package weblogic.wtc.jatmi;

import com.bea.core.jatmi.common.ntrace;
import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.SSLServerSocketFactory;
import weblogic.management.provider.ManagementService;
import weblogic.security.SSL.SSLSocketFactory;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.pki.keystore.WLSKeyStoreFactory;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.utils.SSLCertUtility;
import weblogic.security.utils.SSLContextManager;
import weblogic.security.utils.SSLContextWrapper;
import weblogic.socket.SocketMuxer;
import weblogic.wtc.WTCLogger;

/* loaded from: input_file:weblogic/wtc/jatmi/TuxedoSSLSocketFactory.class */
public final class TuxedoSSLSocketFactory extends SSLSocketFactory {
    private static final AuthenticatedSubject KERNEL_ID = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    public static final String[] CIPHER0 = {"TLS_RSA_WITH_NULL_MD5", "TLS_RSA_WITH_NULL_SHA"};
    public static final String[] CIPHER56 = {"TLS_RSA_WITH_DES_CBC_SHA"};
    public static final String[] CIPHER112 = {"TLS_RSA_WITH_3DES_EDE_CBC_SHA"};
    public static final String[] CIPHER128 = {"TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_RC4_128_MD5"};
    public static final String[] CIPHER256 = {"TLS_RSA_WITH_AES_256_CBC_SHA"};
    private String ksType;
    private String trustKsType;
    private String identityKeyStore;
    private String identityKeyStorePassphrase;
    private String identityKeyAlias;
    private String identityKeyPassphrase;
    private String trustKeyStore;
    private String trustKeyStorePassphrase;

    public TuxedoSSLSocketFactory(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) {
        super((javax.net.ssl.SSLSocketFactory) null);
        this.ksType = str;
        this.identityKeyStore = str2;
        this.identityKeyStorePassphrase = str3;
        this.identityKeyAlias = str4;
        this.identityKeyPassphrase = str5;
        this.trustKsType = str6;
        this.trustKeyStore = str7;
        this.trustKeyStorePassphrase = str8;
    }

    @Override // weblogic.security.SSL.SSLSocketFactory, javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        return getSocketFactory().createSocket(inetAddress, i);
    }

    @Override // weblogic.security.SSL.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        try {
            return getSocketFactory().getDefaultCipherSuites();
        } catch (IOException e) {
            throw ((RuntimeException) new IllegalStateException().initCause(e));
        }
    }

    @Override // weblogic.security.SSL.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        try {
            return getSocketFactory().getSupportedCipherSuites();
        } catch (IOException e) {
            throw ((RuntimeException) new IllegalStateException().initCause(e));
        }
    }

    public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
        return getServerSocketFactory().createServerSocket(i, i2, inetAddress);
    }

