package weblogic.wsee.connection.transport.https;

import com.oracle.webservices.impl.internalspi.platform.CredentialServiceFactory;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import weblogic.wsee.connection.transport.http.HttpTransportInfo;

/* loaded from: input_file:weblogic/wsee/connection/transport/https/HttpsTransportInfo.class */
public class HttpsTransportInfo extends HttpTransportInfo {
    private static final long serialVersionUID = 5277936336380367841L;
    public static final String STRICT_CHECKING_DEFAULT = "weblogic.wsee.client.ssl.stricthostchecking";
    public static final String RELAXED_CHECKING_DEFAULT = "weblogic.wsee.client.ssl.relaxedtrustmanager";
    private static boolean strictCheckingDefault;
    private static boolean relaxedTrustManagerDefault;
    private transient KeyManager[] keyManagers;
    private transient TrustManager[] trustManagers;
    private transient HostnameVerifier hostnameVerifier;
    private static final String KEYSTORE_PASSWORD_PROPERTY = "javax.net.ssl.keyStorePassword";
    private static final String KEYSTORE_PROPERTY = "javax.net.ssl.keyStore";
    private static final String TRUST_KEYSTORE_PROPERTY = "javax.net.ssl.trustStore";
    private transient SSLAdapter sslAdapter;
    private static final Logger LOGGER = Logger.getLogger(HttpsTransportInfo.class.getName());
    private static final HostnameVerifier NONVERIFIER = new RelaxedVerifier();
    private static final TrustManager[] RELAXED_MANAGERS = {new RelaxedX509TrustManager()};
    public static final HttpsTransportInfo DEFAULT_TRANSPORTINFO = new HttpsTransportInfo();

    /* loaded from: input_file:weblogic/wsee/connection/transport/https/HttpsTransportInfo$RelaxedVerifier.class */
    private static class RelaxedVerifier implements HostnameVerifier {
        private RelaxedVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            if (HttpsTransportInfo.LOGGER.isLoggable(Level.FINE)) {
                HttpsTransportInfo.LOGGER.log(Level.FINE, "HTTPSClientTransport RelaxedVerifier called.");
            }
            if (str.equals(sSLSession.getPeerHost())) {
                if (!HttpsTransportInfo.LOGGER.isLoggable(Level.FINE)) {
                    return true;
                }
                HttpsTransportInfo.LOGGER.log(Level.FINE, "HTTPSClientTransport success URL: " + str);
                return true;
            }
            if (!HttpsTransportInfo.LOGGER.isLoggable(Level.FINE)) {
                return true;
            }
            HttpsTransportInfo.LOGGER.log(Level.FINE, "HTTPSClientTransport NullVerifyer certificate <" + sSLSession.getPeerHost() + "> does not match host <" + str + "> however continuing anyway.");
            return true;
        }
    }

    /* loaded from: input_file:weblogic/wsee/connection/transport/https/HttpsTransportInfo$RelaxedX509TrustManager.class */
    private static class RelaxedX509TrustManager implements X509TrustManager {
        private RelaxedX509TrustManager() {
        }

        public boolean isClientTrusted(X509Certificate[] x509CertificateArr) {
            return true;
        }

        public boolean isServerTrusted(X509Certificate[] x509CertificateArr) {
            return true;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }
    }

    public HttpsTransportInfo() {
        this.sslAdapter = null;
        this.hostnameVerifier = !strictCheckingDefault ? NONVERIFIER : null;
        try {
            this.trustManagers = relaxedTrustManagerDefault ? RELAXED_MANAGERS : getDefaultTrustManagers();
        } catch (Exception e) {
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, e.getMessage(), (Throwable) e);
            }
        }
        try {
            this.keyManagers = getDefaultKeyManagers();
        } catch (Exception e2) {
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, e2.getMessage(), (Throwable) e2);
            }
        }
    }

    public HttpsTransportInfo(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, HostnameVerifier hostnameVerifier) {
        this.sslAdapter = null;
        if (keyManagerArr == null) {
            throw new IllegalArgumentException("KeyManagers cannot be null");
        }
        if (trustManagerArr == null) {
            throw new IllegalArgumentException("TrustManagers cannot be null");
        }
        this.keyManagers = keyManagerArr;
        this.trustManagers = trustManagerArr;
        this.hostnameVerifier = hostnameVerifier;
    }

    public HttpsTransportInfo(SSLAdapter sSLAdapter) {
        this.sslAdapter = null;
        this.sslAdapter = sSLAdapter;
    }

