package com.ibm.ws.ssl.config;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ssl.Constants;
import com.ibm.websphere.ssl.SSLConfig;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ssl.core.WSPKCSInKeyStore;
import com.ibm.ws.ssl.core.WSPKCSInKeyStoreList;
import com.ibm.ws.ssl.internal.TraceConstants;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.eclipse.osgi.internal.signedcontent.SignedContentConstants;

/* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.ssl_1.0.jar:com/ibm/ws/ssl/config/KeyStoreManager.class */
public class KeyStoreManager {
    private final Map<String, WSKeyStore> keyStoreMap;
    private final Map<String, WSKeyStore> acceleratorMap;
    private static String host;
    protected static final TraceComponent tc = Tr.register((Class<?>) KeyStoreManager.class, "SSL", TraceConstants.MESSAGE_BUNDLE);
    private static Map<String, String> expandMap = new HashMap();
    private static WSPKCSInKeyStoreList pkcsStoreList = new WSPKCSInKeyStoreList();
    private static final char[] HEX_CHARS = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};

    /* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.ssl_1.0.jar:com/ibm/ws/ssl/config/KeyStoreManager$FileExistsAction.class */
    private static class FileExistsAction implements PrivilegedAction<Boolean> {
        private File file;

        public FileExistsAction(File file) {
            this.file = null;
            this.file = file;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedAction
        public Boolean run() {
            try {
                return Boolean.valueOf(this.file.exists());
            } catch (Exception e) {
                return Boolean.FALSE;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.ssl_1.0.jar:com/ibm/ws/ssl/config/KeyStoreManager$GetKeyStoreInputStreamAction.class */
    public static class GetKeyStoreInputStreamAction implements PrivilegedExceptionAction<InputStream> {
        private String file;
        private boolean createStream;

        public GetKeyStoreInputStreamAction(String str, boolean z) {
            this.file = null;
            this.createStream = false;
            this.file = str;
            this.createStream = z;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedExceptionAction
        public InputStream run() throws MalformedURLException, IOException {
            URL url;
            if (TraceComponent.isAnyTracingEnabled() && KeyStoreManager.tc.isEntryEnabled()) {
                Tr.entry(KeyStoreManager.tc, "GetKeyStoreInputStreamAction.run: " + this.file, new Object[0]);
            }
            File file = new File(this.file);
            if (!this.createStream || file.exists()) {
                if (file.exists() && file.length() == 0) {
                    throw new IOException("Keystore file exists, but is empty: " + this.file);
                }
                url = !file.exists() ? new URL(this.file) : file.toURI().toURL();
            } else {
                if (!file.createNewFile()) {
                    throw new IOException("Unable to create file");
                }
                url = file.toURI().toURL();
            }
            InputStream openStream = url.openStream();
            if (TraceComponent.isAnyTracingEnabled() && KeyStoreManager.tc.isEntryEnabled()) {
                Tr.exit(KeyStoreManager.tc, "GetKeyStoreInputStreamAction.run");
            }
            return openStream;
        }
    }

    /* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.ssl_1.0.jar:com/ibm/ws/ssl/config/KeyStoreManager$GetKeyStoreOutputStreamAction.class */
    private static class GetKeyStoreOutputStreamAction implements PrivilegedExceptionAction<OutputStream> {
        private String file;

