package com.ibm.ws.security.common.ssl;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.ssl.SSLConfigChangeListener;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.wsspi.ssl.SSLSupport;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.Properties;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocketFactory;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {SecuritySSLUtils.class}, immediate = true, configurationPolicy = ConfigurationPolicy.IGNORE)
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/common/ssl/SecuritySSLUtils.class */
public class SecuritySSLUtils {
    public static final TraceComponent tc = Tr.register(SecuritySSLUtils.class, (String) null, (String) null);
    private static final String KEY_SSL_SUPPORT = "sslSupport";
    protected static volatile SSLSupport sslSupport;
    static final long serialVersionUID = 484014071484296142L;

    @Reference(name = KEY_SSL_SUPPORT, policy = ReferencePolicy.DYNAMIC)
    public void setSslSupport(SSLSupport sSLSupport) {
        sslSupport = sSLSupport;
    }

    public void unsetSslSupport(SSLSupport sSLSupport) {
        sslSupport = null;
    }

    public static SSLSocketFactory getSSLSocketFactory(SSLSupport sSLSupport, String str) throws SSLException, NoSSLSocketFactoryException {
        SSLSocketFactory sSLSocketFactory = null;
        if (sSLSupport != null) {
            sSLSocketFactory = sSLSupport.getSSLSocketFactory(str);
        }
        if (sSLSocketFactory == null) {
            throw new NoSSLSocketFactoryException();
        }
        return sSLSocketFactory;
    }

    public static SSLSocketFactory getSSLSocketFactory(SSLSupport sSLSupport) throws SSLException, NoSSLSocketFactoryException {
        SSLSocketFactory sSLSocketFactory = null;
        if (sSLSupport != null) {
            sSLSocketFactory = sSLSupport.getSSLSocketFactory();
        }
        if (sSLSocketFactory == null) {
            throw new NoSSLSocketFactoryException();
        }
        return sSLSocketFactory;
    }

    public String getKeyStoreRef(String str) {
        return getSslConfigProperty(str, "com.ibm.ssl.keyStoreName");
    }

    public String getTrustStoreRef(String str) {
        return getSslConfigProperty(str, "com.ibm.ssl.trustStoreName");
    }

    String getSslConfigProperty(String str, String str2) {
        String str3 = null;
        if (str == null) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "sslRef not configured", new Object[0]);
            return null;
        }
        Properties sslConfigProperties = getSslConfigProperties(str);
        if (sslConfigProperties != null) {
            str3 = sslConfigProperties.getProperty(str2);
        }
        return str3;
    }

    @FFDCIgnore({Exception.class})
    Properties getSslConfigProperties(final String str) {
        if (sslSupport == null) {
            return null;
        }
        try {
            final HashMap hashMap = new HashMap();
            hashMap.put("com.ibm.ssl.direction", "inbound");
            return (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.ws.security.common.ssl.SecuritySSLUtils.1
                static final long serialVersionUID = 55761879636700780L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.common.ssl.SecuritySSLUtils$1", AnonymousClass1.class, (String) null, (String) null);

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return SecuritySSLUtils.sslSupport.getJSSEHelper().getProperties(str, hashMap, (SSLConfigChangeListener) null, true);
                }
            });
        } catch (Exception e) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "Caught exception getting SSL properties: " + e, new Object[0]);
            return null;
        }
    }
}
