package com.ibm.debug.pdt.codecoverage.internal.ui.resultsview.ccaas.security;

import com.ibm.debug.pdt.codecoverage.internal.ui.resultsview.CCResultViewMessages;
import com.ibm.debug.pdt.codecoverage.internal.ui.resultsview.Labels;
import com.ibm.debug.pdt.codecoverage.internal.ui.resultsview.ResultsViewPlugin;
import com.ibm.debug.pdt.codecoverage.internal.ui.resultsview.util.CCWizardDialog;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import org.eclipse.jface.dialogs.MessageDialog;
import org.eclipse.swt.widgets.Display;
import org.eclipse.swt.widgets.Shell;

/* loaded from: input_file:com/ibm/debug/pdt/codecoverage/internal/ui/resultsview/ccaas/security/CCSSecurityUtils.class */
public class CCSSecurityUtils {
    private static final String KEYSTORE_TYPE_PKIX = "PKIX";
    private static final String KEYSTORE_TYPE_JKS = "JKS";
    private static final String CCS_KEYSTORE_FILENAME = "CCSkeystore.dat";
    private static CCSTrustManager fTrustManager = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/ibm/debug/pdt/codecoverage/internal/ui/resultsview/ccaas/security/CCSSecurityUtils$CCSTrustManager.class */
    public static class CCSTrustManager extends X509ExtendedTrustManager {
        private X509ExtendedTrustManager fPKIXTrustManager;
        private KeyStore fKeyStore;
        private List<Certificate> fUntrustedCertificates = new ArrayList();

        public void setKeystore(String str, String str2) {
            try {
                this.fKeyStore = CCSSecurityUtils.getKeyStore();
                if (this.fKeyStore != null) {
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(CCSSecurityUtils.KEYSTORE_TYPE_PKIX);
                    trustManagerFactory.init(this.fKeyStore);
                    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                    int i = 0;
                    while (true) {
                        if (i >= trustManagers.length) {
                            break;
                        }
                        if (trustManagers[i] instanceof X509ExtendedTrustManager) {
                            this.fPKIXTrustManager = (X509ExtendedTrustManager) trustManagers[i];
                            break;
                        }
                        i++;
                    }
                }
                if (this.fPKIXTrustManager == null) {
                    ResultsViewPlugin.log(4, "Cannot find a PKIX trust manager");
                }
            } catch (Exception e) {
                ResultsViewPlugin.log(e);
            }
        }

        public List<Certificate> getUntrustedCerts() {
            return this.fUntrustedCertificates;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.fPKIXTrustManager == null) {
                throw new CertificateException();
            }
            try {
                this.fPKIXTrustManager.checkClientTrusted(x509CertificateArr, str);
            } catch (Exception e) {
                computeUntrustedCertificates(x509CertificateArr);
                throw e;
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.fPKIXTrustManager == null) {
                throw new CertificateException();
            }
            try {
                this.fPKIXTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (Exception e) {
                computeUntrustedCertificates(x509CertificateArr);
                throw e;
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
            if (this.fPKIXTrustManager == null) {
                throw new CertificateException();
            }
            try {
                this.fPKIXTrustManager.checkClientTrusted(x509CertificateArr, str, socket);
            } catch (Exception e) {
                computeUntrustedCertificates(x509CertificateArr);
                throw e;
            }
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
            if (this.fPKIXTrustManager == null) {
                throw new CertificateException();
            }
            try {
                this.fPKIXTrustManager.checkClientTrusted(x509CertificateArr, str, sSLEngine);
            } catch (Exception e) {
                computeUntrustedCertificates(x509CertificateArr);
                throw e;
            }
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) throws CertificateException {
            if (this.fPKIXTrustManager == null) {
                throw new CertificateException();
            }
            try {
                this.fPKIXTrustManager.checkServerTrusted(x509CertificateArr, str, socket);
            } catch (Exception e) {
                computeUntrustedCertificates(x509CertificateArr);
                throw e;
            }
        }

        @Override // javax.net.ssl.X509ExtendedTrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) throws CertificateException {
            if (this.fPKIXTrustManager == null) {
                throw new CertificateException();
            }
            try {
                this.fPKIXTrustManager.checkServerTrusted(x509CertificateArr, str, sSLEngine);
            } catch (Exception e) {
                computeUntrustedCertificates(x509CertificateArr);
                throw e;
            }
        }

        private void computeUntrustedCertificates(X509Certificate[] x509CertificateArr) {
            this.fUntrustedCertificates.clear();
            ArrayList arrayList = new ArrayList();
            try {
                Enumeration<String> aliases = this.fKeyStore.aliases();
                while (aliases.hasMoreElements()) {
                    Certificate certificate = this.fKeyStore.getCertificate(aliases.nextElement());
                    if (certificate instanceof X509Certificate) {
                        arrayList.add((X509Certificate) certificate);
                    }
                }
            } catch (KeyStoreException e) {
                ResultsViewPlugin.log(e);
            }
            for (X509Certificate x509Certificate : x509CertificateArr) {
                boolean z = false;
                for (int i = 0; i < arrayList.size() && !z; i++) {
                    X509Certificate x509Certificate2 = (X509Certificate) arrayList.get(i);
                    if (x509Certificate == x509Certificate2) {
                        z = true;
                    } else {
                        try {
                            x509Certificate.verify(x509Certificate2.getPublicKey());
                            z = x509Certificate.getEncoded().length == x509Certificate2.getEncoded().length;
                        } catch (Exception e2) {
                        }
                    }
                }
                if (!z) {
                    this.fUntrustedCertificates.add(x509Certificate);
                }
            }
        }
    }

