package com.ibm.ws.security.orbssl;

import com.ibm.CORBA.ras.ORBRas;
import com.ibm.websphere.orbext.MinorCodes;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.orb.transport.ConnectionData;
import com.ibm.ws.orb.transport.KeyRingFileException;
import com.ibm.ws.orb.transport.WSSSLClientSocketFactory;
import com.ibm.ws.orbimpl.transport.WSTransport;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.ssl.core.Constants;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.SocketException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.Properties;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLKeyException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLProtocolException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.omg.CORBA.COMM_FAILURE;
import org.omg.CORBA.CompletionStatus;

/* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/security/orbssl/WSSSLClientSocketFactoryImpl.class */
public final class WSSSLClientSocketFactoryImpl implements WSSSLClientSocketFactory {
    private static final int DEFAULT_SESSION_TIMEOUT = 30;
    private static String[] ENABLED_CIPHERS = null;
    private static String[] SUPPORTED_CIPHERS = null;

    @Override // com.ibm.ws.orb.transport.WSSSLClientSocketFactory
    public Socket createSSLSocket(ConnectionData connectionData) throws KeyRingFileException, IOException {
        String message;
        String message2;
        SSLSocket sSLSocket;
        SSLConnectionData sSLConnectionData = (SSLConnectionData) connectionData;
        String sSLConfigAlias = sSLConnectionData.getSSLConfigAlias();
        String connectionKey = sSLConnectionData.getConnectionKey();
        String hostFromKeyString = WSTransport.getHostFromKeyString(connectionKey);
        sSLConnectionData.getPerformQOP();
        int portFromKeyString = WSTransport.getPortFromKeyString(connectionKey);
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("com.ibm.ssl.direction", "outbound");
            hashMap.put(Constants.CONNECTION_INFO_REMOTE_HOST, hostFromKeyString);
            hashMap.put(Constants.CONNECTION_INFO_REMOTE_PORT, Integer.toString(portFromKeyString));
            hashMap.put("com.ibm.ssl.endPointName", "IIOP");
            try {
                Properties properties = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction(this, sSLConfigAlias, hashMap) { // from class: com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl.1
                    private final String val$sslAlias;
                    private final HashMap val$connectionInfo;
                    private final WSSSLClientSocketFactoryImpl this$0;

                    {
                        this.this$0 = this;
                        this.val$sslAlias = sSLConfigAlias;
                        this.val$connectionInfo = hashMap;
                    }

                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        return JSSEHelper.getInstance().getProperties(this.val$sslAlias, this.val$connectionInfo, null);
                    }
                });
                SSLSocketFactory socketFactory = JSSEHelper.getInstance().getSSLContext(hashMap, properties).getSocketFactory();
                try {
                    if (sSLConnectionData.getUseSingleNIC()) {
                        sSLSocket = (SSLSocket) socketFactory.createSocket(hostFromKeyString, portFromKeyString, InetAddress.getByName(connectionData.getLocalHost()), 0);
                        if (ORBRas.isTrcLogging && ORBRas.isTrcLogging) {
                            ORBRas.orbTrcLogger.trace(4112L, this, "createSSLSocket()", new StringBuffer().append("Bind Client Socket To A Specific NIC card=").append(sSLConnectionData.getUseSingleNIC()).append(", Remote Host=").append(hostFromKeyString).append(", Remote Port=").append(portFromKeyString).append(", LocalHost=").append(connectionData.getLocalHost()).append(", java.net.InetAddress.getByName( LocalHost )=").append(InetAddress.getByName(connectionData.getLocalHost())).toString());
                        }
                    } else {
                        sSLSocket = (SSLSocket) socketFactory.createSocket(hostFromKeyString, portFromKeyString);
                        if (ORBRas.isTrcLogging && ORBRas.isTrcLogging) {
                            ORBRas.orbTrcLogger.trace(4112L, this, "createSSLSocket()", new StringBuffer().append("Bind Client Socket To Multiple NIC cards=").append(!sSLConnectionData.getUseSingleNIC()).append(", Remote Host=").append(hostFromKeyString).append(", Remote Port=").append(portFromKeyString).toString());
                        }
                    }
                    try {
                        sSLSocket.setKeepAlive(true);
                    } catch (SocketException e) {
                        if (ORBRas.isTrcLogging) {
                            ORBRas.orbTrcLogger.trace(16L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "IIOPSSLConnectionClient.createSSLSocket", new StringBuffer().append("\n[\nException calling setKeepAlive() ").append(e.getMessage()).append("\n]").toString());
                        }
                    }
                    try {
                        sSLSocket.setTcpNoDelay(true);
                    } catch (SocketException e2) {
                        if (ORBRas.isTrcLogging) {
                            ORBRas.orbTrcLogger.trace(16L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "IIOPSSLConnectionClient.createSSLSocket", new StringBuffer().append("\n[\nException calling setTcpNoDelay() ").append(e2.getMessage()).append("\n]").toString());
                        }
                    }
                    if (sSLSocket != null) {
                        ENABLED_CIPHERS = SSLConfigManager.getInstance().parseEnabledCiphers(properties.getProperty("com.ibm.ssl.enabledCipherSuites"));
                        if (ENABLED_CIPHERS == null) {
                            String property = properties.getProperty("com.ibm.ssl.securityLevel");
                            SUPPORTED_CIPHERS = socketFactory.getSupportedCipherSuites();
                            SUPPORTED_CIPHERS = SSLConfigManager.getInstance().adjustSupportedCiphersToSecurityLevel(SUPPORTED_CIPHERS, property);
                        }
                        if (ENABLED_CIPHERS != null && ENABLED_CIPHERS.length > 0) {
                            sSLSocket.setEnabledCipherSuites(ENABLED_CIPHERS);
                        } else if (SUPPORTED_CIPHERS != null && SUPPORTED_CIPHERS.length > 0) {
                            sSLSocket.setEnabledCipherSuites(SUPPORTED_CIPHERS);
                        }
                        sSLSocket.startHandshake();
                    }
                    SSLSession sSLSession = null;
                    try {
                        sSLSession = (SSLSession) AccessController.doPrivileged(new PrivilegedExceptionAction(this, sSLSocket) { // from class: com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl.2
                            private final SSLSocket val$sock;
                            private final WSSSLClientSocketFactoryImpl this$0;