        public GetKeyStoreOutputStreamAction(String str) {
            this.file = null;
            this.file = str;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedExceptionAction
        public OutputStream run() throws MalformedURLException, IOException {
            if (TraceComponent.isAnyTracingEnabled() && KeyStoreManager.tc.isEntryEnabled()) {
                Tr.entry(KeyStoreManager.tc, "GetKeyStoreOutputStreamAction.run: " + this.file, new Object[0]);
            }
            if (this.file.startsWith(Constants.SAFKEYRING_PREFIX)) {
                OutputStream outputStream = new URL(this.file).openConnection().getOutputStream();
                if (TraceComponent.isAnyTracingEnabled() && KeyStoreManager.tc.isEntryEnabled()) {
                    Tr.exit(KeyStoreManager.tc, "GetKeyStoreOutputStreamAction.run (safkeyring)");
                }
                return outputStream;
            }
            try {
                this.file = new URL(this.file).getFile();
                while (this.file.startsWith("/")) {
                    this.file = this.file.substring(1);
                }
            } catch (MalformedURLException e) {
            }
            if (TraceComponent.isAnyTracingEnabled() && KeyStoreManager.tc.isDebugEnabled()) {
                Tr.debug(KeyStoreManager.tc, "File path for OutputStream: " + this.file, new Object[0]);
            }
            File file = new File(this.file);
            if (file.exists() && !file.canWrite()) {
                throw new IOException("Cannot write to KeyStore file: " + this.file);
            }
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            if (TraceComponent.isAnyTracingEnabled() && KeyStoreManager.tc.isEntryEnabled()) {
                Tr.exit(KeyStoreManager.tc, "GetKeyStoreOutputStreamAction.run");
            }
            return fileOutputStream;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.ssl_1.0.jar:com/ibm/ws/ssl/config/KeyStoreManager$Singleton.class */
    public static class Singleton {
        static final KeyStoreManager INSTANCE = new KeyStoreManager();

        private Singleton() {
        }
    }

    private KeyStoreManager() {
        this.keyStoreMap = new HashMap();
        this.acceleratorMap = new HashMap();
    }

    public static KeyStoreManager getInstance() {
        return Singleton.INSTANCE;
    }

    public void loadKeyStores(Map<String, WSKeyStore> map) {
        clearKSMap();
        for (Map.Entry<String, WSKeyStore> entry : map.entrySet()) {
            try {
                addKeyStoreIfNotDuplicate(entry.getKey(), entry.getValue());
            } catch (Exception e) {
                FFDCFilter.processException((Throwable) e, getClass().getName(), "loadKeyStores", new Object[]{this, map});
                if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
                    Tr.event(tc, "Error loading keystore; " + entry.getKey() + " " + e, new Object[0]);
                }
            }
        }
    }

    public void addKeyStoreIfNotDuplicate(String str, WSKeyStore wSKeyStore) throws Exception {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "addKeyStoreIfNotDuplicate: " + str + ", ks=" + wSKeyStore, new Object[0]);
        }
        if (SSLConfigManager.getInstance().validationEnabled()) {
            boolean z = true;
            if (this.keyStoreMap.size() > 0) {
                Iterator<Map.Entry<String, WSKeyStore>> it = this.keyStoreMap.entrySet().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Map.Entry<String, WSKeyStore> next = it.next();
                    if (next.getValue().equals(wSKeyStore)) {
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "Found a matching KeyStore, name=" + next.getKey(), new Object[0]);
                        }
                        z = false;
                    }
                }
            }
            if (z) {
                wSKeyStore.provideExpirationWarnings(Integer.valueOf(Constants.DEFAULT_CERT_EXPIRE_WARNING_DAYS).intValue(), str);
            }
        }
        this.keyStoreMap.put(str, wSKeyStore);
        if (Boolean.parseBoolean(wSKeyStore.getProperty(Constants.SSLPROP_KEY_STORE_USE_FOR_ACCELERATION))) {
            this.acceleratorMap.put(str, wSKeyStore);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "addKeyStoreIfNotDuplicate");
        }
    }

    public boolean checkIfSignerAlreadyExistsInTrustStore(X509Certificate x509Certificate, KeyStore keyStore) {
        String generateDigest;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "checkIfSignerAlreadyExistsInTrustStore", new Object[0]);
        }
        try {
            generateDigest = generateDigest(SignedContentConstants.MD5_STR, x509Certificate);
        } catch (Exception e) {
            FFDCFilter.processException(e, getClass().getName(), "checkIfSignerAlreadyExistsInTrustStore", this);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception checking if signer already exists; " + e, new Object[0]);
            }
        }
        if (generateDigest == null) {
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "checkIfSignerAlreadyExistsInTrustStore -> false (could not generate digest)");
            return false;
        }
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.containsAlias(nextElement) && generateDigest.equals(generateDigest(SignedContentConstants.MD5_STR, (X509Certificate) keyStore.getCertificate(nextElement)))) {
                if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                    return true;
                }
                Tr.exit(tc, "checkIfSignerAlreadyExistsInTrustStore -> true (digest matches)");
                return true;
            }
        }
        if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "checkIfSignerAlreadyExistsInTrustStore -> false (no digest matches)");
        return false;
    }

