package com.ibm.cics.core.comm;

import com.ibm.cics.common.util.Debug;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: input_file:com/ibm/cics/core/comm/SSLProtocolEnablerDecorator.class */
class SSLProtocolEnablerDecorator extends SSLSocketFactory {
    static final String COPYRIGHT = "Licensed Materials - Property of IBM 5655EX1 (c) Copyright IBM Corp. 2013, 2015 All Rights Reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private final SSLSocketFactory sslSocketFactory;
    private boolean enableProtocols;
    private static final List<String> PROPOSED_SECURE_PROTOCOLS = Arrays.asList("TLSv1", "TLSv1.1", "TLSv1.2");
    private static final List<String> FORBIDDEN_PROTOCOLS = Arrays.asList("SSLv3");
    private static final Debug debug = new Debug(SSLProtocolEnablerDecorator.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLProtocolEnablerDecorator(SSLSocketFactory sSLSocketFactory, boolean z) {
        this.sslSocketFactory = sSLSocketFactory;
        this.enableProtocols = z;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.sslSocketFactory.createSocket(socket, str, i, z);
        List<String> enabledProtocols = getEnabledProtocols(sSLSocket);
        sSLSocket.setEnabledProtocols((String[]) enabledProtocols.toArray(new String[enabledProtocols.size()]));
        debug.event("setUpSSlContextAndInitialiseHostnameVerifier.SSLSocketFactory.createSocket", getPrintableEnabledProtocols(sSLSocket));
        return sSLSocket;
    }

    private List<String> getEnabledProtocols(SSLSocket sSLSocket) {
        ArrayList arrayList = new ArrayList(Arrays.asList(sSLSocket.getEnabledProtocols()));
        if (this.enableProtocols) {
            for (String str : getAvailableSecureProtocols(sSLSocket)) {
                if (!arrayList.contains(str)) {
                    arrayList.add(str);
                    debug.info("getEnabledProtocols", "Enabled protocol: " + str);
                }
            }
        }
        for (String str2 : FORBIDDEN_PROTOCOLS) {
            if (arrayList.remove(str2)) {
                debug.info("getEnabledProtocols", "Disabled protocol: " + str2);
            }
        }
        return arrayList;
    }

    private List<String> getAvailableSecureProtocols(SSLSocket sSLSocket) {
        List asList = Arrays.asList(sSLSocket.getSupportedProtocols());
        ArrayList arrayList = new ArrayList(PROPOSED_SECURE_PROTOCOLS);
        ArrayList arrayList2 = new ArrayList(PROPOSED_SECURE_PROTOCOLS);
        arrayList.removeAll(asList);
        if (arrayList.size() > 0) {
            debug.error("createSocket", "Your Java Runtime Environment does not support the secure protocols " + getPrintableProtocols(arrayList));
            arrayList2.removeAll(arrayList);
        }
        return arrayList2;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return this.sslSocketFactory.getDefaultCipherSuites();
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return this.sslSocketFactory.getSupportedCipherSuites();
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        return this.sslSocketFactory.createSocket(str, i);
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        return this.sslSocketFactory.createSocket(inetAddress, i);
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        return this.sslSocketFactory.createSocket(str, i, inetAddress, i2);
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        return this.sslSocketFactory.createSocket(inetAddress, i, inetAddress2, i2);
    }

    private static String getPrintableEnabledProtocols(SSLSocket sSLSocket) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("Enabled protocols for this socket: [");
        stringBuffer.append(getPrintableProtocols(Arrays.asList(sSLSocket.getEnabledProtocols())));
        stringBuffer.append("]");
        return stringBuffer.toString();
    }

    static String getPrintableProtocols(List<String> list) {
        StringBuffer stringBuffer = new StringBuffer();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            stringBuffer.append(it.next());
            stringBuffer.append(", ");
        }
        if (stringBuffer.length() > 2) {
            stringBuffer.setLength(stringBuffer.length() - 2);
        }
        return stringBuffer.toString();
    }
}
