package com.ibm.etools.zseries.util;

import com.ibm.etools.rdz.client.certificates.api.CertificatePrivateKeyPair;
import com.ibm.etools.rdz.client.certificates.api.ClientCertificatesRequestor;
import com.ibm.etools.zseries.util.preferences.CertificatePromptDialog;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509KeyManager;
import org.eclipse.core.runtime.OperationCanceledException;
import org.eclipse.dstore.core.util.ssl.BaseSSLContext;
import org.eclipse.rse.core.model.IHost;
import org.eclipse.rse.core.model.SystemSignonInformation;
import org.eclipse.rse.core.subsystems.AbstractCredentialsProvider;
import org.eclipse.rse.core.subsystems.IConnectorService;
import org.eclipse.rse.core.subsystems.ICredentials;
import org.eclipse.rse.core.subsystems.ISubSystem;
import org.eclipse.rse.logging.LoggerFactory;
import org.eclipse.rse.services.clientserver.messages.SystemMessage;
import org.eclipse.rse.ui.RSEUIPlugin;
import org.eclipse.rse.ui.dialogs.ISystemPasswordPromptDialog;
import org.eclipse.swt.widgets.Display;
import org.eclipse.swt.widgets.Shell;
import org.eclipse.ui.IWorkbench;
import org.eclipse.ui.IWorkbenchWindow;
import org.eclipse.ui.PlatformUI;

/* loaded from: input_file:com/ibm/etools/zseries/util/CertificateCredentialsProvider.class */
public class CertificateCredentialsProvider extends AbstractCredentialsProvider {
    public static final String HOSTIDMAPPING_OID = "1.3.18.0.2.18.1";
    private boolean cancelled;
    private String userId;
    private String password;
    private String hostIdMappingOID;
    private boolean _validateCertificate;
    private X509Certificate certificate;
    private PrivateKey certificatePrivateKey;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/ibm/etools/zseries/util/CertificateCredentialsProvider$PromptForCredentials.class */
    public class PromptForCredentials implements Runnable {
        PromptForCredentials(CertificateCredentialsProvider certificateCredentialsProvider) {
        }

        public boolean isCancelled() {
            return CertificateCredentialsProvider.this.cancelled;
        }

        @Override // java.lang.Runnable
        public void run() {
            CertificateCredentialsProvider.this.requestClientCertificate();
            if (CertificateCredentialsProvider.this.certificate == null) {
                Shell shell = CertificateCredentialsProvider.this.getShell();
                if (shell == null) {
                    CertificateCredentialsProvider.this.cancelled = true;
                    return;
                }
                ISystemPasswordPromptDialog certificatePromptDialog = CertificateCredentialsProvider.this.getCertificatePromptDialog(shell);
                certificatePromptDialog.setSystemInput(CertificateCredentialsProvider.this.getConnectorService());
                try {
                    certificatePromptDialog.open();
                } catch (Exception e) {
                    CertificateCredentialsProvider.this.logException(e);
                }
                CertificateCredentialsProvider.this.cancelled = certificatePromptDialog.wasCancelled();
                if (CertificateCredentialsProvider.this.cancelled) {
                    return;
                }
                CertificateCredentialsProvider.this.requestClientCertificate();
            }
        }
    }

    public CertificateCredentialsProvider(IConnectorService iConnectorService) {
        super(iConnectorService);
        this.cancelled = false;
        this.userId = null;
        this.password = null;
        this.hostIdMappingOID = null;
        this._validateCertificate = UtilPlugin.getDefault().getPluginPreferences().getBoolean(UtilPlugin.VALIDATE_CERTIFICATE);
    }

    public void acquireCredentials(boolean z) throws OperationCanceledException {
        this.cancelled = false;
        while (this.certificate == null && !this.cancelled) {
            promptForCredentials();
        }
        setKeyManager();
        getConnectorService().saveUserId();
    }

    public void clearCredentials() {
    }

    public void clearPassword() {
    }

    public ICredentials getCredentials() {
        IHost host = getConnectorService().getHost();
        return new SystemSignonInformation(host.getHostName(), this.userId, this.password, host.getSystemType());
    }

    public String getUserId() {
        if (this.userId == null) {
            this.userId = getSubSystemUserId();
        }
        return this.userId;
    }

    public String getHostIdMappingOID() {
        if (this.hostIdMappingOID == null) {
            this.hostIdMappingOID = HOSTIDMAPPING_OID;
        }
        return this.hostIdMappingOID;
    }

