package com.ibm.ctg.client;

import com.ibm.ctgsslight.SSLContext;
import com.ibm.ctgsslight.SSLException;
import com.ibm.ctgsslight.SSLServerSocket;
import com.ibm.ctgsslight.SSLSocket;
import com.ibm.sslight.SSLightKeyRing;
import java.io.IOException;
import java.net.ServerSocket;

/* loaded from: input_file:install/taderc99V60.zip:cicseci5101/connectorModule/ctgclient.jar:com/ibm/ctg/client/GSLightServerSocket.class */
public final class GSLightServerSocket implements iSSLServerSocket {
    public static final String CLASS_VERSION = "@(#) java/client/GSLightServerSocket.java, client_java, c502, c502-20040301a 1.12 03/10/10 11:20:24";
    private static final String COPYRIGHT_NOTICE = "(c) Copyright IBM Corporation 2002.";
    private static final int INSTALL_JSSE_MSG = 85;
    private static final int KEYRING_NOT_FOUND_MSG = 86;
    private static final int KEYSTORE_TAMPER_MSG = 88;
    private SSLServerSocket internalSSLServerSocket;
    private SSLContext aContext;

    public GSLightServerSocket(int i, int i2, String str, String str2) throws IOException {
        T.in(this, "GSLightServerSocket", new Integer(i), new Integer(i2), str, "*Password* ");
        try {
            getKeyStore(str, str2);
            try {
                this.internalSSLServerSocket = new SSLServerSocket(i, i2, this.aContext);
                T.out(this, "GSLightServerSocket");
            } catch (SSLException e) {
                T.ex(this, e);
                throw new IOException(getSSLMessage(e));
            }
        } catch (SSLException e2) {
            T.ex(this, e2);
            if (T.bDebug) {
                T.ln(this, new StringBuffer().append("SSLException error=").append(getSSLMessage(e2)).toString());
            }
            throw new IOException(ClientMessages.getMessage(null, KEYSTORE_TAMPER_MSG));
        } catch (ClassNotFoundException e3) {
            T.ex(this, e3);
            int lastIndexOf = str.lastIndexOf(".");
            if (lastIndexOf != -1 && str.substring(lastIndexOf).equalsIgnoreCase(".jks")) {
                throw new IOException(ClientMessages.getMessage(null, INSTALL_JSSE_MSG));
            }
            throw new IOException(ClientMessages.getMessage(null, KEYRING_NOT_FOUND_MSG));
        } catch (IllegalAccessException e4) {
            T.ex(this, e4);
            throw new IOException(ClientMessages.getMessage(null, KEYSTORE_TAMPER_MSG));
        } catch (InstantiationException e5) {
            T.ex(this, e5);
            throw new IOException(ClientMessages.getMessage(null, KEYSTORE_TAMPER_MSG));
        }
    }

    public GSLightServerSocket(int i, String str, String str2) throws IOException {
        T.in(this, "GSLightServerSocket", new Integer(i), str, "*Password*");
        try {
            getKeyStore(str, str2);
            try {
                this.internalSSLServerSocket = new SSLServerSocket(i, this.aContext);
                T.out(this, "GSLightServerSocket");
            } catch (SSLException e) {
                T.ex(this, e);
                throw new IOException(getSSLMessage(e));
            }
        } catch (SSLException e2) {
            T.ex(this, e2);
            if (T.bDebug) {
                T.ln(this, new StringBuffer().append("SSLException error=").append(getSSLMessage(e2)).toString());
            }
            throw new IOException(ClientMessages.getMessage(null, KEYSTORE_TAMPER_MSG));
        } catch (ClassNotFoundException e3) {
            T.ex(this, e3);
            int lastIndexOf = str.lastIndexOf(".");
            if (lastIndexOf != -1 && str.substring(lastIndexOf).equalsIgnoreCase(".jks")) {
                throw new IOException(ClientMessages.getMessage(null, INSTALL_JSSE_MSG));
            }
            throw new IOException(ClientMessages.getMessage(null, KEYRING_NOT_FOUND_MSG));
        } catch (IllegalAccessException e4) {
            T.ex(this, e4);
            throw new IOException(ClientMessages.getMessage(null, KEYSTORE_TAMPER_MSG));
        } catch (InstantiationException e5) {
            T.ex(this, e5);
            throw new IOException(ClientMessages.getMessage(null, KEYSTORE_TAMPER_MSG));
        }
    }

