package com.ibm.optim.hiveutil;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.net.UnknownHostException;
import java.security.AccessController;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Properties;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:lib/OOhive.jar:com/ibm/optim/hiveutil/ddx.class */
public class ddx {
    private static String footprint = "$Revision: #20 $";
    static TrustManager[] a = {new X509TrustManager() { // from class: com.ibm.optim.hiveutil.ddx.1
        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }
    }};
    static final String[] b;

    public static final Socket a(final String str, final int i, final Socket socket, final boolean z, String[] strArr, final Properties properties) throws ddq {
        try {
            boolean z2 = true;
            String property = properties.getProperty("VALIDATESERVERCERTIFICATE");
            if (property != null && property.equalsIgnoreCase("false")) {
                z2 = false;
            }
            final boolean z3 = z2;
            String property2 = properties.getProperty("CRYPTOPROTOCOLVERSION");
            ddq ddqVar = null;
            while (true) {
                Socket socket2 = (Socket) AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.optim.hiveutil.ddx.3
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws ddq {
                        return ddx.a(str, i, socket, z, z3, properties);
                    }
                });
                try {
                    SSLSocket sSLSocket = (SSLSocket) socket2;
                    sSLSocket.setUseClientMode(true);
                    if (null != ddqVar) {
                        String[] supportedProtocols = sSLSocket.getSupportedProtocols();
                        StringBuffer stringBuffer = new StringBuffer(128);
                        for (String str2 : supportedProtocols) {
                            if (!str2.toUpperCase().startsWith("SSLV2")) {
                                if (stringBuffer.length() > 0) {
                                    stringBuffer.append(',');
                                }
                                stringBuffer.append(str2);
                            }
                        }
                        property2 = stringBuffer.toString();
                    }
                    boolean z4 = false;
                    if (property2 != null && property2.length() > 0) {
                        String[] split = property2.split(",");
                        if (split.length > 0) {
                            String[] supportedProtocols2 = sSLSocket.getSupportedProtocols();
                            ArrayList arrayList = new ArrayList();
                            for (String str3 : split) {
                                String trim = str3.trim();
                                int i2 = 0;
                                while (true) {
                                    if (i2 < supportedProtocols2.length) {
                                        String str4 = supportedProtocols2[i2];
                                        if (trim.equalsIgnoreCase(str4)) {
                                            arrayList.add(str4);
                                            break;
                                        }
                                        i2++;
                                    }
                                }
                            }
                            if (arrayList.size() <= 0) {
                                throw new ddq(1071, property2);
                            }
                            sSLSocket.setEnabledProtocols((String[]) arrayList.toArray(new String[arrayList.size()]));
                            z4 = true;
                        }
                    }
                    if (!z4 && strArr != null) {
                        sSLSocket.setEnabledProtocols(strArr);
                    }
                    String[] strArr2 = null;
                    String property3 = properties.getProperty("ENABLECIPHERSUITES");
                    if (property3 != null && property3.length() > 0) {
                        strArr2 = property3.equalsIgnoreCase("all") ? sSLSocket.getSupportedCipherSuites() : property3.split(",");
                    }
                    if (strArr2 != null && strArr2.length > 0) {
                        try {
                            sSLSocket.setEnabledCipherSuites(strArr2);
                        } catch (Exception e) {
                        }
                    }
                    String property4 = properties.getProperty("LOGINTIMEOUT");
                    int parseInt = property4 != null ? Integer.parseInt(property4) : 10;
                    if (parseInt < 0) {
                        parseInt = 0;
                    }
                    int i3 = parseInt * 1000;
                    sSLSocket.setSoTimeout(i3 > 0 ? i3 : Integer.MAX_VALUE);
                    sSLSocket.startHandshake();
                    if (z3) {
                        a(sSLSocket.getSession(), str, properties);
                    }
                    sSLSocket.setSoTimeout(0);
                    String str5 = (String) properties.get("DDTDBG.PROTOCOLTRACEENABLE");
                    if (str5 != null && str5.equalsIgnoreCase("true")) {
                        socket2 = ddab.a(socket2, properties);
                    }
                    try {
                        socket2.setTcpNoDelay(true);
                    } catch (Exception e2) {
                    }
                    return socket2;
                } catch (IOException e3) {
                    if (null == ddqVar) {
                        ddqVar = new ddq(1039, e3.getMessage());
                    }
                    if (0 != 0 || (null != property2 && property2.length() > 0)) {
                        throw ddqVar;
                    }
                    if (socket != null && socket.isClosed()) {
                        throw ddqVar;
                    }
                }
            }
        } catch (PrivilegedActionException e4) {
            throw ((ddq) e4.getException());
        }
    }