    @Override // weblogic.security.SSL.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        return getSocketFactory().createSocket(socket, str, i, z);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v96, types: [java.security.cert.Certificate[]] */
    private SSLServerSocketFactory getServerSocketFactory() throws IOException {
        boolean isTraceEnabled = ntrace.isTraceEnabled(4);
        if (isTraceEnabled) {
            ntrace.doTrace("[/TuxedoSSLSocketFactory/getServerSocketFactory()");
        }
        SSLContextWrapper sSLContextWrapper = SSLContextWrapper.getInstance();
        KeyStore keyStore = null;
        Object obj = null;
        X509Certificate[] x509CertificateArr = null;
        String str = this.identityKeyStore == null ? "unspecified" : this.identityKeyStore;
        if (this.identityKeyStore != null) {
            File file = new File(this.identityKeyStore);
            if (file.exists()) {
                keyStore = WLSKeyStoreFactory.getKeyStoreInstance(KERNEL_ID, this.ksType, file.getAbsolutePath(), this.identityKeyStorePassphrase.toCharArray());
            }
        }
        if (keyStore == null) {
            WTCLogger.logErrorInvalidPrivateKeyStoreInfo(str, "getServerSocketFactory");
            if (isTraceEnabled) {
                ntrace.doTrace("*]/TuxedoSSLSocketFactory/getServerSocketFactory(10)/bad key store");
            }
            throw new IOException("Problem with private key store " + str);
        }
        try {
            obj = keyStore.getKey(this.identityKeyAlias, this.identityKeyPassphrase.toCharArray());
            x509CertificateArr = keyStore.getCertificateChain(this.identityKeyAlias);
        } catch (Exception e) {
            if (isTraceEnabled) {
                e.printStackTrace();
            }
        }
        if (obj == null || !(obj instanceof PrivateKey) || !(x509CertificateArr instanceof Certificate[])) {
            WTCLogger.logErrorInvalidPrivateKeyInfo(this.identityKeyAlias, str, "getServerSocketFactory");
            if (isTraceEnabled) {
                ntrace.doTrace("*]/TuxedoSSLSocketFactory/getServerSocketFactory(20)/bad key or cert");
            }
            throw new IOException("Problem with key or certificate");
        }
        X509Certificate[] x509CertificateArr2 = new X509Certificate[x509CertificateArr.length];
        for (int i = 0; i < x509CertificateArr2.length; i++) {
            x509CertificateArr2[i] = x509CertificateArr[i];
        }
        sSLContextWrapper.addIdentity(x509CertificateArr2, (PrivateKey) obj);
        KeyStore keyStore2 = null;
        if (this.trustKeyStore == null && this.trustKeyStorePassphrase == null && this.trustKsType == null) {
            try {
                sSLContextWrapper.addTrustedCA(SSLContextManager.getServerTrustedCAs());
            } catch (Exception e2) {
                WTCLogger.logErrorInvalidServerTrustCertificate("getServerSocketFactory");
                if (isTraceEnabled) {
                    ntrace.doTrace("*]/TuxedoSSLSocketFactory/getServerSocketFactory(50)/bad trust cert");
                }
                throw new IOException(e2.getMessage());
            }
        } else {
            String str2 = this.trustKeyStore == null ? "unspecified" : this.trustKeyStore;
            if (this.trustKeyStore != null) {
                File file2 = new File(str2);
                if (file2.exists()) {
                    keyStore2 = WLSKeyStoreFactory.getKeyStoreInstance(KERNEL_ID, this.trustKsType, file2.getAbsolutePath(), this.trustKeyStorePassphrase.toCharArray());
                }
            }
            if (keyStore2 == null) {
                WTCLogger.logErrorInvalidTrustCertStoreInfo(str2, "getServerSocketFactory");
                if (isTraceEnabled) {
                    ntrace.doTrace("*]/TuxedoSSLSocketFactory/getServerSocketFactory(30)/bad trust store");
                }
                throw new IOException("Problem with trust certificate store " + str2);
            }
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.addAll(SSLCertUtility.getX509Certificates(keyStore2));
                sSLContextWrapper.addTrustedCA((X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]));
            } catch (Exception e3) {
                WTCLogger.logErrorInvalidTrustCertificate(str2, "getServerSocketFactory");
                if (isTraceEnabled) {
                    ntrace.doTrace("*]/TuxedoSSLSocketFactory/getServerSocketFactory(40)/bad trust cert");
                }
                throw new IOException(e3.getMessage());
            }
        }
        if (isTraceEnabled) {
            ntrace.doTrace("]/TuxedoSSLSocketFactory/getServerSocketFactory(60)/success");
        }
        return SocketMuxer.getMuxer().isAsyncMuxer() ? sSLContextWrapper.getSSLNioServerSocketFactory() : sSLContextWrapper.getSSLServerSocketFactory();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v92, types: [java.security.cert.Certificate[]] */
    private javax.net.ssl.SSLSocketFactory getSocketFactory() throws IOException {
        boolean isTraceEnabled = ntrace.isTraceEnabled(4);
        if (isTraceEnabled) {
            ntrace.doTrace("[/TuxedoSSLSocketFactory/getSocketFactory()");
        }
        SSLContextWrapper sSLContextWrapper = SSLContextWrapper.getInstance();
        KeyStore keyStore = null;
        Object obj = null;
        X509Certificate[] x509CertificateArr = null;
        String str = this.identityKeyStore == null ? "unspecified" : this.identityKeyStore;
        if (this.identityKeyStore != null) {
            File file = new File(this.identityKeyStore);
            if (file.exists()) {
                keyStore = WLSKeyStoreFactory.getKeyStoreInstance(KERNEL_ID, this.ksType, file.getAbsolutePath(), this.identityKeyStorePassphrase.toCharArray());
            }
        }
        if (keyStore == null) {
            WTCLogger.logErrorInvalidPrivateKeyStoreInfo(str, "getSocketFactory");
            if (isTraceEnabled) {
                ntrace.doTrace("*]/TuxedoSSLSocketFactory/getSocketFactory(10)/bad key store");
            }
            throw new IOException("Problem with private key store " + str);
        }
        try {
            obj = keyStore.getKey(this.identityKeyAlias, this.identityKeyPassphrase.toCharArray());
            x509CertificateArr = keyStore.getCertificateChain(this.identityKeyAlias);
        } catch (Exception e) {
            if (isTraceEnabled) {
                e.printStackTrace();
            }
        }
        if (obj == null || !(obj instanceof PrivateKey) || !(x509CertificateArr instanceof Certificate[])) {
            WTCLogger.logErrorInvalidPrivateKeyInfo(this.identityKeyAlias, str, "getSocketFactory");
            if (isTraceEnabled) {
                ntrace.doTrace("*]/TuxedoSSLSocketFactory/getSocketFactory(20)/bad key store");
            }
            throw new IOException("Problem with key or certificate");
        }
        X509Certificate[] x509CertificateArr2 = new X509Certificate[x509CertificateArr.length];
        for (int i = 0; i < x509CertificateArr2.length; i++) {
            x509CertificateArr2[i] = x509CertificateArr[i];
        }
        sSLContextWrapper.addIdentity(x509CertificateArr2, (PrivateKey) obj);
        KeyStore keyStore2 = null;
        if (this.trustKeyStore == null && this.trustKeyStorePassphrase == null && this.trustKsType == null) {
            try {
                sSLContextWrapper.addTrustedCA(SSLContextManager.getServerTrustedCAs());
            } catch (Exception e2) {
                WTCLogger.logErrorInvalidServerTrustCertificate("getSocketFactory");
                if (isTraceEnabled) {
                    ntrace.doTrace("*]/TuxedoSSLSocketFactory/getSocketFactory(50)/bad trust cert");
                }
                throw new IOException(e2.getMessage());
            }
        } else {
            String str2 = this.trustKeyStore == null ? "unspecified" : this.trustKeyStore;
            if (this.trustKeyStore != null) {
                File file2 = new File(str2);
                if (file2.exists()) {
                    keyStore2 = WLSKeyStoreFactory.getKeyStoreInstance(KERNEL_ID, this.trustKsType, file2.getAbsolutePath(), this.trustKeyStorePassphrase.toCharArray());
                }
            }
            if (keyStore2 == null) {
                WTCLogger.logErrorInvalidTrustCertStoreInfo(str2, "getSocketFactory");
                if (isTraceEnabled) {
                    ntrace.doTrace("*]/TuxedoSSLSocketFactory/getSocketFactory(30)/bad trust store");
                }
                throw new IOException("Problem with trust certiticate store " + str2);
            }
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.addAll(SSLCertUtility.getX509Certificates(keyStore2));
                sSLContextWrapper.addTrustedCA((X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]));
            } catch (Exception e3) {
                WTCLogger.logErrorInvalidTrustCertificate(str2, "getSocketFactory");
                if (isTraceEnabled) {
                    ntrace.doTrace("*]/TuxedoSSLSocketFactory/getSocketFactory(40)/bad trust cert");
                }
                throw new IOException(e3.getMessage());
            }
        }
        if (isTraceEnabled) {
            ntrace.doTrace("]/TuxedoSSLSocketFactory/getSocketFactory(60)/get Factory");
        }
        return sSLContextWrapper.getSSLSocketFactory();
    }

