package com.ibm.ctg.client;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.security.cert.CertificateExpiredException;
import javax.security.cert.CertificateNotYetValidException;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:install/taderc99V60.zip:cicseci5101/connectorModule/ctgclient.jar:com/ibm/ctg/client/JSSESocket.class */
public final class JSSESocket implements iSSLSocket {
    public static final String CLASS_VERSION = "@(#) java/client/JSSESocket.java, client_java, c502, c502-20040302 1.14 04/03/02 16:41:12";
    private static final String COPYRIGHT_NOTICE = "(c) Copyright IBM Corporation 2002,2004.";
    private static final String KEYSTORE_JKS = "JKS";
    private static final String PROTOCOL_SSL = "SSL";
    private SSLSocket internalSSLSocket;
    private SSLContext aContext;
    private SSLSocketFactory aSSLSocketFactory;
    private Certificate[] aCertificateArray;

    /* JADX INFO: Access modifiers changed from: package-private */
    public JSSESocket(SSLSocket sSLSocket) {
        T.in(this, "JSSESocket", sSLSocket);
        this.internalSSLSocket = sSLSocket;
        T.out(this, "JSSESocket");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JSSESocket(InetAddress inetAddress, int i, boolean z, String str, String str2) throws IOException, UnknownHostException {
        T.in(this, "JSSESocket", inetAddress, new Integer(i), new Boolean(z), str, " ** Password **");
        try {
            getKeyStore(str, str2);
            this.internalSSLSocket = (SSLSocket) this.aSSLSocketFactory.createSocket(inetAddress, i);
            this.internalSSLSocket.setUseClientMode(z);
            try {
                SSLSession session = this.internalSSLSocket.getSession();
                if (session == null) {
                    T.ln(this, "SSL Session rejected by client.");
                    this.internalSSLSocket.close();
                    throw new IOException("SSL Session rejected by client");
                }
                X509Certificate[] peerCertificateChain = session.getPeerCertificateChain();
                if (peerCertificateChain != null) {
                    for (X509Certificate x509Certificate : peerCertificateChain) {
                        x509Certificate.checkValidity();
                    }
                }
                T.out(this, "JSSESocket");
            } catch (SSLPeerUnverifiedException e) {
                T.ln(this, "Server Certificate chain is not valid.");
                T.ex(this, e);
                this.internalSSLSocket.close();
                throw new SSLPeerUnverifiedException("Server certificate chain is not valid");
            } catch (CertificateExpiredException e2) {
                T.ln(this, "Server Certificate chain has expired.");
                T.ex(this, e2);
                this.internalSSLSocket.close();
                throw new SSLPeerUnverifiedException("Server certificate chain has expired");
            } catch (CertificateNotYetValidException e3) {
                T.ln(this, "Server Certificate chain is not yet valid.");
                T.ex(this, e3);
                this.internalSSLSocket.close();
                throw new SSLPeerUnverifiedException("Server certificate chain is not yet valid");
            }
        } catch (IOException e4) {
            T.ex(this, e4);
            throw e4;
        } catch (KeyManagementException e5) {
            T.ex(this, e5);
            throw new IOException(e5.getMessage());
        } catch (KeyStoreException e6) {
            T.ex(this, e6);
            throw new IOException(e6.getMessage());
        } catch (NoSuchAlgorithmException e7) {
            T.ex(this, e7);
            throw new IOException(e7.getMessage());
        } catch (UnrecoverableKeyException e8) {
            T.ex(this, e8);
            throw new IOException(e8.getMessage());
        } catch (CertificateException e9) {
            T.ex(this, e9);
            throw new IOException(e9.getMessage());
        }
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public Object getPeerCertificateChain() throws IOException {
        T.in(this, "getPeerCertificate");
        try {
            X509Certificate[] peerCertificateChain = this.internalSSLSocket.getSession().getPeerCertificateChain();
            T.out(this, "getPeerCertificate");
            return peerCertificateChain;
        } catch (SSLPeerUnverifiedException e) {
            T.ex(this, e);
            throw e;
        }
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public Socket getSocket() {
        return this.internalSSLSocket;
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public String[] getEnabledCipherSuites() {
        return this.internalSSLSocket.getEnabledCipherSuites();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public void setEnabledCipherSuites(String str) throws IllegalArgumentException {
        this.internalSSLSocket.setEnabledCipherSuites(StringToArray(str, " "));
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public void setNeedClientAuth(boolean z) {
        this.internalSSLSocket.setNeedClientAuth(z);
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public boolean getNeedClientAuth() {
        return this.internalSSLSocket.getNeedClientAuth();
    }

    public void setEnableSessionCreation(boolean z) {
        this.internalSSLSocket.setEnableSessionCreation(z);
    }

    public boolean getEnabledSessioncreation() {
        return this.internalSSLSocket.getEnableSessionCreation();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public final InputStream getInputStream() throws IOException {
        return this.internalSSLSocket.getInputStream();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public final OutputStream getOutputStream() throws IOException {
        return this.internalSSLSocket.getOutputStream();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public final String toString() {
        return this.internalSSLSocket.toString();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public final void close() throws IOException {
        this.internalSSLSocket.close();
    }

    private void getKeyStore(String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, CertificateException {
        T.in(this, "getKeyStore", str, " ** Password **");
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        T.ln(this, new StringBuffer().append("JSSE KeyManagerFactory Algorithm used is ").append(defaultAlgorithm).toString());
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(new FileInputStream(str), str2.toCharArray());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        keyManagerFactory.init(keyStore, str2.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
        trustManagerFactory.init(keyStore);
        this.aContext = SSLContext.getInstance(PROTOCOL_SSL);
        this.aContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        this.aSSLSocketFactory = this.aContext.getSocketFactory();
        T.out(this, "getKeyStore");
    }

    private String[] StringToArray(String str, String str2) {
        StringBuffer stringBuffer = new StringBuffer(str);
        int i = 1;
        for (int i2 = 0; i2 < stringBuffer.length(); i2++) {
            if (str2.indexOf(stringBuffer.charAt(i2)) != -1) {
                i++;
            }
        }
        String[] strArr = new String[i];
        int i3 = 0;
        if (stringBuffer.toString().indexOf(str2) != -1) {
            while (stringBuffer.length() > 0) {
                if (stringBuffer.toString().indexOf(str2) != -1) {
                    int indexOf = stringBuffer.toString().indexOf(str2);
                    if (indexOf != stringBuffer.toString().lastIndexOf(str2)) {
                        strArr[i3] = stringBuffer.toString().substring(0, indexOf);
                        i3++;
                        stringBuffer.delete(0, indexOf + 1);
                    } else if (stringBuffer.toString().lastIndexOf(str2) == indexOf) {
                        strArr[i3] = stringBuffer.toString().substring(0, stringBuffer.toString().indexOf(str2));
                        int i4 = i3 + 1;
                        stringBuffer.delete(0, stringBuffer.toString().indexOf(str2) + 1);
                        strArr[i4] = stringBuffer.toString();
                        i3 = i4 + 1;
                        stringBuffer.delete(0, stringBuffer.length());
                    }
                }
            }
        } else {
            strArr[0] = stringBuffer.toString();
        }
        return strArr;
    }
}