    private static String getKeyStorePassword() {
        return "bwqZLx3U]@u!qsT";
    }

    private static File getKeyStoreFile() {
        return ResultsViewPlugin.getDefault().getStateLocation().append(CCS_KEYSTORE_FILENAME).toFile();
    }

    protected static KeyStore getKeyStore() {
        Throwable th;
        Throwable th2;
        File keyStoreFile = getKeyStoreFile();
        KeyStore keyStore = null;
        try {
            keyStore = KeyStore.getInstance(KEYSTORE_TYPE_JKS);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            ResultsViewPlugin.log(e);
        }
        if (keyStoreFile.exists() && keyStoreFile.length() > 0) {
            th = null;
            try {
                FileInputStream fileInputStream = new FileInputStream(keyStoreFile);
                try {
                    keyStore.load(fileInputStream, getKeyStorePassword().toCharArray());
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return keyStore;
                } catch (Throwable th3) {
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    throw th3;
                }
            } finally {
            }
        }
        th = null;
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(getKeyStoreFile());
            try {
                keyStore.load(null, getKeyStorePassword().toCharArray());
                keyStore.store(fileOutputStream, getKeyStorePassword().toCharArray());
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                return keyStore;
            } catch (Throwable th4) {
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                throw th4;
            }
        } finally {
        }
        ResultsViewPlugin.log(e);
        return keyStore;
    }

    private static CCSTrustManager getTrustManager() {
        if (fTrustManager == null) {
            fTrustManager = new CCSTrustManager();
        }
        return fTrustManager;
    }

    public static SSLSocketFactory getSocketFactory() {
        try {
            KeyStore keyStore = getKeyStore();
            if (keyStore == null) {
                return null;
            }
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            TrustManagerFactory.getInstance(KEYSTORE_TYPE_PKIX).init(keyStore);
            getTrustManager().setKeystore(getKeyStorePassword(), getKeyStorePassword());
            sSLContext.init(null, new TrustManager[]{getTrustManager()}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            return null;
        }
    }

    public static void deleteKeyStore() {
        File keyStoreFile = getKeyStoreFile();
        if (!keyStoreFile.exists() || keyStoreFile.delete()) {
            return;
        }
        MessageDialog.openError((Shell) null, Labels.ExportCCZipWizardPage_Error, CCResultViewMessages.CRRDG9315);
    }

    public static boolean importCertificates(String str) {
        List<Certificate> untrustedCerts = getTrustManager().getUntrustedCerts();
        if (untrustedCerts == null || untrustedCerts.size() <= 0) {
            return true;
        }
        return new CCWizardDialog(Display.getCurrent().getActiveShell(), new CCSCertificateWizard(str, untrustedCerts)).open() == 0;
    }

    private static String getAlias(String str) {
        String str2 = str;
        try {
            int i = 0;
            Enumeration<String> aliases = getKeyStore().aliases();
            while (aliases.hasMoreElements()) {
                if (aliases.nextElement().toLowerCase().startsWith(str.toLowerCase())) {
                    i++;
                }
            }
            str2 = String.valueOf(str) + (i + 1);
        } catch (Exception e) {
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean importCertificates(List<Certificate> list, String str) {
        String alias = getAlias(str);
        KeyStore keyStore = getKeyStore();
        Iterator<Certificate> it = list.iterator();
        while (it.hasNext()) {
            try {
                keyStore.setCertificateEntry(alias, it.next());
            } catch (KeyStoreException e) {
                ResultsViewPlugin.log(e);
                return false;
            }
        }
        try {
            if (keyStore.size() == 0) {
                getKeyStoreFile().delete();
                return false;
            }
            Throwable th = null;
            try {
                try {
                    FileOutputStream fileOutputStream = new FileOutputStream(getKeyStoreFile());
                    try {
                        try {
                            keyStore.store(fileOutputStream, getKeyStorePassword().toCharArray());
                            if (fileOutputStream == null) {
                                return true;
                            }
                            fileOutputStream.close();
                            return true;
                        } catch (Throwable th2) {
                            if (fileOutputStream != null) {
                                fileOutputStream.close();
                            }
                            throw th2;
                        }
                    } catch (NoSuchAlgorithmException | CertificateException e2) {
                        ResultsViewPlugin.log(e2);
                        if (fileOutputStream == null) {
                            return false;
                        }
                        fileOutputStream.close();
                        return false;
                    }
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th = th3;
                    } else if (null != th3) {
                        th.addSuppressed(th3);
                    }
                    throw th;
                }
            } catch (FileNotFoundException e3) {
                ResultsViewPlugin.log(e3);
                return false;
            } catch (IOException e4) {
                ResultsViewPlugin.log(e4);
                return false;
            }
        } catch (KeyStoreException e5) {
            ResultsViewPlugin.log(e5);
            return false;
        }
    }

    public static HostnameVerifier getHostNameVerifier() {
        return null;
    }
}
