package com.ibm.etools.zos.server;

import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.EOFException;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ResourceBundle;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:lib/zosserver.jar:com/ibm/etools/zos/server/UniversalSystemSocket.class */
public class UniversalSystemSocket extends AbstractSocketImpl implements IDaemonConstants {
    public static final String COPY_RIGHT = "  Licensed Materials - Property of IBM, 5724-T07, Copyright IBM Corp. 2005 All rights reserved.  US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static DataOutputStream _outSocket;
    private static DataInputStream _inSocket;
    private static ServerSocket _serverSocket;
    private static SSLServerSocket _sslServerSocket;
    private static Socket _newSocket;
    private static SSLSocket _newSSLSocket;
    private static String _keyStorePath;
    private static String _keyStorePassword;
    private static String _keyStoreLabel;
    private static byte[] _certificateBytes;
    private static X509Certificate _certificate;
    private static String _hostIdMappingOID;
    private boolean _sslEnable;
    private boolean _firstData;
    private boolean _certificateMode;
    private boolean _openClient;
    private boolean _active;
    private boolean _validCertificate;
    private AbstractCertificateValidator _certValidator;

    /* loaded from: input_file:lib/zosserver.jar:com/ibm/etools/zos/server/UniversalSystemSocket$HandshakeListener.class */
    class HandshakeListener implements HandshakeCompletedListener {
        final UniversalSystemSocket this$0;

        public HandshakeListener(UniversalSystemSocket universalSystemSocket) {
            this.this$0 = universalSystemSocket;
        }

        @Override // javax.net.ssl.HandshakeCompletedListener
        public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
            try {
                RseLogger.logInfo("HandshakeListener", new StringBuffer(": event=").append(handshakeCompletedEvent.toString()).toString());
                UniversalSystemSocket._certificate = (X509Certificate) handshakeCompletedEvent.getPeerCertificates()[0];
                this.this$0._validCertificate = true;
            } catch (Throwable th) {
                RseLogger.logInfo("SimpleHandshakeListener", new StringBuffer(": ").append(th.toString()).toString());
                this.this$0._validCertificate = false;
            }
        }
    }

    public UniversalSystemSocket(AbstractCertificateValidator abstractCertificateValidator) {
        this._certValidator = abstractCertificateValidator;
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public int createSocket(int i) {
        int i2 = 0;
        getSSLProperties();
        if (this._sslEnable) {
            try {
                _sslServerSocket = (SSLServerSocket) getServerSSLContext(_keyStorePath, _keyStorePassword).getServerSocketFactory().createServerSocket(i);
            } catch (Throwable th) {
                RseLogger.logError(IDaemonConstants.daemonName, DaemonReturnCodes.RC_SOCKET_CREATE_ERROR, th);
                i2 = -1;
            }
        } else {
            try {
                _serverSocket = new ServerSocket(i);
            } catch (Throwable th2) {
                RseLogger.logError(IDaemonConstants.daemonName, DaemonReturnCodes.RC_SOCKET_CREATE_ERROR, th2);
                i2 = -1;
            }
        }
        return i2;
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public int acceptSocket() throws Exception {
        if (this._sslEnable) {
            _newSSLSocket = (SSLSocket) _sslServerSocket.accept();
            _newSSLSocket.addHandshakeCompletedListener(new HandshakeListener(this));
            _newSocket = _newSSLSocket;
        } else {
            _newSocket = _serverSocket.accept();
        }
        _outSocket = new DataOutputStream(_newSSLSocket.getOutputStream());
        _inSocket = new DataInputStream(_newSSLSocket.getInputStream());
        this._active = true;
        return _newSocket.getLocalPort();
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public String readString() throws IOException {
        boolean z = false;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        char readByte = (char) _inSocket.readByte();
        while (!z) {
            try {
                byteArrayOutputStream.write(readByte);
                readByte = (char) _inSocket.readByte();
                if (readByte == 0) {
                    z = true;
                    this._openClient = false;
                } else if (readByte == '\r') {
                    _inSocket.readByte();
                    z = true;
                    this._openClient = true;
                }
            } catch (EOFException e) {
            }
        }
        String byteArrayOutputStream2 = byteArrayOutputStream.toString("UTF-8");
        if (byteArrayOutputStream2.equals("*")) {
            this._certificateMode = true;
            this._firstData = false;
            writeString("*");
        } else if (this._firstData) {
            this._certificateMode = false;
            this._firstData = false;
        }
        return byteArrayOutputStream2;
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public void writeString(String str) throws IOException {
        if (this._openClient) {
            _outSocket.write(new StringBuffer(String.valueOf(str)).append(System.getProperty("line.separator")).toString().getBytes("UTF-8"));
        } else {
            _outSocket.write(str.getBytes());
            _outSocket.writeByte(0);
        }
    }

    public byte[] readCertificate() throws IOException {
        byte[] bArr = new byte[4096];
        int read = _inSocket.read(bArr);
        byte[] bArr2 = new byte[read];
        for (int i = 0; i < read; i++) {
            bArr2[i] = bArr[i];
        }
        return bArr2;
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public int closeSocket() throws IOException {
        _inSocket.close();
        _outSocket.close();
        _newSocket.close();
        this._active = false;
        return 0;
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public void closeDaemonSocket() throws IOException {
        if (this._sslEnable) {
            _sslServerSocket.close();
        } else {
            _serverSocket.close();
        }
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public boolean isOpenClient() {
        return this._openClient;
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public boolean isActive() {
        return this._active;
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public int getFd() {
        return 0;
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public boolean isCertificateReceived() {
        try {
            if (!this._sslEnable) {
                if (!this._certificateMode) {
                    return false;
                }
                writeString("*");
                Thread.sleep(30L);
                return false;
            }
            if (this._validCertificate) {
                return true;
            }
            if (!this._certificateMode) {
                return false;
            }
            _certificateBytes = readCertificate();
            writeString("*");
            return true;
        } catch (Throwable th) {
            RseLogger.logError("ZosSystemSocket", " ", th);
            return false;
        }
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public int checkCertificate(String str) {
        _hostIdMappingOID = str;
        if (this._validCertificate) {
            return 1;
        }
        return this._certValidator.checkCertificate(str, _certificateBytes, this._certificateMode);
    }

    @Override // com.ibm.etools.zos.server.AbstractSocketImpl
    public String getUserIdInCertificate() {
        return this._certValidator.getUserIdInCertificate();
    }

    private void getSSLProperties() {
        try {
            ResourceBundle bundle = ResourceBundle.getBundle("ssl");
            this._sslEnable = bundle.getString(IDaemonConstants.SSL_ENABLE).trim().equals("true");
            if (this._sslEnable) {
                _keyStorePath = bundle.getString(IDaemonConstants.SSL_DAEMON_KEYSTORE_FILE).trim();
                _keyStorePassword = bundle.getString(IDaemonConstants.SSL_DAEMON_KEYSTORE_PASSWORD).trim();
            }
        } catch (Throwable th) {
            RseLogger.logError(IDaemonConstants.daemonName, DaemonReturnCodes.RC_SOCKET_CREATE_ERROR, th);
        }
    }

    private static SSLContext getServerSSLContext(String str, String str2) {
        SSLContext sSLContext = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(new FileInputStream(str), str2.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, str2.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        } catch (Throwable th) {
            RseLogger.logError(IDaemonConstants.daemonName, DaemonReturnCodes.RC_SOCKET_CREATE_ERROR, th);
            System.exit(-1);
        }
        return sSLContext;
    }
}
