package com.ibm.etools.host.connect.certificates;

import com.ibm.eNetwork.ECL.ECLErr;
import com.ibm.eNetwork.ECL.ECLSession;
import com.ibm.eNetwork.ECL.Transport;
import com.ibm.eNetwork.HOD.HODJVMProperties;
import com.ibm.eNetwork.security.intf.HODSSLIntf;
import com.ibm.eNetwork.security.intf.HODSSLSessionIntf;
import com.ibm.etools.host.connect.HostConnectConstants;
import com.ibm.etools.terminal.beans.Terminal;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import org.eclipse.core.runtime.Platform;
import org.osgi.framework.Bundle;

/* loaded from: input_file:com/ibm/etools/host/connect/certificates/CertificatesUtil.class */
public class CertificatesUtil {
    private static String DEFAULT_PROVIDER_NAME = HostConnectConstants.DEFAULT_TRUSTORE_PROVIDER;
    private static String DEFAULT_KEYSTORE_TYPE = HostConnectConstants.DEFAULT_TRUSTORE_KEYSTORE;
    private static CACertificatesRequestor caCertsRequestor = new CACertificatesRequestor();
    private static String rseKeyStoreLocation = null;
    private static String rseKeyStorePassword = null;
    private static String hostConnectCACertsKeyStoreLocation = null;
    private static String hostConnectCACertsKeyStorePassword = HostConnectConstants.caCertsKeystorePassword;
    private static String hostConnectClientCertsKeyStoreLocation = null;
    private static String hostConnectClientCertsKeyStorePassword = HostConnectConstants.clientCertsKeystorePassword;
    private static Class<?> universalSecurityPluginCLass = null;
    private static Class<?> hodSSLImplClass = null;
    private static Class<?> hodJSSEImplClass = null;
    private static Class<?> hodSSLiteImplClass = null;

    static {
        try {
            loadRSEDstoreSecurityObjects();
        } catch (Exception e) {
            e.printStackTrace();
        }
        initializeHODClassesNames();
    }

    public static void loadRSEDstoreSecurityObjects() throws Exception {
        Bundle bundle = Platform.getBundle("org.eclipse.rse.dstore.security");
        if (bundle != null) {
            universalSecurityPluginCLass = bundle.loadClass("org.eclipse.rse.internal.dstore.security.UniversalSecurityPlugin");
        }
    }

    private static void initializeHODClassesNames() {
        try {
            hodSSLImplClass = Class.forName("com.ibm.eNetwork.security.ssl.HODSSLImpl");
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        }
        try {
            hodJSSEImplClass = Class.forName("com.ibm.eNetwork.security.ssl.HODJSSEImpl");
        } catch (ClassNotFoundException e2) {
            e2.printStackTrace();
        }
        try {
            hodSSLiteImplClass = Class.forName("com.ibm.eNetwork.security.ssl.HODSSLiteImpl");
        } catch (ClassNotFoundException e3) {
            e3.printStackTrace();
        }
    }

    public static KeyStore loadDefaultKeyStore() throws Exception {
        return loadKeyStore(DEFAULT_KEYSTORE_TYPE, DEFAULT_PROVIDER_NAME);
    }

    public static KeyStore loadKeyStore(String str) throws Exception {
        return loadKeyStore(str, null, null);
    }

    public static KeyStore loadKeyStore(String str, String str2) throws Exception {
        return loadKeyStore(str, null, null, str2);
    }

    public static KeyStore loadKeyStore(String str, InputStream inputStream, char[] cArr) throws Exception {
        return loadKeyStore(str, inputStream, cArr, DEFAULT_PROVIDER_NAME);
    }

    public static KeyStore loadKeyStore(String str, InputStream inputStream, char[] cArr, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(str, str2);
        keyStore.load(inputStream, cArr);
        return keyStore;
    }