    public static void a(SSLSession sSLSession, String str, Properties properties) throws SSLPeerUnverifiedException, ddq {
        String property = properties.getProperty("HOSTNAMEINCERTIFICATE");
        if (property == null || property.length() == 0 || property.equalsIgnoreCase("#SERVERNAME#")) {
            property = str;
        }
        if (property != null) {
            a(property, (X509Certificate) sSLSession.getPeerCertificates()[0]);
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:10:0x004f. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:18:0x008a  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static boolean a(java.lang.String r5, java.security.cert.X509Certificate r6) throws com.ibm.optim.hiveutil.ddq {
        /*
            r0 = 0
            r7 = r0
            r0 = 0
            r8 = r0
            r0 = r6
            java.util.Collection r0 = r0.getSubjectAlternativeNames()     // Catch: java.security.cert.CertificateParsingException -> Lc
            r8 = r0
            goto Le
        Lc:
            r9 = move-exception
        Le:
            r0 = r8
            if (r0 == 0) goto La8
            r0 = r8
            java.util.Iterator r0 = r0.iterator()
            r9 = r0
        L1a:
            r0 = r9
            boolean r0 = r0.hasNext()
            if (r0 == 0) goto L86
            r0 = r9
            java.lang.Object r0 = r0.next()
            java.util.List r0 = (java.util.List) r0
            r10 = r0
            r0 = r10
            r1 = 0
            java.lang.Object r0 = r0.get(r1)
            java.lang.Integer r0 = (java.lang.Integer) r0
            int r0 = r0.intValue()
            r11 = r0
            r0 = r10
            r1 = 1
            java.lang.Object r0 = r0.get(r1)
            java.lang.String r0 = (java.lang.String) r0
            r12 = r0
            r0 = r11
            switch(r0) {
                case 2: goto L68;
                case 7: goto L72;
                default: goto L7c;
            }
        L68:
            r0 = r5
            r1 = r12
            boolean r0 = a(r0, r1)
            r7 = r0
            goto L7c
        L72:
            r0 = r5
            r1 = r12
            boolean r0 = r0.equalsIgnoreCase(r1)
            r7 = r0
            goto L7c
        L7c:
            r0 = r7
            if (r0 == 0) goto L83
            goto L86
        L83:
            goto L1a
        L86:
            r0 = r7
            if (r0 != 0) goto Lda
            r0 = 2
            java.lang.String[] r0 = new java.lang.String[r0]
            r1 = r0
            r2 = 0
            r3 = r8
            java.lang.String r3 = r3.toString()
            r1[r2] = r3
            r1 = r0
            r2 = 1
            r3 = r5
            r1[r2] = r3
            r9 = r0
            com.ibm.optim.hiveutil.ddq r0 = new com.ibm.optim.hiveutil.ddq
            r1 = r0
            r2 = 1045(0x415, float:1.464E-42)
            r3 = r9
            r1.<init>(r2, r3)
            throw r0
        La8:
            r0 = r6
            java.lang.String r0 = a(r0)
            r9 = r0
            r0 = r9
            if (r0 == 0) goto Lda
            r0 = r5
            r1 = r9
            boolean r0 = a(r0, r1)
            r7 = r0
            r0 = r7
            if (r0 != 0) goto Lda
            r0 = 2
            java.lang.String[] r0 = new java.lang.String[r0]
            r1 = r0
            r2 = 0
            r3 = r9
            r1[r2] = r3
            r1 = r0
            r2 = 1
            r3 = r5
            r1[r2] = r3
            r10 = r0
            com.ibm.optim.hiveutil.ddq r0 = new com.ibm.optim.hiveutil.ddq
            r1 = r0
            r2 = 1045(0x415, float:1.464E-42)
            r3 = r10
            r1.<init>(r2, r3)
            throw r0
        Lda:
            r0 = r7
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.optim.hiveutil.ddx.a(java.lang.String, java.security.cert.X509Certificate):boolean");
    }

    private static boolean a(String str, String str2) {
        int indexOf = str2.indexOf(".");
        if (indexOf == -1) {
            indexOf = str2.length();
        }
        String substring = str2.substring(indexOf);
        int indexOf2 = str.indexOf(".");
        if (indexOf2 == -1) {
            indexOf2 = str.length();
        }
        if (substring.equalsIgnoreCase(str.substring(indexOf2))) {
            return b(str.substring(0, indexOf2), str2.substring(0, indexOf));
        }
        return false;
    }

