package com.ibm.jsse;

import com.ibm.etools.logging.tracing.client.Options;
import com.ibm.net.ssl.KeyManager;
import com.ibm.net.ssl.TrustManager;
import com.ibm.net.ssl.X509KeyManager;
import com.ibm.net.ssl.X509TrustManager;
import com.ibm.sslite.c;
import com.ibm.sslite.f;
import com.ibm.sslite.s;
import com.ibm.sslite.t;
import com.ibm.sslite.w;
import java.io.ByteArrayInputStream;
import java.security.AccessController;
import java.security.KeyManagementException;
import java.security.PrivilegedAction;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.security.cert.CertificateException;
import sun.security.action.GetPropertyAction;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:runtime/ibmjsse.jar:com/ibm/jsse/JSSEContext.class */
public final class JSSEContext extends t {
    private static boolean DEBUG;
    SecureRandom sr;
    TrustManager[] tm;
    KeyManager[] km;
    private final int PROTOCOL_VERSION_SSL = 0;
    private final int PROTOCOL_VERSION_SSLv2 = 20;
    private final int PROTOCOL_VERSION_SSLv3 = 30;
    private final int PROTOCOL_VERSION_TLS = 31;
    private final int PROTOCOL_VERSION_SSL_TLS = 10;
    JSSESessionContext clientCache = new JSSESessionContext();
    JSSESessionContext serverCache = new JSSESessionContext();

    private void setProtocolVersion(int i) {
        switch (i) {
            case 0:
                this.w = true;
                this.v = true;
                this.u = false;
                return;
            case 10:
                this.w = true;
                this.v = true;
                this.u = true;
                return;
            case 20:
                this.w = true;
                this.v = false;
                this.u = false;
                return;
            case s.w /* 30 */:
                this.w = false;
                this.v = true;
                this.u = false;
                return;
            case 31:
                this.w = false;
                this.v = false;
                this.u = true;
                return;
            default:
                return;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void setEnabledCipherSuites(String[] strArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < strArr.length; i++) {
            try {
                if (strArr[i] != null) {
                    stringBuffer.append(strArr[i]);
                    stringBuffer.append(" ");
                }
            } catch (f unused) {
                throw new IllegalArgumentException();
            }
        }
        a(stringBuffer.toString());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void init(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr, SecureRandom secureRandom) throws KeyManagementException {
        this.km = keyManagerArr;
        this.tm = trustManagerArr;
        for (int i = 0; keyManagerArr != null && i < keyManagerArr.length; i++) {
            if (keyManagerArr[i] != null) {
                if (keyManagerArr[i] instanceof X509KeyManagerImpl) {
                    a(((X509KeyManagerImpl) keyManagerArr[i]).token);
                } else {
                    if (!(keyManagerArr[i] instanceof X509KeyManager)) {
                        throw new KeyManagementException();
                    }
                    a(new JSSEToken((X509KeyManager) keyManagerArr[i], null, secureRandom));
                }
            }
        }
        for (int i2 = 0; trustManagerArr != null && i2 < trustManagerArr.length; i2++) {
            if (trustManagerArr[i2] != null) {
                if (trustManagerArr[i2] instanceof X509TrustManagerImpl) {
                    a(((X509TrustManagerImpl) trustManagerArr[i2]).token);
                } else {
                    if (!(trustManagerArr[i2] instanceof X509TrustManager)) {
                        throw new KeyManagementException();
                    }
                    a(new JSSEToken(null, (X509TrustManager) trustManagerArr[i2], secureRandom));
                }
            }
        }
    }

    @Override // com.ibm.sslite.t
    protected boolean handleSession(Object obj, c cVar) {
        if (this.h) {
            System.out.println(new StringBuffer("JSSEContext: handleSession[").append(obj).append("]").toString());
        }
        return ((JSSESocket) obj).enableSessionCreation;
    }

    @Override // com.ibm.sslite.t
    protected boolean handlePeerCertificate(Object obj, w wVar) {
        if (this.h) {
            System.out.println(new StringBuffer("JSSEContext: handlePeerCertificate[").append(obj).append("]").toString());
        }
        X509Certificate[] convertCertificate = convertCertificate(wVar);
        if (((JSSESocket) obj).clientRole) {
            for (int i = 0; this.tm != null && i < this.tm.length; i++) {
                if (this.tm[i] instanceof X509TrustManagerImpl) {
                    if (((X509TrustManagerImpl) this.tm[i]).isServerTrusted(convertCertificate)) {
                        return true;
                    }
                } else if ((this.tm[i] instanceof X509TrustManager) && ((X509TrustManager) this.tm[i]).isServerTrusted(convertCertificate)) {
                    return true;
                }
            }
            return false;
        }
        for (int i2 = 0; this.tm != null && i2 < this.tm.length; i2++) {
            if (this.tm[i2] instanceof X509TrustManagerImpl) {
                if (((X509TrustManagerImpl) this.tm[i2]).isClientTrusted(null)) {
                    return true;
                }
            } else if ((this.tm[i2] instanceof X509TrustManager) && ((X509TrustManager) this.tm[i2]).isClientTrusted(null)) {
                return true;
            }
        }
        return false;
    }