    @Override // com.ibm.ctg.client.iSSLServerSocket
    public iSSLSocket accept() throws IOException {
        try {
            return new GSLightSocket((SSLSocket) this.internalSSLServerSocket.accept(null));
        } catch (SSLException e) {
            T.ex(this, e);
            throw new IOException(getSSLMessage(e));
        }
    }

    private void getKeyStore(String str, String str2) throws ClassNotFoundException, InstantiationException, IllegalAccessException, SSLException {
        this.aContext = new SSLContext();
        T.in(this, "getKeyStore", str, "** Password **");
        if (!this.aContext.importKeyRings(((SSLightKeyRing) Class.forName(str).newInstance()).getKeyRingData(), str2)) {
            throw new SSLException();
        }
        T.out(this, "getKeyStore");
    }

    @Override // com.ibm.ctg.client.iSSLServerSocket
    public final ServerSocket getServerSocket() {
        return this.internalSSLServerSocket;
    }

    @Override // com.ibm.ctg.client.iSSLServerSocket
    public final void setNeedClientAuth(boolean z) {
        this.aContext.clientAuthentication = z;
    }

    @Override // com.ibm.ctg.client.iSSLServerSocket
    public final boolean getNeedClientAuth() {
        return this.aContext.clientAuthentication;
    }

    @Override // com.ibm.ctg.client.iSSLServerSocket
    public final String[] getEnabledCipherSuites() {
        return this.aContext.getEnabledCipherSuites();
    }

    @Override // com.ibm.ctg.client.iSSLServerSocket
    public String toString() {
        return this.internalSSLServerSocket != null ? this.internalSSLServerSocket.toString() : "";
    }

    @Override // com.ibm.ctg.client.iSSLServerSocket
    public final void close() throws IOException {
        T.in(this, "close");
        this.internalSSLServerSocket.close();
        T.out(this, "close");
    }