    public WSKeyStore getKeyStore(String str) {
        WSKeyStore wSKeyStore = this.keyStoreMap.get(str);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            if (wSKeyStore != null) {
                Tr.debug(tc, "Returning a keyStore for name: " + str, new Object[0]);
            } else {
                Tr.debug(tc, "Cannot find a keyStore for name: " + str, new Object[0]);
            }
        }
        return wSKeyStore;
    }

    public String[] getKeyStoreAliases() {
        Set<String> keySet = this.keyStoreMap.keySet();
        return (String[]) keySet.toArray(new String[keySet.size()]);
    }

    public String[] getAcceleratorAliases() {
        Set<String> keySet = this.acceleratorMap.keySet();
        return (String[]) keySet.toArray(new String[keySet.size()]);
    }

    public KeyStore getKeyStore(String str, String str2, String str3, String str4, String str5, boolean z, SSLConfig sSLConfig) throws Exception {
        WSKeyStore wSKeyStore;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getKeyStore", str, str2, str3, str4, Boolean.valueOf(z), SSLConfigManager.mask(str5));
        }
        if (str != null && !z && (wSKeyStore = this.keyStoreMap.get(str)) != null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "getKeyStore (from WSKeyStore)");
            }
            return wSKeyStore.getKeyStore(false, false);
        }
        KeyStore keyStore = null;
        InputStream inputStream = null;
        boolean z2 = true;
        int i = 0;
        ArrayList arrayList = new ArrayList();
        while (z2) {
            boolean equals = Constants.KEYSTORE_TYPE_CMS.equals(str2);
            boolean z3 = !Constants.KEYSTORE_TYPE_JCERACFKS.equals(str2);
            char[] cArr = null;
            if (!equals) {
                keyStore = KeyStore.getInstance(str2);
                if (str5 != null) {
                    cArr = WSKeyStore.decodePassword(str5).toCharArray();
                }
            }
            try {
                try {
                    if (Constants.KEYSTORE_TYPE_JAVACRYPTO.equals(str2)) {
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "Creating PKCS11 keystore.", new Object[0]);
                        }
                        WSPKCSInKeyStore insert = pkcsStoreList.insert(str2, str4, str5, false, str3, false);
                        if (insert != null) {
                            keyStore = insert.getKS();
                            z2 = false;
                        }
                    } else if (null != str4) {
                        File file = new File(str4);
                        if (((Boolean) AccessController.doPrivileged(new FileExistsAction(file))).booleanValue() || !z3) {
                            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                Tr.debug(tc, "getKeyStore created a new inputStream: " + str4, new Object[0]);
                            }
                            if (equals) {
                                keyStore = CMSKeyStoreUtility.loadCMSKeyStore(file, str4, str5, str2, str3, "true");
                                z2 = false;
                            } else {
                                inputStream = getInputStream(str4, z);
                                keyStore.load(inputStream, cArr);
                                z2 = false;
                            }
                        } else {
                            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                Tr.debug(tc, "getKeyStore created new KeyStore: " + str4, new Object[0]);
                            }
                            if (equals) {
                                keyStore = CMSKeyStoreUtility.loadCMSKeyStore(null, str4, str5, str2, str3, "true");
                                z2 = false;
                            } else {
                                keyStore.load(null, cArr);
                                z2 = false;
                            }
                        }
                    } else if (equals) {
                        keyStore = CMSKeyStoreUtility.loadCMSKeyStore(null, null, str5, str2, str3, "true");
                        z2 = false;
                    } else {
                        keyStore.load(null, cArr);
                        z2 = false;
                    }
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } catch (IOException e) {
                    if (!e.getMessage().equalsIgnoreCase("Invalid keystore format") && e.getMessage().indexOf("DerInputStream.getLength()") == -1) {
                        throw e;
                    }
                    if (i == 0) {
                        Tr.warning(tc, "ssl.keystore.type.invalid.CWPKI0018W", str2, sSLConfig != null ? sSLConfig.getProperty(Constants.SSLPROP_ALIAS) : "unknown");
                        arrayList = new ArrayList(Security.getAlgorithms("KeyStore"));
                    }
                    if (i >= arrayList.size()) {
                        throw e;
                    }
                    int i2 = i;
                    i++;
                    str2 = (String) arrayList.get(i2);
                    if (str2.equals(Constants.KEYSTORE_TYPE_JAVACRYPTO) || str2.equals("IBMCMSKS")) {
                        i++;
                        str2 = (String) arrayList.get(i);
                    }
                    if (inputStream != null) {
                        inputStream.close();
                    }
                }
            } catch (Throwable th) {
                if (inputStream != null) {
                    inputStream.close();
                }
                throw th;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getKeyStore (from SSLConfig properties)");
        }
        return keyStore;
    }

