package com.ibm.ims.drda.t4;

import com.ibm.ims.dli.IMSConnectionSpecImpl;
import com.ibm.ims.drda.base.DisconnectException;
import com.ibm.ims.drda.base.DrdaMessages;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketException;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedExceptionAction;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:BundleContent/imsudb.jar:com/ibm/ims/drda/t4/OpenSSLSocketAction.class */
public class OpenSSLSocketAction implements PrivilegedExceptionAction {
    private String server_;
    private int port_;
    private int loginTimeout_;
    private String trustStoreLoc;
    private String trustStorePwd;
    private String trustMgrAlgorithm;
    private String keyStoreLoc;
    private String keyStorePwd;
    private String keyMgrAlgorithm;
    private String keyStoreType;
    private String secureSocketProtocol;
    public static final String TRUST_STORE = "javax.net.ssl.trustStore";
    public static final String TRUST_STORE_PWD = "javax.net.ssl.trustStorePassword";
    public static final String KEYSTORE = "javax.net.ssl.keyStore";
    public static final String KEYSTORE_PWD = "javax.net.ssl.keyStorePassword";
    private static final Logger logger = Logger.getLogger("com.ibm.ims.db.opendb.drda");
    public static final String NEWLINE = System.getProperty("line.separator");

    public OpenSSLSocketAction(String str, int i, IMSConnectionSpecImpl iMSConnectionSpecImpl) {
        this.server_ = str;
        this.port_ = i;
        this.loginTimeout_ = iMSConnectionSpecImpl.getLoginTimeout();
        this.trustStoreLoc = iMSConnectionSpecImpl.getSslTrustStoreLocation();
        this.trustStorePwd = iMSConnectionSpecImpl.getSslTrustStorePassword();
        this.trustMgrAlgorithm = iMSConnectionSpecImpl.getSslTrustMgrAlgorithm();
        this.keyStoreLoc = iMSConnectionSpecImpl.getSslKeyStoreLocation();
        this.keyStorePwd = iMSConnectionSpecImpl.getSslKeyStorePassword();
        this.keyMgrAlgorithm = iMSConnectionSpecImpl.getSslKeyMgrAlgorithm();
        this.keyStoreType = iMSConnectionSpecImpl.getKeyStoreType();
        this.secureSocketProtocol = iMSConnectionSpecImpl.getSecureSocketProtocol();
    }

    @Override // java.security.PrivilegedExceptionAction
    public Object run() throws DisconnectException {
        SSLContext sSLContext;
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(getClass().getName(), "run()", new Object[]{"Hash code: " + Integer.toHexString(hashCode()), "Thread ID: " + Thread.currentThread().getId()});
        }
        try {
            Properties properties = System.getProperties();
            if (this.trustStoreLoc != null && !this.trustStoreLoc.isEmpty()) {
                logger.finer("tid: " + Thread.currentThread().getId() + " sslTrustStoreLocation: " + this.trustStoreLoc);
                properties.put(TRUST_STORE, this.trustStoreLoc);
                if (this.trustStorePwd != null && !this.trustStorePwd.isEmpty()) {
                    logger.finer("tid: " + Thread.currentThread().getId() + " sslTrustStorePassword is provided.");
                    properties.put(TRUST_STORE_PWD, this.trustStorePwd);
                }
            }
            if (this.keyStoreLoc != null && !this.keyStoreLoc.isEmpty()) {
                logger.finer("tid: " + Thread.currentThread().getId() + " sslKeyStoreLocation: " + this.keyStoreLoc);
                properties.put(KEYSTORE, this.keyStoreLoc);
                if (this.keyStorePwd != null && !this.keyStorePwd.isEmpty()) {
                    logger.finer("tid: " + Thread.currentThread().getId() + " sslKeyStorePassword is provided.");
                    properties.put(KEYSTORE_PWD, this.keyStorePwd);
                }
            }
            System.setProperties(properties);
            if (this.secureSocketProtocol == null || this.secureSocketProtocol.isEmpty()) {
                logger.finer("tid: " + Thread.currentThread().getId() + " Getting default SSLContext.");
                sSLContext = SSLContext.getDefault();
            } else {
                logger.finer("tid: " + Thread.currentThread().getId() + " Getting SSLContext for socket protocol: " + this.secureSocketProtocol);