    private static boolean b(String str, String str2) {
        String lowerCase = str.toLowerCase();
        String lowerCase2 = str2.toLowerCase();
        boolean z = true;
        int indexOf = lowerCase2.indexOf("*");
        if (indexOf == -1) {
            return lowerCase.equals(lowerCase2);
        }
        while (indexOf != -1) {
            String substring = lowerCase2.substring(0, indexOf);
            lowerCase2 = lowerCase2.substring(indexOf + 1);
            int indexOf2 = lowerCase.indexOf(substring);
            if (indexOf2 == -1) {
                return false;
            }
            if (z) {
                if (indexOf2 != 0) {
                    return false;
                }
                z = false;
            }
            lowerCase = lowerCase.substring(indexOf2 + substring.length());
            indexOf = lowerCase2.indexOf("*");
        }
        return lowerCase.endsWith(lowerCase2);
    }

    private static String a(X509Certificate x509Certificate) throws ddq {
        String name = x509Certificate.getSubjectX500Principal().getName();
        int indexOf = name.indexOf("CN=");
        if (indexOf == -1) {
            indexOf = name.indexOf("cn=");
        }
        if (indexOf == -1) {
            throw new ddq(1044);
        }
        int indexOf2 = name.indexOf(44, indexOf);
        if (indexOf2 == -1) {
            indexOf2 = name.length();
        }
        return name.substring(indexOf + 3, indexOf2);
    }

    protected static final Socket a(String str, int i, Socket socket, boolean z, boolean z2, Properties properties) throws ddq {
        SSLSocket sSLSocket;
        try {
            SSLSocketFactory b2 = b(z2, properties);
            String str2 = (String) properties.get("CREATESOCKETTIMEOUT");
            int i2 = 0;
            if (str2 != null) {
                try {
                    i2 = Integer.parseInt(str2);
                } catch (NumberFormatException e) {
                }
            }
            if (socket == null) {
                sSLSocket = (SSLSocket) b2.createSocket();
                sSLSocket.connect(new InetSocketAddress(str, i), i2);
            } else {
                sSLSocket = (SSLSocket) b2.createSocket(socket, str, i, z);
            }
            SSLSocket sSLSocket2 = sSLSocket;
            boolean z3 = false;
            String[] supportedProtocols = sSLSocket2.getSupportedProtocols();
            int i3 = 0;
            while (true) {
                if (i3 >= supportedProtocols.length) {
                    break;
                }
                if (supportedProtocols[i3].equalsIgnoreCase("SSLv2Hello")) {
                    z3 = true;
                    break;
                }
                i3++;
            }
            if (z3) {
                boolean z4 = false;
                String[] enabledProtocols = sSLSocket2.getEnabledProtocols();
                int i4 = 0;
                while (true) {
                    if (i4 >= enabledProtocols.length) {
                        break;
                    }
                    if (enabledProtocols[i4].equalsIgnoreCase("SSLv2Hello")) {
                        z4 = true;
                        break;
                    }
                    i4++;
                }
                if (!z4) {
                    String[] strArr = new String[enabledProtocols.length + 1];
                    for (int i5 = 0; i5 < enabledProtocols.length; i5++) {
                        strArr[i5] = enabledProtocols[i5];
                    }
                    strArr[enabledProtocols.length] = "SSLv2Hello";
                    sSLSocket2.setEnabledProtocols(strArr);
                }
            }
            return sSLSocket;
        } catch (SocketTimeoutException e2) {
            throw new ddq(1020, new String[]{str, String.valueOf(i), "the time designated by the CreateSocketTimeout connect option has elapsed"});
        } catch (UnknownHostException e3) {
            throw new ddq(1021, new String[]{str});
        } catch (Exception e4) {
            throw new ddq(1020, new String[]{str, String.valueOf(i), e4.getMessage()});
        }
    }