    public static String getRSEKeyStoreLocation() {
        Bundle bundle;
        if (rseKeyStoreLocation == null) {
            String str = null;
            if (universalSecurityPluginCLass != null) {
                try {
                    Object newInstance = universalSecurityPluginCLass.newInstance();
                    Method declaredMethod = universalSecurityPluginCLass.getDeclaredMethod("getKeyStoreLocation", new Class[0]);
                    if (declaredMethod != null) {
                        str = (String) declaredMethod.invoke(newInstance, new Object[0]);
                    }
                } catch (IllegalAccessException unused) {
                } catch (IllegalArgumentException unused2) {
                } catch (InstantiationException unused3) {
                } catch (NoSuchMethodException unused4) {
                } catch (SecurityException unused5) {
                } catch (InvocationTargetException unused6) {
                }
            }
            if (str == null && (bundle = Platform.getBundle(HostConnectConstants.PLUGIN_ID)) != null) {
                str = Platform.getStateLocation(bundle).append(HostConnectConstants.KEYSTORE).toOSString();
            }
            rseKeyStoreLocation = str == null ? HostConnectConstants.unknownRSEKeystoreLocation : str;
        }
        return rseKeyStoreLocation;
    }

    public static String getRSEKeyStorePassword() {
        if (rseKeyStorePassword == null) {
            String str = HostConnectConstants.keystorePassword;
            if (universalSecurityPluginCLass != null) {
                try {
                    Object newInstance = universalSecurityPluginCLass.newInstance();
                    Method declaredMethod = universalSecurityPluginCLass.getDeclaredMethod("getKeyStorePassword", new Class[0]);
                    if (declaredMethod != null) {
                        str = (String) declaredMethod.invoke(newInstance, new Object[0]);
                    }
                } catch (IllegalAccessException unused) {
                } catch (IllegalArgumentException unused2) {
                } catch (InstantiationException unused3) {
                } catch (NoSuchMethodException unused4) {
                } catch (SecurityException unused5) {
                } catch (InvocationTargetException unused6) {
                }
            }
            rseKeyStorePassword = str;
        }
        return rseKeyStorePassword;
    }

    public static String getHostConnectCACertsKeyStoreLocation() {
        if (hostConnectCACertsKeyStoreLocation == null) {
            String str = null;
            Bundle bundle = Platform.getBundle(HostConnectConstants.PLUGIN_ID);
            if (bundle != null) {
                str = Platform.getStateLocation(bundle).append(HostConnectConstants.CA_CERTS_KEYSTORE).toOSString();
            }
            hostConnectCACertsKeyStoreLocation = str == null ? HostConnectConstants.unknownCAKeystoreLocation : str;
        }
        return hostConnectCACertsKeyStoreLocation;
    }

    public static String getHostConnectCACertsKeyStorePassword() {
        return hostConnectCACertsKeyStorePassword;
    }

    public static String getHostConnectClientCertsKeyStoreLocation() {
        if (hostConnectClientCertsKeyStoreLocation == null) {
            String str = null;
            Bundle bundle = Platform.getBundle(HostConnectConstants.PLUGIN_ID);
            if (bundle != null) {
                str = Platform.getStateLocation(bundle).append(HostConnectConstants.CLIENT_CERTS_KEYSTORE).toOSString();
            }
            hostConnectClientCertsKeyStoreLocation = str == null ? HostConnectConstants.unknownClientKeystoreLocation : str;
        }
        return hostConnectClientCertsKeyStoreLocation;
    }

    public static String getHostConnectClientCertsKeyStorePassword() {
        return hostConnectClientCertsKeyStorePassword;
    }

    public static boolean isJREVersionOkForTLSv11v12() {
        return HODJVMProperties.getMajorVersion() >= 17;
    }

    public static void initSSLContext(HODSSLSessionIntf hODSSLSessionIntf, boolean z, boolean z2, String str, String str2) {
    }