                sSLContext = SSLContext.getInstance(this.secureSocketProtocol);
                TrustManager[] trustManagerArr = null;
                KeyManager[] keyManagerArr = null;
                if (this.trustStoreLoc != null && !this.trustStoreLoc.isEmpty() && this.trustStorePwd != null && !this.trustStorePwd.isEmpty()) {
                    String defaultAlgorithm = (this.trustMgrAlgorithm == null || this.trustMgrAlgorithm.isEmpty()) ? TrustManagerFactory.getDefaultAlgorithm() : this.trustMgrAlgorithm;
                    logger.finer("tid: " + Thread.currentThread().getId() + " Getting TrustManagerFactory for algorithm: " + defaultAlgorithm);
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
                    char[] charArray = this.trustStorePwd.toCharArray();
                    String defaultType = (this.keyStoreType == null || this.keyStoreType.isEmpty()) ? KeyStore.getDefaultType() : this.keyStoreType;
                    logger.finer("tid: " + Thread.currentThread().getId() + " Getting TrustStore instance for KeyStore type: " + defaultType);
                    KeyStore keyStore = KeyStore.getInstance(defaultType);
                    keyStore.load(new FileInputStream(this.trustStoreLoc), charArray);
                    trustManagerFactory.init(keyStore);
                    trustManagerArr = trustManagerFactory.getTrustManagers();
                }
                if (this.keyStoreLoc != null && !this.keyStoreLoc.isEmpty() && this.keyStorePwd != null && !this.keyStorePwd.isEmpty()) {
                    if (this.keyMgrAlgorithm == null || this.keyMgrAlgorithm.isEmpty()) {
                        this.keyMgrAlgorithm = this.trustMgrAlgorithm;
                    }
                    String defaultAlgorithm2 = (this.keyMgrAlgorithm == null || this.keyMgrAlgorithm.isEmpty()) ? KeyManagerFactory.getDefaultAlgorithm() : this.keyMgrAlgorithm;
                    logger.finer("tid: " + Thread.currentThread().getId() + " Getting KeyManagerFactory for algorithm: " + defaultAlgorithm2);
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm2);
                    char[] charArray2 = this.keyStorePwd.toCharArray();
                    String defaultType2 = (this.keyStoreType == null || this.keyStoreType.isEmpty()) ? KeyStore.getDefaultType() : this.keyStoreType;
                    logger.finer("tid: " + Thread.currentThread().getId() + " Getting KeyStore instance for KeyStore type: " + defaultType2);
                    KeyStore keyStore2 = KeyStore.getInstance(defaultType2);
                    keyStore2.load(new FileInputStream(this.keyStoreLoc), charArray2);
                    keyManagerFactory.init(keyStore2, charArray2);
                    keyManagerArr = keyManagerFactory.getKeyManagers();
                }
                sSLContext.init(keyManagerArr, trustManagerArr, null);
            }
            SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket();
            logger.finer("tid: " + Thread.currentThread().getId() + " Creating a SSL Socket For " + this.server_ + " on port " + this.port_ + " with timeOut " + this.loginTimeout_);
            sSLSocket.connect(new InetSocketAddress(InetAddress.getByName(this.server_), this.port_), this.loginTimeout_ * 1000);
            if (logger.isLoggable(Level.FINER)) {
                Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
                logger.finer(peerCertificates.length + " Certifcates Found" + NEWLINE + NEWLINE + NEWLINE);
                if (logger.isLoggable(Level.FINER)) {
                    for (int i = 0; i < peerCertificates.length; i++) {
                        Certificate certificate = peerCertificates[i];
                        logger.finer("====Certificate:" + (i + 1) + "====");
                        logger.finer("-Public Key-" + NEWLINE + certificate.getPublicKey());
                        logger.finer("-Certificate Type- " + NEWLINE + certificate.getType());
                    }
                }
            }
            sSLSocket.setTcpNoDelay(true);
            sSLSocket.setKeepAlive(true);