    public void setSSLAdapter(SSLAdapter sSLAdapter) {
        this.sslAdapter = sSLAdapter;
    }

    public SSLAdapter getSSLAdapter() {
        return this.sslAdapter;
    }

    public KeyManager[] getKeyManagers() {
        return this.keyManagers;
    }

    public void setKeyManagers(KeyManager[] keyManagerArr) {
        this.keyManagers = keyManagerArr;
    }

    public TrustManager[] getTrustManagers() {
        return this.trustManagers;
    }

    public void setTrustManagers(TrustManager[] trustManagerArr) {
        this.trustManagers = trustManagerArr;
    }

    public HostnameVerifier getHostnameVerifier() {
        return this.hostnameVerifier;
    }

    public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hostnameVerifier = hostnameVerifier;
    }

    public static void setStrictHostnameCheckDefault(boolean z) {
        strictCheckingDefault = z;
        if (!z) {
            DEFAULT_TRANSPORTINFO.setHostnameVerifier(NONVERIFIER);
        } else if (DEFAULT_TRANSPORTINFO.getHostnameVerifier() == NONVERIFIER) {
            DEFAULT_TRANSPORTINFO.setHostnameVerifier(null);
        }
    }

    public static void setRelaxedTrustManagerDefault(boolean z) {
        relaxedTrustManagerDefault = z;
        if (z) {
            DEFAULT_TRANSPORTINFO.setTrustManagers(RELAXED_MANAGERS);
            return;
        }
        if (DEFAULT_TRANSPORTINFO.getTrustManagers() == RELAXED_MANAGERS) {
            try {
                DEFAULT_TRANSPORTINFO.setTrustManagers(getDefaultTrustManagers());
            } catch (Exception e) {
                if (LOGGER.isLoggable(Level.FINE)) {
                    LOGGER.log(Level.FINE, e.getMessage(), (Throwable) e);
                }
            }
        }
    }

    private static KeyManager[] getDefaultKeyManagers() throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        KeyStore keyStoreFromSystemProperty = getKeyStoreFromSystemProperty(KEYSTORE_PROPERTY, KEYSTORE_PASSWORD_PROPERTY);
        String property = System.getProperty(KEYSTORE_PASSWORD_PROPERTY);
        keyManagerFactory.init(keyStoreFromSystemProperty, property != null ? property.toCharArray() : null);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "Loaded keymanagers from system properties");
        }
        return keyManagers;
    }

    private static TrustManager[] getDefaultTrustManagers() throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
        trustManagerFactory.init(getKeyStoreFromSystemProperty(TRUST_KEYSTORE_PROPERTY, null));
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "Loaded default trust managers");
        }
        return trustManagers;
    }

    private static KeyStore getKeyStoreFromSystemProperty(String str, String str2) throws KeyStoreException {
        String property = System.getProperty(str);
        String property2 = str2 != null ? System.getProperty(str2) : null;
        if (property == null) {
            return null;
        }
        if (str2 != null && property2 == null) {
            return null;
        }
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "loading keystore from: " + property);
        }
        return CredentialServiceFactory.getCredentialService().getKeystore(property, property2, property.startsWith("kss://") ? "KSS" : "JKS");
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        objectOutputStream.defaultWriteObject();
        if (this.sslAdapter instanceof Serializable) {
            objectOutputStream.writeObject(this.sslAdapter);
        } else {
            objectOutputStream.writeObject(null);
        }
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        objectInputStream.defaultReadObject();
        this.sslAdapter = (SSLAdapter) objectInputStream.readObject();
    }

    static {
        strictCheckingDefault = false;
        relaxedTrustManagerDefault = false;
        try {
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, "HttpsTransportInfo verbose output enabled");
            }
            if ("true".equals(System.getProperty(STRICT_CHECKING_DEFAULT))) {
                strictCheckingDefault = true;
                if (LOGGER.isLoggable(Level.FINE)) {
                    LOGGER.log(Level.FINE, "JdkSSLAdapter strict hostname checking ENABLED by default");
                }
            }
            if ("true".equals(System.getProperty(RELAXED_CHECKING_DEFAULT))) {
                relaxedTrustManagerDefault = true;
                if (LOGGER.isLoggable(Level.FINE)) {
                    LOGGER.log(Level.FINE, "JdkSSLAdapter relaxed trust manager ENABLED by default");
                }
            }
        } catch (Throwable th) {
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, "JdkSSLAdapter error: " + th.getMessage());
                LOGGER.log(Level.FINE, th.getMessage(), th);
            }
        }
    }
}