    public static SSLContext getSSLContext(HODSSLSessionIntf hODSSLSessionIntf) throws NoSuchAlgorithmException, NoSuchProviderException {
        SSLContext sSLContext;
        String property = System.getProperty("java.vendor");
        String property2 = Security.getProperty("ssl.SocketFactory.provider");
        System.out.println(" ProviderClass: " + property2);
        if ("com.ibm.fips.jsse.JSSESocketFactory".equals(property2) || ((System.getProperty("com.ibm.jsse2.JSSEFIPS") != null && "true".equals(System.getProperty("com.ibm.jsse2.JSSEFIPS"))) || (System.getProperty("com.ibm.jsse2.usefipsprovider") != null && "true".equals(System.getProperty("com.ibm.jsse2.usefipsprovider"))))) {
            System.out.println("setting TLS and FIPS");
            if (System.getProperty("com.ibm.jsse2.usefipsprovider") != null && "true".equals(System.getProperty("com.ibm.jsse2.usefipsprovider"))) {
                System.out.println("HODJSSEImpl initContext : FIPS properties 1: \"com.ibm.jsse2.JSSEFIPS\" = " + System.getProperty("com.ibm.jsse2.JSSEFIPS") + " Session : (" + hODSSLSessionIntf.getSession().getSessionLabel() + ")");
                System.out.println("HODJSSEImpl initContext : FIPS properties 1: \"com.ibm.jsse2.usefipsprovider\" = " + System.getProperty("com.ibm.jsse2.usefipsprovider") + " Session : (" + hODSSLSessionIntf.getSession().getSessionLabel() + ")");
                sSLContext = ("TLSv1.2".equals(hODSSLSessionIntf.getTLSProtocolVersion()) && isJREVersionOkForTLSv11v12()) ? SSLContext.getInstance("SSL_TLSv2") : "TLSv1".equals(hODSSLSessionIntf.getTLSProtocolVersion()) ? SSLContext.getInstance("TLS") : ("TLSv1.1".equals(hODSSLSessionIntf.getTLSProtocolVersion()) && isJREVersionOkForTLSv11v12()) ? SSLContext.getInstance("TLSv1.1") : SSLContext.getInstance("TLS");
            } else if ("true".equals(System.getProperty("com.ibm.jsse2.JSSEFIPS"))) {
                System.out.println("HODJSSEImpl initContext : FIPS properties 2: \"com.ibm.jsse2.JSSEFIPS\" = " + System.getProperty("com.ibm.jsse2.JSSEFIPS") + " Session : (" + hODSSLSessionIntf.getSession().getSessionLabel() + ")");
                System.out.println("HODJSSEImpl initContext : FIPS properties 2: \"com.ibm.jsse2.usefipsprovider\" = " + System.getProperty("com.ibm.jsse2.usefipsprovider") + " Session : (" + hODSSLSessionIntf.getSession().getSessionLabel() + ")");
                sSLContext = SSLContext.getInstance("TLS");
            } else {
                sSLContext = SSLContext.getInstance("TLS", "IBMJSSEFIPS");
            }
        } else {
            System.out.println("non-fips mode..");
            if ("SESSION_PROTOCOL_SSL".equals(hODSSLSessionIntf.getSecurityProtocol())) {
                sSLContext = SSLContext.getInstance("TLS");
                System.out.println("Parameter not set for SSLv3, defaulting to TLS");
            } else if ("SESSION_PROTOCOL_TLS".equals(hODSSLSessionIntf.getSecurityProtocol())) {
                if (("TLSv1.2".equals(hODSSLSessionIntf.getTLSProtocolVersion()) || "TLSv1.1".equals(hODSSLSessionIntf.getTLSProtocolVersion())) && !isJREVersionOkForTLSv11v12()) {
                    System.out.println("HODJSSEImpl initContext : configured TLSv1.1 or TLSv1.2 protocols but shifting down to TLSv1.0 due Java version less than 7" + hODSSLSessionIntf.getSession().getSessionLabel() + ":" + hODSSLSessionIntf.getSession().GetName());
                }
                sSLContext = (!"TLSv1.2".equals(hODSSLSessionIntf.getTLSProtocolVersion()) || HODJVMProperties.getMajorVersion() < 17) ? "TLSv1".equals(hODSSLSessionIntf.getTLSProtocolVersion()) ? (property == null || !property.startsWith("IBM")) ? SSLContext.getInstance("TLS") : SSLContext.getInstance("SSL_TLS") : ("TLSv1.1".equals(hODSSLSessionIntf.getTLSProtocolVersion()) && isJREVersionOkForTLSv11v12()) ? (property == null || !property.contains("IBM")) ? SSLContext.getInstance("TLSv1.1") : SSLContext.getInstance("TLSv1.1") : "SESSION_PROTOCOL_SSL".equals(hODSSLSessionIntf.getSecurityProtocol()) ? SSLContext.getInstance("SSL") : SSLContext.getInstance("TLS") : (property == null || !property.startsWith("IBM")) ? SSLContext.getInstance("TLSv1.2") : SSLContext.getInstance("SSL_TLSv2");
            } else {
                sSLContext = SSLContext.getInstance("TLS");
            }
        }
        return sSLContext;
    }