            sSLSocket.setSoTimeout(this.loginTimeout_ * 1000);
            if (logger.isLoggable(Level.FINER)) {
                logger.exiting(getClass().getName(), "run()");
            }
            return sSLSocket;
        } catch (SocketException e) {
            DisconnectException disconnectException = new DisconnectException(DrdaMessages.getIMSBundle().getString("UNABLE_TO_CREATE_SOCKET", new Object[]{this.server_, "" + this.port_, e.getMessage()}));
            disconnectException.initCause(e);
            if (logger.isLoggable(Level.SEVERE)) {
                logger.throwing(getClass().getName(), "run()", disconnectException);
            }
            throw disconnectException;
        } catch (UnknownHostException e2) {
            DisconnectException disconnectException2 = new DisconnectException(DrdaMessages.getIMSBundle().getString("UNABLE_TO_CREATE_SOCKET", new Object[]{this.server_, "" + this.port_, e2.getMessage()}));
            disconnectException2.initCause(e2);
            if (logger.isLoggable(Level.SEVERE)) {
                logger.throwing(getClass().getName(), "run()", disconnectException2);
            }
            throw disconnectException2;
        } catch (IOException e3) {
            DisconnectException disconnectException3 = new DisconnectException(DrdaMessages.getIMSBundle().getString("UNABLE_TO_CREATE_SOCKET", new Object[]{this.server_, "" + this.port_, e3.getMessage()}));
            disconnectException3.initCause(e3);
            if (logger.isLoggable(Level.SEVERE)) {
                logger.throwing(getClass().getName(), "run()", disconnectException3);
            }
            throw disconnectException3;
        } catch (KeyManagementException e4) {
            DisconnectException disconnectException4 = new DisconnectException(DrdaMessages.getIMSBundle().getString("UNABLE_TO_CREATE_SOCKET", new Object[]{this.server_, "" + this.port_, e4.getMessage()}));
            disconnectException4.initCause(e4);
            if (logger.isLoggable(Level.SEVERE)) {
                logger.throwing(getClass().getName(), "run()", disconnectException4);
            }
            throw disconnectException4;
        } catch (KeyStoreException e5) {
            DisconnectException disconnectException5 = new DisconnectException(DrdaMessages.getIMSBundle().getString("UNABLE_TO_CREATE_SOCKET", new Object[]{this.server_, "" + this.port_, e5.getMessage()}));
            disconnectException5.initCause(e5);
            if (logger.isLoggable(Level.SEVERE)) {
                logger.throwing(getClass().getName(), "run()", disconnectException5);
            }
            throw disconnectException5;
        } catch (NoSuchAlgorithmException e6) {
            DisconnectException disconnectException6 = new DisconnectException(DrdaMessages.getIMSBundle().getString("UNABLE_TO_CREATE_SOCKET", new Object[]{this.server_, "" + this.port_, e6.getMessage()}));
            disconnectException6.initCause(e6);
            if (logger.isLoggable(Level.SEVERE)) {
                logger.throwing(getClass().getName(), "run()", disconnectException6);
            }
            throw disconnectException6;
        } catch (UnrecoverableKeyException e7) {
            DisconnectException disconnectException7 = new DisconnectException(DrdaMessages.getIMSBundle().getString("UNABLE_TO_CREATE_SOCKET", new Object[]{this.server_, "" + this.port_, e7.getMessage()}));
            disconnectException7.initCause(e7);
            if (logger.isLoggable(Level.SEVERE)) {
                logger.throwing(getClass().getName(), "run()", disconnectException7);
            }
            throw disconnectException7;
        } catch (CertificateException e8) {
            DisconnectException disconnectException8 = new DisconnectException(DrdaMessages.getIMSBundle().getString("UNABLE_TO_CREATE_SOCKET", new Object[]{this.server_, "" + this.port_, e8.getMessage()}));
            disconnectException8.initCause(e8);
            if (logger.isLoggable(Level.SEVERE)) {
                logger.throwing(getClass().getName(), "run()", disconnectException8);
            }
            throw disconnectException8;
        }
    }
}
