to HKP. " + e2.getMessage());
            }
        }
        if (statusCode == 200) {
            return i2;
        }
        if (statusCode == 404) {
            if (uRLConnector.execQuery("/pks/lookup", "", null).getStatusCode() == 400) {
                return i2;
            }
        }
        if (i2 == 11371) {
            return -1;
        }
        return i2 == i ? checkForHKPPort(str, i, KeyTrusteeConstants.COMBINED_PORT, z) : i2 == 80 ? checkForHKPPort(str, i, i, z) : checkForHKPPort(str, i, 80, z);
    }

    public ServerInfoImpl(String str, Fingerprint fingerprint, String str2, boolean z, String str3, boolean z2, boolean z3, int i, int i2) throws IOException, CertificateException {
        this.singleServerPort = false;
        this.ktsPort = KeyTrusteeConstants.KTS_PORT;
        this.hkpPort = 80;
        this.hostname = str;
        this.fingerprint = fingerprint;
        this.certificatePath = str2;
        if (this.certificatePath == null || this.certificatePath.trim().isEmpty()) {
            this.certificate = null;
        } else {
            this.certificate = CertLoader.loadX509Cert(this.certificatePath);
        }
        this.sslInsecure = z;
        this.protocol = str3;
        this.tokenSync = z2;
        this.singleServerPort = z3;
        this.ktsPort = i;
        this.hkpPort = i2;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public String getHostname() {
        return this.hostname;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public Fingerprint getFingerprint() {
        return this.fingerprint;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public Certificate getCertificate() {
        return this.certificate;
    }

    public String getCertPath() {
        return this.certificatePath;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public boolean isSslInsecure() {
        return this.sslInsecure;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public String getProtocol() {
        return this.protocol;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public boolean isTokenSync() {
        return this.tokenSync;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public boolean hasCertificate() {
        return this.certificate != null;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public String getCertificatePath() {
        return this.certificatePath;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public boolean isSingleServerPort() {
        return this.singleServerPort;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public int getKtsPort() {
        return this.ktsPort;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public int getHkpPort() {
        return this.hkpPort;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public SSLContext getSSLContext() {
        return this.sslContext;
    }

    @Override // com.cloudera.keytrustee.ServerInfo
    public void setSSLContext(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }
}