    public InputStream getInputStream(String str, boolean z) throws MalformedURLException, IOException {
        try {
            return (InputStream) AccessController.doPrivileged(new GetKeyStoreInputStreamAction(str, z));
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            FFDCFilter.processException((Throwable) e, getClass().getName(), "getInputStream", new Object[]{str, Boolean.valueOf(z), this});
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception opening keystore; " + exception, new Object[0]);
            }
            if (exception instanceof MalformedURLException) {
                throw ((MalformedURLException) exception);
            }
            if (exception instanceof IOException) {
                throw ((IOException) exception);
            }
            throw new IOException(exception.getMessage());
        }
    }

    public OutputStream getOutputStream(String str) throws MalformedURLException, IOException {
        try {
            return (OutputStream) AccessController.doPrivileged(new GetKeyStoreOutputStreamAction(str));
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            FFDCFilter.processException((Throwable) e, getClass().getName(), "getOutputStream", new Object[]{str, this});
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception opening keystore; " + exception, new Object[0]);
            }
            if (exception instanceof MalformedURLException) {
                throw ((MalformedURLException) exception);
            }
            if (exception instanceof IOException) {
                throw ((IOException) exception);
            }
            throw new IOException(exception.getMessage());
        }
    }

    public String generateDigest(String str, X509Certificate x509Certificate) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "generateDigest: " + str, new Object[0]);
        }
        String str2 = null;
        if (x509Certificate != null) {
            try {
                MessageDigest messageDigest = MessageDigest.getInstance(str);
                messageDigest.update(x509Certificate.getEncoded());
                byte[] digest = messageDigest.digest();
                StringBuilder sb = new StringBuilder(3 * digest.length);
                sb.append(HEX_CHARS[(digest[0] >> 4) & 15]);
                sb.append(HEX_CHARS[(digest[0] % 16) & 15]);
                for (int i = 0 + 1; i < digest.length; i++) {
                    sb.append(':');
                    sb.append(HEX_CHARS[(digest[i] >> 4) & 15]);
                    sb.append(HEX_CHARS[(digest[i] % 16) & 15]);
                }
                str2 = sb.toString();
            } catch (Exception e) {
                FFDCFilter.processException(e, getClass().getName(), "generateDigest", this);
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Error generating digest: " + e, new Object[0]);
                }
            } catch (NoClassDefFoundError e2) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Error finding a class: " + e2, new Object[0]);
                }
            }
        } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Ignoring null certificate", new Object[0]);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "generateDigest: " + str2);
        }
        return str2;
    }

    public void clearKSMap() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Clearing keystore maps", new Object[0]);
        }
        this.keyStoreMap.clear();
        this.acceleratorMap.clear();
    }