    public static String[] getCiphers(int i, int i2) {
        int i3 = 0;
        boolean z = false;
        if (i == 0) {
            z = ManagementService.getRuntimeAccess(KERNEL_ID).getServer().getSSL().isAllowUnencryptedNullCipher();
            if (!z) {
                if (i2 == 0) {
                    WTCLogger.logErrorNoNullCiphersAllowed();
                    return null;
                }
                WTCLogger.logWarnNoNullCiphersAllowed();
            }
        }
        if (i <= 256 && i2 >= 256) {
            i3 = 0 + CIPHER256.length;
        }
        if (i <= 128 && i2 >= 128) {
            i3 += CIPHER128.length;
        }
        if (i <= 112 && i2 >= 112) {
            i3 += CIPHER112.length;
        }
        if (i <= 56 && i2 >= 56) {
            i3 += CIPHER56.length;
        }
        if (z) {
            i3 += CIPHER0.length;
        }
        String[] strArr = new String[i3];
        int i4 = 0;
        if (i <= 256 && i2 >= 256) {
            for (int i5 = 0; i5 < CIPHER256.length; i5++) {
                strArr[i4] = CIPHER256[i5];
                i4++;
            }
        }
        if (i <= 128 && i2 >= 128) {
            for (int i6 = 0; i6 < CIPHER128.length; i6++) {
                strArr[i4] = CIPHER128[i6];
                i4++;
            }
        }
        if (i <= 112 && i2 >= 112) {
            for (int i7 = 0; i7 < CIPHER112.length; i7++) {
                strArr[i4] = CIPHER112[i7];
                i4++;
            }
        }
        if (i <= 56 && i2 >= 56) {
            for (int i8 = 0; i8 < CIPHER56.length; i8++) {
                strArr[i4] = CIPHER56[i8];
                i4++;
            }
        }
        if (z) {
            for (int i9 = 0; i9 < CIPHER0.length; i9++) {
                strArr[i4] = CIPHER0[i9];
                i4++;
            }
        }
        return strArr;
    }
}
