package com.ibm.rational.test.lt.recorder.proxy.internal.proxy.nio;

import com.ibm.rational.test.lt.recorder.proxy.IHttpConstants;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.IProxy;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.ssl.SSLContextFactory;
import com.ibm.rational.test.lt.recorder.proxy.util.Pair;
import com.ibm.rational.test.lt.recorder.proxy.util.Tracer;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;

/* loaded from: input_file:recorderHttp-remote.jar:com/ibm/rational/test/lt/recorder/proxy/internal/proxy/nio/NioSSLServerEngine.class */
public class NioSSLServerEngine extends NioAbstractSSLEngine {
    private static final String USER_DEFINED_ADDED_CIPHER_KEY = "rpt.recording.sslServer.ciphers";

    public NioSSLServerEngine(IProxy iProxy, String str, String str2, int i, String str3, boolean z) throws Exception {
        super(iProxy, str, str2, i, z);
        this.clientMode = false;
        this.sslEngine.setUseClientMode(this.clientMode);
        enforceEnabledProtocols();
        addUserDefinedCipherSuites(USER_DEFINED_ADDED_CIPHER_KEY);
        if (iProxy.hasHttp2Enabled()) {
            try {
                this.sslEngine.setHandshakeApplicationProtocolSelector((sSLEngine, list) -> {
                    return str3;
                });
            } catch (NoSuchMethodError e) {
                iProxy.logOnce("HTTP/2 is not available with this Java version. Using HTTP/1.1", e);
            }
        }
    }

    @Override // com.ibm.rational.test.lt.recorder.proxy.internal.proxy.nio.NioAbstractSSLEngine
    protected void initSSLContext(String str, int i) throws Exception {
        this.sslContext = createSSLContext();
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        Pair<KeyStore, String> serverCertificate = this.proxyOptions.getServerCertificate(str, i);
        if (serverCertificate == null || serverCertificate.getT() == null || serverCertificate.getU() == null) {
            throw new Exception("No SSL server side information for " + str + IHttpConstants.COLON + i);
        }
        keyManagerFactory.init(serverCertificate.getT(), serverCertificate.getU().toCharArray());
        this.sslContext.init(keyManagerFactory.getKeyManagers(), null, null);
    }

    private SSLContext createSSLContext() throws NoSuchAlgorithmException {
        String property = System.getProperty("rpt.recording.sslServer.protocols");
        if (property == null) {
            return SSLContextFactory.createSSLContext(this.proxyOptions.acceptSSLV3(), this.proxyOptions.acceptTLSV10(), this.proxyOptions.acceptTLSV11(), this.proxyOptions.acceptTLSV12(), this.proxyOptions.acceptTLSV13());
        }
        Tracer.trace(0, "Forced sslServer Protocol: " + property);
        return SSLContext.getInstance(property);
    }
}