    public byte[] getCertificate() {
        try {
            try {
                return this.certificate.getEncoded();
            } catch (Throwable th) {
                th.printStackTrace();
                this.certificate = null;
                this.certificatePrivateKey = null;
                return null;
            }
        } finally {
            this.certificate = null;
            this.certificatePrivateKey = null;
        }
    }

    public void repairCredentials(SystemMessage systemMessage) throws OperationCanceledException {
        System.out.println("CertificateCredentialsProvider: repairCredentials");
    }

    public void setPassword(String str) {
    }

    public void setPassword(char[] cArr) {
    }

    public void setUserId(String str) {
        this.userId = str;
    }

    public void setKeyManager() {
        try {
            try {
                X509Certificate[] x509CertificateArr = {this.certificate};
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null, "cert".toCharArray());
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, "cert".toCharArray());
                KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
                X509KeyManager[] x509KeyManagerArr = new X509KeyManager[10];
                for (int i = 0; i < keyManagers.length; i++) {
                    if (keyManagers[i] instanceof X509KeyManager) {
                        x509KeyManagerArr[i] = new CustomKeyManager((X509KeyManager) keyManagers[i], "alias", x509CertificateArr, this.certificatePrivateKey);
                    }
                }
                if (this._validateCertificate) {
                    BaseSSLContext.setKeyManagers(x509KeyManagerArr);
                } else {
                    BaseSSLContext.setKeyManagers((KeyManager[]) null);
                }
                if (this._validateCertificate) {
                    this.certificate = null;
                    this.certificatePrivateKey = null;
                }
            } catch (Exception e) {
                e.printStackTrace();
                if (this._validateCertificate) {
                    this.certificate = null;
                    this.certificatePrivateKey = null;
                }
            }
        } catch (Throwable th) {
            if (this._validateCertificate) {
                this.certificate = null;
                this.certificatePrivateKey = null;
            }
            throw th;
        }
    }

    private Shell getShell() {
        IWorkbenchWindow activeWorkbenchWindow;
        Shell shell = null;
        IWorkbench workbench = PlatformUI.getWorkbench();
        if (workbench != null && (activeWorkbenchWindow = workbench.getActiveWorkbenchWindow()) != null) {
            shell = activeWorkbenchWindow.getShell();
        }
        return shell;
    }

    private String getSubSystemUserId() {
        return getPrimarySubSystem().getUserId();
    }

    private ISubSystem getPrimarySubSystem() {
        return getConnectorService().getPrimarySubSystem();
    }

    protected ISystemPasswordPromptDialog getCertificatePromptDialog(Shell shell) {
        return new CertificatePromptDialog(shell, requiresUserId(), requiresPassword());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isValidateCertificate() {
        return this._validateCertificate;
    }

    private void promptForCredentials() throws OperationCanceledException {
        PromptForCredentials promptForCredentials = new PromptForCredentials(this);
        Display.getDefault().syncExec(promptForCredentials);
        if (promptForCredentials.isCancelled()) {
            throw new OperationCanceledException();
        }
    }

    private void logException(Throwable th) {
        LoggerFactory.getLogger(RSEUIPlugin.getDefault()).logError("Unexpected exception", th);
    }

    private void setSignonInformation(SystemSignonInformation systemSignonInformation) {
        System.out.println("CertificateCredentialsProvider: setSignonInformation");
    }

    private void requestClientCertificate() {
        try {
            ClientCertificatesRequestor clientCertificatesRequestor = new ClientCertificatesRequestor();
            CertificatePrivateKeyPair requestUserCertificate = clientCertificatesRequestor.requestUserCertificate();
            this.certificate = (X509Certificate) requestUserCertificate.getCertificate();
            this.certificatePrivateKey = requestUserCertificate.getPrivateKey();
            X509Certificate x509Certificate = this.certificate;
            this.hostIdMappingOID = clientCertificatesRequestor.getOIDValue();
            byte[] extensionValue = x509Certificate.getExtensionValue(this.hostIdMappingOID);
            if (extensionValue != null) {
                CertificateParser certificateParser = new CertificateParser(extensionValue);
                certificateParser.getHostId();
                this.userId = certificateParser.getUserId();
            }
        } catch (Throwable th) {
            this.certificate = null;
            this.certificatePrivateKey = null;
            th.printStackTrace();
        }
    }
}