    @Override // com.ibm.sslite.t
    protected boolean handleNoPeerAuthentication(Object obj) {
        if (this.h) {
            System.out.println(new StringBuffer("JSSEContext: handleNoPeerAuthentication[").append(obj).append("]").toString());
        }
        if (((JSSESocket) obj).clientRole) {
            for (int i = 0; this.tm != null && i < this.tm.length; i++) {
                if (this.tm[i] instanceof X509TrustManagerImpl) {
                    if (((X509TrustManagerImpl) this.tm[i]).isServerTrusted(null)) {
                        return true;
                    }
                } else if ((this.tm[i] instanceof X509TrustManager) && ((X509TrustManager) this.tm[i]).isServerTrusted(null)) {
                    return true;
                }
            }
            return false;
        }
        for (int i2 = 0; this.tm != null && i2 < this.tm.length; i2++) {
            if (this.tm[i2] instanceof X509TrustManagerImpl) {
                if (((X509TrustManagerImpl) this.tm[i2]).isClientTrusted(null)) {
                    return true;
                }
            } else if ((this.tm[i2] instanceof X509TrustManager) && ((X509TrustManager) this.tm[i2]).isClientTrusted(null)) {
                return true;
            }
        }
        return false;
    }

    @Override // com.ibm.sslite.t
    protected boolean handleInvalidPeerCertificate(Object obj, w wVar, w wVar2, f fVar) {
        if (this.h) {
            System.out.println(new StringBuffer("JSSEContext: handleInvalidPeerCertificate[").append(obj).append("]").toString());
        }
        X509Certificate[] convertCertificate = convertCertificate(wVar);
        if (((JSSESocket) obj).clientRole) {
            for (int i = 0; this.tm != null && i < this.tm.length; i++) {
                if (this.tm[i] instanceof X509TrustManagerImpl) {
                    if (((X509TrustManagerImpl) this.tm[i]).isServerTrusted(convertCertificate)) {
                        return true;
                    }
                } else if ((this.tm[i] instanceof X509TrustManager) && ((X509TrustManager) this.tm[i]).isServerTrusted(convertCertificate)) {
                    return true;
                }
            }
            return false;
        }
        for (int i2 = 0; this.tm != null && i2 < this.tm.length; i2++) {
            if (this.tm[i2] instanceof X509TrustManagerImpl) {
                if (((X509TrustManagerImpl) this.tm[i2]).isClientTrusted(null)) {
                    return true;
                }
            } else if ((this.tm[i2] instanceof X509TrustManager) && ((X509TrustManager) this.tm[i2]).isClientTrusted(null)) {
                return true;
            }
        }
        return false;
    }

    @Override // com.ibm.sslite.t
    protected boolean handleConnection(Object obj, c cVar, byte[] bArr) {
        if (this.h) {
            System.out.println(new StringBuffer("JSSEContext: handleConnection[").append(obj).append("]").toString());
        }
        return ((JSSESocket) obj).handshakeCompleted(cVar);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String[] getSupportedCipherSuites() {
        return new t().a();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final javax.security.cert.X509Certificate[] getChain(w wVar) {
        if (wVar == null) {
            return null;
        }
        int i = 1;
        w wVar2 = wVar;
        while (true) {
            w p = wVar2.p();
            if (p == null || wVar2 == p) {
                break;
            }
            wVar2 = p;
            i++;
        }
        javax.security.cert.X509Certificate[] x509CertificateArr = new javax.security.cert.X509Certificate[i];
        for (int i2 = 0; i2 < i; i2++) {
            try {
                x509CertificateArr[i2] = javax.security.cert.X509Certificate.getInstance(wVar.d());
                wVar = wVar.p();
            } catch (CertificateException unused) {
                return null;
            }
        }
        return x509CertificateArr;
    }

    private X509Certificate[] convertCertificate(w wVar) {
        X509Certificate[] x509CertificateArr = null;
        if (wVar != null) {
            int i = 1;
            w wVar2 = wVar;
            while (true) {
                w p = wVar2.p();
                if (p == null || wVar2 == p) {
                    break;
                }
                wVar2 = p;
                i++;
            }
            x509CertificateArr = new X509Certificate[i];
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                for (int i2 = 0; i2 < i; i2++) {
                    x509CertificateArr[i2] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(wVar.d()));
                    wVar = wVar.p();
                }
            } catch (Exception unused) {
            }
        }
        return x509CertificateArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JSSEContext(int i) {
        this.h = DEBUG;
        setProtocolVersion(i);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JSSEContext() {
        this.h = DEBUG;
        setProtocolVersion(0);
    }

    static {
        String str = (String) AccessController.doPrivileged((PrivilegedAction) new GetPropertyAction("javax.net.debug"));
        if (str != null) {
            DEBUG = str.equalsIgnoreCase(Options.OPTION_VALUE_TRUE);
        }
    }
}