    public static SSLSocket getSSLSocket(Terminal terminal) {
        SSLSocket sSLSocket = null;
        try {
            HODSSLIntf hODSSLIntf = new HostConnectECLSession(terminal.getProperties()).getTransport().getHODSSLIntf();
            if (hODSSLIntf != null && hodSSLImplClass != null && hodSSLImplClass.isInstance(hODSSLIntf)) {
                Field declaredField = hodSSLImplClass.getDeclaredField("sslProvider");
                declaredField.setAccessible(true);
                Object obj = declaredField.get(hODSSLIntf);
                if (obj != null) {
                    if (hodJSSEImplClass != null && hodJSSEImplClass.isInstance(obj)) {
                        Field declaredField2 = hodJSSEImplClass.getDeclaredField("sslSocket_");
                        declaredField2.setAccessible(true);
                        sSLSocket = (SSLSocket) declaredField2.get(obj);
                    } else if (hodSSLiteImplClass != null && hodSSLiteImplClass.isInstance(obj)) {
                        Field declaredField3 = hodSSLiteImplClass.getDeclaredField("sslSock");
                        declaredField3.setAccessible(true);
                        sSLSocket = (SSLSocket) declaredField3.get(obj);
                    }
                }
            }
        } catch (IllegalAccessException e) {
            e.printStackTrace();
        } catch (ECLErr e2) {
            e2.printStackTrace();
        } catch (IllegalArgumentException e3) {
            e3.printStackTrace();
        } catch (NoSuchFieldException e4) {
            e4.printStackTrace();
        } catch (SecurityException e5) {
            e5.printStackTrace();
        }
        return sSLSocket;
    }

    public static SSLContext getSSLContext(Terminal terminal) {
        Transport transport;
        SSLContext sSLContext = null;
        HODSSLIntf hODSSLIntf = null;
        try {
            ECLSession eCLSession = terminal.getECLSession();
            if (eCLSession != null && (transport = eCLSession.getTransport()) != null) {
                hODSSLIntf = transport.getHODSSLIntf();
            }
            if (hODSSLIntf != null && hodSSLImplClass != null && hodSSLImplClass.isInstance(hODSSLIntf)) {
                Field declaredField = hodSSLImplClass.getDeclaredField("sslProvider");
                declaredField.setAccessible(true);
                Object obj = declaredField.get(hODSSLIntf);
                if (obj != null) {
                    if (hodJSSEImplClass != null && hodJSSEImplClass.isInstance(obj)) {
                        Method declaredMethod = hodJSSEImplClass.getDeclaredMethod("getSessionIntf", new Class[0]);
                        declaredMethod.setAccessible(true);
                        if (declaredMethod != null) {
                            sSLContext = getSSLContext((HODSSLSessionIntf) declaredMethod.invoke(obj, new Object[0]));
                        }
                    } else if (hodSSLiteImplClass != null && hodSSLiteImplClass.isInstance(obj)) {
                        Method declaredMethod2 = hodSSLiteImplClass.getDeclaredMethod("getSessionIntf", new Class[0]);
                        declaredMethod2.setAccessible(true);
                        if (declaredMethod2 != null) {
                            hodSSLiteImplClass.getDeclaredMethod("getHODSSLContext", new Class[0]).setAccessible(true);
                        }
                    }
                }
            }
        } catch (IllegalAccessException e) {
            e.printStackTrace();
        } catch (IllegalArgumentException e2) {
            e2.printStackTrace();
        } catch (NoSuchFieldException e3) {
            e3.printStackTrace();
        } catch (NoSuchMethodException e4) {
            e4.printStackTrace();
        } catch (SecurityException e5) {
            e5.printStackTrace();
        } catch (InvocationTargetException e6) {
            e6.printStackTrace();
        } catch (NoSuchAlgorithmException e7) {
            e7.printStackTrace();
        } catch (NoSuchProviderException e8) {
            e8.printStackTrace();
        }
        return sSLContext;
    }