                            {
                                this.this$0 = this;
                                this.val$sock = sSLSocket;
                            }

                            @Override // java.security.PrivilegedExceptionAction
                            public Object run() {
                                return this.val$sock.getSession();
                            }
                        });
                    } catch (PrivilegedActionException e3) {
                        FFDCFilter.processException(e3, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl.createSSLSocket", "618", this);
                    }
                    if (sSLSession != null) {
                        return sSLSocket;
                    }
                    if (ORBRas.isTrcLogging) {
                        ORBRas.orbTrcLogger.trace(16L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "IIOPSSLConnectionClient.createSSLSocket", "ssl_sock.getSession returned null");
                    }
                    throw new COMM_FAILURE("GET_SSL_SESSION_RETURNED_NULL", MinorCodes.GET_SSL_SESSION_RETURNED_NULL, CompletionStatus.COMPLETED_NO);
                } catch (IOException e4) {
                    if (e4 instanceof SSLHandshakeException) {
                        message2 = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLHandshakeException", e4.getMessage());
                        ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message2, (String) null, e4);
                    } else if (e4 instanceof SSLProtocolException) {
                        message2 = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLProtocolException", e4.getMessage());
                        ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message2, (String) null, e4);
                    } else if (e4 instanceof SSLPeerUnverifiedException) {
                        message2 = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLPeerUnverifiedException", e4.getMessage());
                        ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message2, (String) null, e4);
                    } else if (e4 instanceof SSLKeyException) {
                        message2 = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLKeyException", e4.getMessage());
                        ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message2, (String) null, e4);
                    } else if (e4 instanceof SSLException) {
                        message2 = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLException", e4.getMessage());
                        ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message2, (String) null, e4);
                    } else {
                        message2 = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.IOException", e4.getMessage());
                        ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message2, (String) null, e4);
                    }
                    if (1 == 0 && ORBRas.isTrcLogging) {
                        ORBRas.orbTrcLogger.exception(8L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", e4);
                    }
                    FFDCFilter.processException(e4, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl.createSSLSocket", "428", this);
                    new StringBuffer().append("Could not create Client Side Socket ").append(e4.toString()).toString();
                    throw new COMM_FAILURE(new StringBuffer().append("CONNECT_FAILURE_ON_SSL_CLIENT_SOCKET - ").append(message2).toString(), 1229066352, CompletionStatus.COMPLETED_NO);
                }
            } catch (PrivilegedActionException e5) {
                throw e5.getException();
            }
        } catch (COMM_FAILURE e6) {
            FFDCFilter.processException((Throwable) e6, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl.createSSLSocket", "634", (Object) this);
            if (1 == 0) {
                if (ORBRas.isTrcLogging) {
                    ORBRas.orbTrcLogger.exception(8L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", e6);
                }
            } else if (ORBRas.isMsgLogging) {
                ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.createSSLSocket"), (String) null, e6);
            }
            throw e6;
        } catch (IOException e7) {
            FFDCFilter.processException(e7, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl.createSSLSocket", "540", this);
            if (e7 instanceof SSLHandshakeException) {
                message = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLHandshakeException", e7.getMessage());
                ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message, (String) null, e7);
            } else if (e7 instanceof SSLProtocolException) {
                message = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLProtocolException", e7.getMessage());
                ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message, (String) null, e7);
            } else if (e7 instanceof SSLPeerUnverifiedException) {
                message = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLPeerUnverifiedException", e7.getMessage());
                ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message, (String) null, e7);
            } else if (e7 instanceof SSLKeyException) {
                message = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLKeyException", e7.getMessage());
                ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message, (String) null, e7);
            } else if (e7 instanceof SSLException) {
                message = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.SSLException", e7.getMessage());
                ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message, (String) null, e7);
            } else {
                message = SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.IOException", e7.getMessage());
                ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", message, (String) null, e7);
            }
            if (1 == 0 && ORBRas.isTrcLogging) {
                ORBRas.orbTrcLogger.exception(8L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", e7);
            }
            throw new COMM_FAILURE(new StringBuffer().append("CAUGHT_EXCEPTION_WHILE_CONFIGURING_SSL_CLIENT_SOCKET: ").append(message).toString(), 1229066352, CompletionStatus.COMPLETED_NO);
        } catch (Exception e8) {
            FFDCFilter.processException(e8, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl.createSSLSocket", "669", this);
            if (1 == 0) {
                if (ORBRas.isTrcLogging) {
                    ORBRas.orbTrcLogger.exception(8L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", e8);
                }
            } else if (ORBRas.isMsgLogging) {
                ORBRas.orbMsgLogger.msg(4L, "com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl", "createSSLSocket", SocketFactoryMessageUtility.getMessage("IIOPSSLConnectionClient.createSSLSocket"), (String) null, e8);
            }
            throw new COMM_FAILURE(new StringBuffer().append("CAUGHT_EXCEPTION_WHILE_CONFIGURING_SSL_CLIENT_SOCKET Exception=").append(e8).toString(), 1229066352, CompletionStatus.COMPLETED_NO);
        }
    }
}
