package com.ibm.ctg.client;

import com.ibm.ctg.util.BldLevel;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:ctgclient.jar:com/ibm/ctg/client/SSLContextFactory.class */
public class SSLContextFactory {
    public static final String CLASS_VERSION = "@(#) java/com/ibm/ctg/client/SSLContextFactory.java, cd_gw_protocolhandlers, c710z 1.10 06/09/26 08:53:00";
    public static final String copyright = "Licensed Materials - Property of IBM 5724-I81 5655-R25 (c) Copyright IBM Corp. 2004, 2006  All Rights Reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static final String KEYSTORE_JKS = "JKS";
    private static final String KEYSTORE_HWJKS = "JCECCAKS";
    private static final String KEYSTORE_RACF = "JCERACFKS";
    private static final String KEYSTORE_HWRACF = "JCECCARACFKS";
    private static final String PROTOCOL_SSL = "SSL_TLS";
    private static final char[] RACF_PWD = "CTGKEYS".toCharArray();

    private SSLContextFactory() {
    }

    public static SSLContext getSSLContext(String str, String str2) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        T.in(null, "getSSLContext", str, "PASSWORD");
        SSLContext sSLContext = getSSLContext(str, str2, false);
        T.out(null, "getSSLContext");
        return sSLContext;
    }

    public static SSLContext getSSLContext(String str, String str2, boolean z) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        T.in(null, "getSSLContext", str, "PASSWORD", BldLevel.PRODUCT_LABEL + z);
        FileInputStream fileInputStream = new FileInputStream(str);
        char[] cArr = null;
        if (str2 != null) {
            cArr = str2.toCharArray();
        }
        SSLContext makeSSLContext = makeSSLContext(fileInputStream, cArr, z ? KEYSTORE_HWJKS : KEYSTORE_JKS);
        T.out(null, "getSSLContext");
        return makeSSLContext;
    }

    public static SSLContext getSSLContext(String str) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, UnsupportedOperationException, Exception {
        T.in(null, "getSSLContext", str);
        SSLContext sSLContext = getSSLContext(str, false);
        T.out(null, "getSSLContext");
        return sSLContext;
    }

    public static SSLContext getSSLContext(String str, boolean z) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, UnsupportedOperationException, Exception {
        InputStream makeInputStream;
        String str2;
        T.in(null, "getSSLContext", str, BldLevel.PRODUCT_LABEL + z);
        if (z) {
            makeInputStream = makeInputStream("com.ibm.crypto.hdwrCCA.provider.RACFInputStream", str);
            str2 = KEYSTORE_HWRACF;
        } else {
            makeInputStream = makeInputStream("com.ibm.crypto.provider.RACFInputStream", str);
            str2 = KEYSTORE_RACF;
        }
        SSLContext makeSSLContext = makeSSLContext(makeInputStream, RACF_PWD, str2);
        T.out(null, "getSSLContext");
        return makeSSLContext;
    }

    private static SSLContext makeSSLContext(InputStream inputStream, char[] cArr, String str) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        T.in(null, "makeSSLContext");
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        T.ln(null, "JSSE KeyManagerAlgorithm is " + defaultAlgorithm);
        KeyStore keyStore = KeyStore.getInstance(str);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
        keyStore.load(inputStream, cArr);
        keyManagerFactory.init(keyStore, cArr);
        trustManagerFactory.init(keyStore);
        SSLContext sSLContext = SSLContext.getInstance(PROTOCOL_SSL);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        T.out(null, "makeSSLContext");
        return sSLContext;
    }

    private static InputStream makeInputStream(String str, String str2) throws UnsupportedOperationException, Exception {
        T.in(null, "makeInputStream", str, str2);
        try {
            InputStream inputStream = (InputStream) Class.forName(str).getConstructor(String.class, String.class, char[].class).newInstance(System.getProperty("user.name"), str2, RACF_PWD);
            T.out(null, "makeInputStream");
            return inputStream;
        } catch (ClassNotFoundException e) {
            T.ln(null, "Could not load the RACFInputStream class");
            T.ex(null, e);
            throw new UnsupportedOperationException();
        } catch (IllegalAccessException e2) {
            T.ln(null, "RACFInputStream constructor is inaccessible");
            T.ex(null, e2);
            throw new UnsupportedOperationException();
        } catch (IllegalArgumentException e3) {
            T.ln(null, "Illegal arguments passed to stream constructor");
            T.ex(null, e3);
            throw new UnsupportedOperationException();
        } catch (InstantiationException e4) {
            T.ln(null, "RACFInputStream is abstract and cannot be instantiated");
            T.ex(null, e4);
            throw new UnsupportedOperationException();
        } catch (NoSuchMethodException e5) {
            T.ln(null, "Attempted to load a method that didn't exist");
            T.ex(null, e5);
            throw new UnsupportedOperationException();
        } catch (SecurityException e6) {
            T.ln(null, "SecurityException caught while trying to get Constructor");
            T.ex(null, e6);
            throw new UnsupportedOperationException();
        } catch (InvocationTargetException e7) {
            T.ln(null, "Exception thrown in RACFInputStream constructor");
            T.ex(null, e7);
            throw new Exception(e7.getTargetException());
        }
    }
}