    public static KeyManager[] getCustomKeyManagers() throws Exception {
        return null;
    }

    public static byte[] getBytesFromInputStream(InputStream inputStream) throws IOException {
        byte[] bArr;
        int read;
        int available = inputStream.available();
        int i = 0;
        byte[] bArr2 = new byte[available];
        while (available > 0 && (read = inputStream.read((bArr = new byte[available]))) >= 0) {
            for (int i2 = 0; i2 < read; i2++) {
                bArr2[i + i2] = bArr[i2];
            }
            i += read;
            available -= read;
        }
        return bArr2;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v17 */
    /* JADX WARN: Type inference failed for: r0v28 */
    /* JADX WARN: Type inference failed for: r0v30 */
    /* JADX WARN: Type inference failed for: r0v31 */
    /* JADX WARN: Type inference failed for: r0v32 */
    public static String getCertificateDisplayNameFromPrincipal(Principal principal) {
        String str;
        String name = principal.getName();
        String str2 = null;
        if (name.indexOf("CN=") >= 0) {
            str2 = "CN=";
        } else if (name.indexOf("O=") >= 0) {
            str2 = "O=";
        }
        if (str2 != null) {
            int indexOf = name.indexOf(str2) + str2.length();
            boolean z = false;
            str = "";
            while (z != 3) {
                if (!z) {
                    z = true;
                }
                char charAt = name.charAt(indexOf);
                if (charAt == ',' && z) {
                    z = 3;
                }
                if (charAt == '\"') {
                    z = z ? 2 : 1;
                }
                if (z || z == 2) {
                    str = str.concat(Character.toString(charAt));
                }
                indexOf++;
                if (indexOf >= name.length()) {
                    z = 3;
                }
            }
        } else {
            str = name;
        }
        return str;
    }

    public static KeyStore getCustomCAsKeyStore(String str, String str2) throws Exception {
        Map<String, X509Certificate> cACertificates = caCertsRequestor.getCACertificates((str == null || str.trim().length() == 0) ? HostConnectConstants.DEFAULT_TRUSTORE_PROVIDER : str, (str2 == null || str2.trim().length() == 0) ? HostConnectConstants.DEFAULT_TRUSTORE_KEYSTORE : str2);
        char[] charArray = hostConnectCACertsKeyStorePassword.toCharArray();
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, charArray);
        for (String str3 : cACertificates.keySet()) {
            keyStore.setCertificateEntry(str3, cACertificates.get(str3));
        }
        return keyStore;
    }

    public static void getAndStoreClientCertificates() throws Exception {
    }

    public static void getAndStoreCACertificates(String str, String str2) throws Exception {
        Map<String, X509Certificate> cACertificates = caCertsRequestor.getCACertificates((str == null || str.trim().length() == 0) ? HostConnectConstants.DEFAULT_TRUSTORE_PROVIDER : str, (str2 == null || str2.trim().length() == 0) ? HostConnectConstants.DEFAULT_TRUSTORE_KEYSTORE : str2);
        char[] charArray = hostConnectCACertsKeyStorePassword.toCharArray();
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, charArray);
        for (String str3 : cACertificates.keySet()) {
            keyStore.setCertificateEntry(str3, cACertificates.get(str3));
        }
        keyStore.store(new FileOutputStream(hostConnectCACertsKeyStoreLocation), charArray);
    }
}
