package weblogic.wsee.jaxws.sslclient;

import com.oracle.webservices.impl.internalspi.platform.CredentialService;
import com.oracle.webservices.impl.internalspi.platform.CredentialServiceFactory;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.xml.ws.WebServiceException;

/* loaded from: input_file:weblogic/wsee/jaxws/sslclient/SSLClientUtil.class */
public final class SSLClientUtil {
    private static final String KEYSTORE_PROPERTY = "javax.net.ssl.keyStore";
    private static final String KEYSTORE_TYPE_PROPERTY = "javax.net.ssl.keyStoreType";
    private static final String KEYSTORE_PASSWORD_PROPERTY = "javax.net.ssl.keyStorePassword";
    private static final String KEYSTORE_KEY_ALIAS_PROPERTY = "HTTPClient.ssl.identityAlias";
    private static final String TRUST_KEYSTORE_PROPERTY = "javax.net.ssl.trustStore";
    private static final String TRUST_KEYSTORE_TYPE_PROPERTY = "javax.net.ssl.trustStoreType";
    private static final String TRUST_KEYSTORE_PASSWORD_PROPERTY = "javax.net.ssl.trustStorePassword";
    public static final String RELAXED_CHECKING_DEFAULT = "weblogic.wsee.client.ssl.relaxedtrustmanager";
    private static Logger LOGGER = Logger.getLogger(SSLClientUtil.class.getName());
    private static final TrustManager[] RELAXED_MANAGERS = {new RelaxedX509TrustManager()};

    /* loaded from: input_file:weblogic/wsee/jaxws/sslclient/SSLClientUtil$RelaxedX509TrustManager.class */
    private static class RelaxedX509TrustManager implements X509TrustManager {
        private RelaxedX509TrustManager() {
        }

        public boolean isClientTrusted(X509Certificate[] x509CertificateArr) {
            return true;
        }

        public boolean isServerTrusted(X509Certificate[] x509CertificateArr) {
            return true;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }
    }

    private SSLClientUtil() {
    }

    public static SSLSocketFactory getSSLSocketFactoryFromSysProperties() {
        try {
            return getSSLSocketFactory(getKeyManagers(System.getProperty(KEYSTORE_PROPERTY), System.getProperty(KEYSTORE_PASSWORD_PROPERTY), System.getProperty(KEYSTORE_TYPE_PROPERTY), System.getProperty(KEYSTORE_KEY_ALIAS_PROPERTY), null), "true".equalsIgnoreCase(System.getProperty(RELAXED_CHECKING_DEFAULT)) ? RELAXED_MANAGERS : getTrustManagers(System.getProperty(TRUST_KEYSTORE_PROPERTY, null), System.getProperty(TRUST_KEYSTORE_PASSWORD_PROPERTY, null), System.getProperty(TRUST_KEYSTORE_TYPE_PROPERTY, null), null, null));
        } catch (Exception e) {
            if (LOGGER.isLoggable(Level.INFO)) {
                e.printStackTrace();
            }
            throw new WebServiceException(e);
        }
    }

    public static PersistentSSLInfo getPersistentSSLInfoFromSysProperties() {
        PersistentSSLInfo persistentSSLInfo = new PersistentSSLInfo();
        try {
            String property = System.getProperty(KEYSTORE_PROPERTY);
            String property2 = System.getProperty(KEYSTORE_PASSWORD_PROPERTY);
            if (!"true".equalsIgnoreCase(System.getProperty(RELAXED_CHECKING_DEFAULT))) {
                persistentSSLInfo.setTrustKeystore(System.getProperty(TRUST_KEYSTORE_PROPERTY, null));
            }
            persistentSSLInfo.setKeystore(property);
            persistentSSLInfo.setKeystorePassword(property2);
            return persistentSSLInfo;
        } catch (Exception e) {
            if (LOGGER.isLoggable(Level.INFO)) {
                e.printStackTrace();
            }
            throw new WebServiceException(e);
        }
    }

    public static SSLSocketFactory getSSLSocketFactory(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            if ("true".equalsIgnoreCase(System.getProperty(RELAXED_CHECKING_DEFAULT))) {
                trustManagerArr = RELAXED_MANAGERS;
            }
            sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (GeneralSecurityException e) {
            throw new WebServiceException("Get SSLSocketFactory failed: " + e.getMessage());
        }
    }

    public static SSLSocketFactory getSSLSocketFactory(PersistentSSLInfo persistentSSLInfo) {
        if (LOGGER.isLoggable(Level.FINER)) {
            LOGGER.finer("sslInfo=" + persistentSSLInfo.toString());
        }
        return getSSLSocketFactory(getKeyManagers(persistentSSLInfo.getKeystore(), persistentSSLInfo.getKeystorePassword(), persistentSSLInfo.getKeystoreType(), persistentSSLInfo.getKeyAlias(), persistentSSLInfo.getKeyPassword()), getTrustManagers(persistentSSLInfo.getTrustKeystore(), persistentSSLInfo.getTrustKeystorePassword(), persistentSSLInfo.getTrustKeystoreType(), persistentSSLInfo.getTrustKeystoreAlgorithm(), persistentSSLInfo.getTrustKeystoreProvider()));
    }

    private static KeyManager[] getKeyManagers(String str, String str2, String str3, String str4, String str5) {
        try {
            String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
            if (str5 == null) {
                str5 = str2;
            }
            KeyStore keystore = CredentialServiceFactory.getCredentialService().getKeystore(str, str2, str3);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
            if (str4 == null) {
                keyManagerFactory.init(keystore, str5 == null ? null : str5.toCharArray());
            } else {
                Certificate[] certificateChain = keystore.getCertificateChain(str4);
                if (certificateChain == null) {
                    throw new SecurityException("No such key with alias '" + str4 + "' in key-store '" + str + "'");
                }
                Key key = keystore.getKey(str4, str5 == null ? null : str5.toCharArray());
                KeyStore keyStore = KeyStore.getInstance(str3);
                keyStore.load(null, str2 == null ? null : str2.toCharArray());
                keyStore.setKeyEntry(str4, key, str5 == null ? null : str5.toCharArray(), certificateChain);
                keyManagerFactory.init(keyStore, str5 == null ? null : str5.toCharArray());
            }
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            if (LOGGER.isLoggable(Level.INFO)) {
                e.printStackTrace();
            }
            throw new WebServiceException("Get KeyManager[] failed: " + e.getMessage());
        }
    }

    private static TrustManager[] getTrustManagers(String str, String str2, String str3, String str4, String str5) {
        if (str == null) {
            return null;
        }
        if (LOGGER.isLoggable(Level.FINER)) {
            LOGGER.finer("trustKeystore=" + str);
        }
        if (str4 == null) {
            try {
                str4 = TrustManagerFactory.getDefaultAlgorithm();
            } catch (Exception e) {
                if (LOGGER.isLoggable(Level.INFO)) {
                    e.printStackTrace();
                }
                throw new WebServiceException("Get TrustManager[] failed: " + e.getMessage());
            }
        }
        if (str3 == null) {
            str3 = CredentialService.DEFAULT_KEYSTORE_TYPE;
        }
        TrustManagerFactory trustManagerFactory = str5 == null ? TrustManagerFactory.getInstance(str4) : TrustManagerFactory.getInstance(str4, str5);
        trustManagerFactory.init(CredentialServiceFactory.getCredentialService().getKeystore(str, str2, str3));
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (LOGGER.isLoggable(Level.FINER)) {
            LOGGER.finer("Loaded trust managers");
        }
        return trustManagers;
    }
}