    public static SSLContext a(boolean z, Properties properties) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, UnrecoverableKeyException, KeyManagementException {
        String a2 = a(properties);
        KeyManager[] keyManagerArr = null;
        if (a2 != null) {
            String property = properties.getProperty("KEYSTOREPASSWORD");
            if (property == null || property.length() == 0) {
                property = properties.getProperty("TRUSTSTOREPASSWORD");
                if (property == null || property.length() == 0) {
                    property = System.getProperty("javax.net.ssl.keyStorePassword");
                }
            }
            char[] charArray = property == null ? null : property.toCharArray();
            KeyStore keyStore = KeyStore.getInstance(a(a2));
            keyStore.load(new FileInputStream(ddb.a(a2)), charArray);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            String property2 = properties.getProperty("KEYPASSWORD");
            keyManagerFactory.init(keyStore, (property2 == null || property2.length() == 0) ? charArray : property2.toCharArray());
            keyManagerArr = keyManagerFactory.getKeyManagers();
        }
        String b2 = b(properties);
        TrustManager[] trustManagerArr = null;
        if (!z) {
            trustManagerArr = a;
        } else if (b2 != null) {
            String property3 = properties.getProperty("TRUSTSTOREPASSWORD");
            if (property3 == null || property3.length() == 0) {
                property3 = System.getProperty("javax.net.ssl.trustStorePassword");
            }
            char[] charArray2 = property3 == null ? null : property3.toCharArray();
            KeyStore keyStore2 = KeyStore.getInstance(b(b2));
            keyStore2.load(new FileInputStream(ddb.a(b2)), charArray2);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore2);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        String str = (String) properties.get("SECURERANDOMALGORITHM");
        if (str != null) {
            sSLContext.init(keyManagerArr, trustManagerArr, (SecureRandom) ddu.a("SECURERANDOM", str));
        } else {
            sSLContext.init(keyManagerArr, trustManagerArr, null);
        }
        return sSLContext;
    }

    protected static final SSLSocketFactory b(boolean z, Properties properties) throws UnrecoverableKeyException, KeyManagementException, KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, ddq {
        Provider provider;
        String b2;
        boolean z2 = false;
        try {
            provider = SSLContext.getDefault().getProvider();
        } catch (NoSuchAlgorithmException e) {
            provider = null;
        }
        if (null != provider) {
            try {
                String info = provider.getInfo();
                if (null != info) {
                    if (info.contains("(FIPS mode, crypto provider BCFIPS)")) {
                        z2 = true;
                    }
                }
            } catch (Exception e2) {
            }
        }
        if (!z2) {
            String a2 = a(properties);
            if (null != a2 && a(a2).equals("BCFKS")) {
                z2 = true;
            }
            if (!z2 && null != (b2 = b(properties)) && b(b2).equals("BCFKS")) {
                z2 = true;
            }
        }
        if (!z2) {
            return a(z, properties).getSocketFactory();
        }
        for (String str : b) {
            String property = properties.getProperty(str);
            if (null != property && property.length() != 0) {
                throw new ddq(1073);
            }
        }
        return (SSLSocketFactory) SSLSocketFactory.getDefault();
    }

    protected static final String a(Properties properties) {
        String property = properties.getProperty("KEYSTORE");
        if (property == null || property.length() == 0) {
            property = properties.getProperty("TRUSTSTORE");
            if (property == null || property.length() == 0) {
                property = System.getProperty("javax.net.ssl.keyStore");
            }
        }
        return property;
    }

    protected static final String b(Properties properties) {
        String property = properties.getProperty("TRUSTSTORE");
        if (property == null || property.length() == 0) {
            property = System.getProperty("javax.net.ssl.trustStore");
        }
        return property;
    }

    protected static final String a(String str) {
        String property = System.getProperty("javax.net.ssl.keyStoreType");
        if (property == null) {
            property = KeyStore.getDefaultType();
            if (!"BCFKS".equalsIgnoreCase(property)) {
                String lowerCase = str.toLowerCase();
                if (lowerCase.endsWith(".jks")) {
                    property = "JKS";
                } else if (lowerCase.endsWith(".pfx") || lowerCase.endsWith(".p12")) {
                    property = "PKCS12";
                } else if (lowerCase.endsWith(".sso")) {
                    property = "SSO";
                }
            }
        }
        return property;
    }

    protected static final String b(String str) {
        int lastIndexOf;
        String property = System.getProperty("javax.net.ssl.trustStoreType");
        if (property == null) {
            property = KeyStore.getDefaultType();
            if (!"BCFKS".equalsIgnoreCase(property) && (lastIndexOf = str.lastIndexOf(46)) != -1) {
                String lowerCase = str.substring(lastIndexOf).toLowerCase();
                if (lowerCase.equals(".jks")) {
                    property = "JKS";
                } else if (lowerCase.equals(".pfx") || lowerCase.equals(".p12")) {
                    property = "PKCS12";
                } else if (lowerCase.equals(".sso")) {
                    property = "SSO";
                }
            }
        }
        return property;
    }

    static {
        String property = System.getProperty("skipDDPKIProvider");
        if (!(property != null && property.equalsIgnoreCase("true"))) {
            try {
                AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.optim.hiveutil.ddx.2
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        Security.insertProviderAt(new dda(), 1);
                        return null;
                    }
                });
            } catch (Exception e) {
            }
        }
        b = new String[]{"KEYSTORE", "KEYSTOREPASSWORD", "KEYPASSWORD", "TRUSTSTORE", "TRUSTSTOREPASSWORD"};
    }
}