    private static String getSSLMessage(SSLException sSLException) {
        switch (sSLException.getError()) {
            case 0:
                return "PEERCONNECTIONTERMINATION";
            case 1:
                return "MESSAGEFORMAT";
            case 2:
                return "CONNECTIONESTABLISHMENT";
            case 3:
                return "PEERCERTIFICATE";
            case 4:
                return "TRUSTPOLICY";
            case 5:
                return "CERTIFICATE";
            case 6:
                return "TIMEREXPIRED";
            case 7:
                return "INTERFACEERROR";
            case 8:
                return "INTERNALPROCESSINGERROR";
            case 10:
                return "UNEXPECTEDMESSAGE";
            case 20:
                return "BADRECORDMAC";
            case 30:
                return "DECOMPRESSIONFAILURE";
            case 40:
                return "HANDSHAKEFAILURE";
            case 41:
                return "NOCERTIFCATE";
            case 42:
                return "BADCERTIFICATE";
            case 43:
                return "UNSUPPORTEDCERTIFICATE";
            case 44:
                return "CERTIFICATEREVOKED";
            case 45:
                return "CERTIFICATEEXPIRED";
            case 46:
                return "CERTIFICATEUNKNOWN";
            case 47:
                return "ILLEGALPARAMETER";
            case SSLException.AFTERCERTIFICATEVALIDITYPERIOD /* 1001 */:
                return "AFTERCERTIFICATEVALIDITYPERIOD";
            case SSLException.APPLICATIONREJECTED /* 1002 */:
                return "APPLICATIONREJECTED";
            case SSLException.BEFORECERTIFICATEVALIDITYPERIOD /* 1003 */:
                return "BEFORECERTIFICATEVALIDITYPERIOD";
            case SSLException.CIPHERSUITEANDCERTIFICATEPUBLICKEYALGINCOMPATIBLE /* 1004 */:
                return "CIPHERSUITEANDCERTIFICATEPUBLICKEYALGINCOMPATIBLE";
            case SSLException.CLIENTAUTHENTICATIONINVALIDWITHANONYMOUSSERVER /* 1005 */:
                return "CLIENTAUTHENTICATIONINVALIDWITHANONYMOUSSERVER";
            case SSLException.CONNECTTIMER /* 1006 */:
                return "CONNECTTIMER";
            case SSLException.COULDNOTSATISFYREQUESTEDCIPHERSUITE /* 1007 */:
                return "COULDNOTSATISFYREQUESTEDCIPHERSUITE";
            case SSLException.COULDNOTVALIDATESIGNATURE /* 1008 */:
                return "COULDNOTVALIDATESIGNATURE";
            case SSLException.EXCEPTIONOCCURRED /* 1009 */:
                return "EXCEPTIONOCCURRED";
            case SSLException.IMPROPERX509FORMAT /* 1010 */:
                return "IMPROPERX509FORMAT";
            case SSLException.INCOMPATIBLELENGTHS /* 1011 */:
                return "INCOMPATIBLELENGTHS";
            case SSLException.INVALIDPARAMETER /* 1012 */:
                return "INVALIDPARAMETER";
            case SSLException.ISSUERSUBJECTNOTEQUALTOSUBJECTISSUER /* 1013 */:
                return "ISSUERSUBJECTNOTEQUALTOSUBJECTISSUER";
            case SSLException.LENGTHTOOLONG /* 1014 */:
                return "LENGTHTOOLONG";
            case SSLException.LENGTHTOOSHORT /* 1015 */:
                return "LENGTHTOOSHORT";
            case SSLException.NOCIPHERSUITESPECIFIED /* 1016 */:
                return "NOCIPHERSUITESPECIFIED";
            case SSLException.PEERCERTIFICATECHAINNOTTRUSTED /* 1017 */:
                return "PEERCERTIFICATECHAINNOTTRUSTED";
            case SSLException.PROTOCOLVIOLATION /* 1018 */:
                return "PROTOCOLVIOLATION";
            case SSLException.REESTABLISHEDSESSIONCIPHERSUITEWRONG /* 1019 */:
                return "REESTABLISHEDSESSIONCIPHERSUITEWRONG";
            case SSLException.SERVERREQUESTNOTCONSISTENTWITHSELECTEDCIPHERSUITE /* 1020 */:
                return "SERVERREQUESTNOTCONSISTENTWITHSELECTEDCIPHERSUITE";
            case SSLException.SIGNATUREFORMATINCORRECT /* 1021 */:
                return "SIGNATUREFORMATINCORRECT";
            case SSLException.SIGNATURELENGTHINCORRECT /* 1022 */:
                return "SIGNATURELENGTHINCORRECT";
            case SSLException.SIGNATUREPROBLEMONSERVERKEYEXCHANGE /* 1023 */:
                return "SIGNATUREPROBLEMONSERVERKEYEXCHANGE";
            case SSLException.SUBJECTNOTSIGNEDBYISSUER /* 1024 */:
                return "SUBJECTNOTSIGNEDBYISSUER";
            case SSLException.UNSUPPORTEDCIPHERSUITE /* 1025 */:
                return "UNSUPPORTEDCIPHERSUITE";
            case SSLException.UNSUPPORTEDCOMPRESSIONMETHOD /* 1026 */:
                return "UNSUPPORTEDCOMPRESSIONMETHOD";
            case SSLException.UNSUPPORTEDPUBLICKEYALG /* 1027 */:
                return "UNSUPPORTEDPUBLICKEYALG";
            case SSLException.UNSUPPORTEDSIGNINGALG /* 1028 */:
                return "UNSUPPORTEDSIGNINGALG";
            case SSLException.UNSUPPORTEDVALUE /* 1029 */:
                return "UNSUPPORTEDVALUE";
            case SSLException.UNSUPPORTEDVERSION /* 1030 */:
                return "UNSUPPORTEDVERSION";
            case SSLException.VERIFICATIONOFNEGOTIATEDCIPHERALGORITHMSFAILED /* 1031 */:
                return "VERIFICATIONOFNEGOTIATEDCIPHERALGORITHMSFAILED";
            case SSLException.SERVERREJECTEDSTEPUP /* 1032 */:
                return "SERVERREJECTEDSTEPUP";
            default:
                return new StringBuffer().append("SSLException: ").append(sSLException.getError()).toString();
        }
    }
}
