package com.sshtools.rfbserver.encodings.authentication;

import com.sshtools.rfbcommon.ProtocolReader;
import com.sshtools.rfbcommon.ProtocolWriter;
import com.sshtools.rfbcommon.TightCapability;
import com.sshtools.rfbcommon.WrappedSocket;
import com.sshtools.rfbserver.RFBAuthenticator;
import com.sshtools.rfbserver.RFBClient;
import java.io.FilterInputStream;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sshtools/rfbserver/encodings/authentication/AnonTLS.class */
public class AnonTLS implements RFBAuthenticator {
    static final Logger LOG = LoggerFactory.getLogger(AnonTLS.class);

    @Override // com.sshtools.rfbserver.RFBAuthenticator
    public int getSecurityType() throws RFBAuthenticator.AuthenticationException {
        return 18;
    }

    @Override // com.sshtools.rfbserver.RFBAuthenticator
    public void postAuthentication(RFBClient rFBClient) throws IOException {
    }

    @Override // com.sshtools.rfbserver.RFBAuthenticator
    public TightCapability getCapability() {
        return null;
    }

    @Override // com.sshtools.rfbserver.RFBAuthenticator
    public List<Integer> getSubAuthTypes() {
        return Arrays.asList(0, 1, 2);
    }

    @Override // com.sshtools.rfbserver.RFBAuthenticator
    public boolean process(RFBClient rFBClient) throws RFBAuthenticator.AuthenticationException {
        try {
            LOG.info("Creating SSL wrapped socket");
            final ProtocolReader input = rFBClient.getInput();
            Socket wrappedSocket = new WrappedSocket(input, rFBClient.getOutput());
            InetSocketAddress inetSocketAddress = new InetSocketAddress("localhost", 0);
            wrappedSocket.connect(inetSocketAddress);
            SSLSocketFactory sSLSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            LOG.info("Creating SSL socket to " + inetSocketAddress.getHostName() + ":" + inetSocketAddress.getPort());
            SSLSocket sSLSocket = (SSLSocket) sSLSocketFactory.createSocket(wrappedSocket, inetSocketAddress.getHostName(), inetSocketAddress.getPort(), true);
            ArrayList arrayList = new ArrayList();
            String[] supportedCipherSuites = sSLSocket.getSupportedCipherSuites();
            for (int i = 0; i < supportedCipherSuites.length; i++) {
                if (supportedCipherSuites[i].matches(".*DH_anon.*")) {
                    LOG.info("Enabling TLS " + supportedCipherSuites[i]);
                    arrayList.add(supportedCipherSuites[i]);
                }
            }
            sSLSocket.setEnabledCipherSuites((String[]) arrayList.toArray(new String[0]));
            LOG.info("Setting client mode off");
            sSLSocket.setUseClientMode(false);
            LOG.info("Starting SSL handshake");
            sSLSocket.startHandshake();
            LOG.info("Swapping streams");
            rFBClient.setInput(new ProtocolReader(new FilterInputStream(sSLSocket.getInputStream()) { // from class: com.sshtools.rfbserver.encodings.authentication.AnonTLS.1
                @Override // java.io.FilterInputStream, java.io.InputStream
                public int available() throws IOException {
                    return input.available();
                }
            }));
            rFBClient.setOutput(new ProtocolWriter(sSLSocket.getOutputStream()));
            return false;
        } catch (IOException e) {
            RFBAuthenticator.AuthenticationException authenticationException = new RFBAuthenticator.AuthenticationException("I/O failed.");
            authenticationException.initCause(e);
            throw authenticationException;
        }
    }
}