    protected void clearKeyStoreFromMap(String str) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "clearKeyStoreFromMap: " + str, new Object[0]);
        }
        this.keyStoreMap.remove(str);
        this.acceleratorMap.remove(str);
    }

    public void clearJavaKeyStoresFromKeyStoreMap() {
        synchronized (this.keyStoreMap) {
            Iterator<Map.Entry<String, WSKeyStore>> it = this.keyStoreMap.entrySet().iterator();
            while (it.hasNext()) {
                WSKeyStore value = it.next().getValue();
                if (value != null) {
                    value.clearJavaKeyStore();
                }
            }
        }
    }

    public static String getHostName() {
        try {
            if (host == null) {
                host = InetAddress.getLocalHost().getCanonicalHostName();
                if (host != null) {
                    expandMap.put("cn=${hostname},o=IBM,c=US", "cn=" + host + ",o=IBM,c=US");
                    expandMap.put("${hostname}", host);
                }
            }
        } catch (UnknownHostException e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception getting canonical hostname; " + e, new Object[0]);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "getHostName -> " + host, new Object[0]);
        }
        return host;
    }

    public static String expandHostNameVariable(String str, String str2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "expandHostNameVariable", str, str2);
        }
        String str3 = str;
        int indexOf = str.indexOf("${hostname}");
        if (indexOf != -1) {
            String substring = str.substring(0, indexOf);
            String substring2 = str.substring(indexOf + "${hostname}".length());
            if (substring != null && !substring.equals("") && substring2 != null && !substring2.equals("")) {
                str3 = substring + str2 + substring2;
            } else if (substring != null && !substring.equals("")) {
                str3 = substring + str2;
            } else if (substring2 != null && !substring2.equals("")) {
                str3 = str2 + substring2;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "expandHostNameVariable -> " + str3);
        }
        return str3;
    }

    public boolean isHWKeyStore(String str) {
        return isHWKeyStore(this.keyStoreMap.get(str));
    }

    public boolean isHWKeyStore(WSKeyStore wSKeyStore) {
        if (null == wSKeyStore) {
            return false;
        }
        return Boolean.parseBoolean(wSKeyStore.getProperty(Constants.SSLPROP_TOKEN_ENABLED));
    }

    public Provider getHWCryptoProviderInstance(String str) {
        return getHWCryptoProviderInstance(this.keyStoreMap.get(str));
    }

    public Provider getHWCryptoProviderInstance(WSKeyStore wSKeyStore) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getHWCryptoProviderInstance", new Object[0]);
        }
        WSPKCSInKeyStore wSPKCSInKeyStore = null;
        Provider provider = null;
        if (wSKeyStore != null) {
            String property = wSKeyStore.getProperty(Constants.SSLPROP_KEY_STORE);
            try {
                wSPKCSInKeyStore = pkcsStoreList.insert(wSKeyStore.getProperty(Constants.SSLPROP_KEY_STORE_TYPE), property, wSKeyStore.getProperty(Constants.SSLPROP_KEY_STORE_PASSWORD), true, wSKeyStore.getProperty(Constants.SSLPROP_KEY_STORE_PROVIDER), Boolean.parseBoolean(wSKeyStore.getProperty(Constants.SSLPROP_KEY_STORE_USE_FOR_ACCELERATION)));
            } catch (Exception e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Cannot get the HW crypto initialization status; " + e, new Object[0]);
                }
                FFDCFilter.processException(e, getClass().getName(), "getHWCryptoProviderInstance", this);
                Tr.error(tc, "ssl.crypto.hw.init.status.uncertain.CWPKI0046E", e.getMessage());
            }
            if (wSPKCSInKeyStore != null) {
                try {
                    provider = wSPKCSInKeyStore.getHWCryptoProviderInstance(property);
                } catch (Exception e2) {
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "Cannot get the HW crypto provider instance; " + e2, new Object[0]);
                    }
                    FFDCFilter.processException(e2, getClass().getName(), "getHWCryptoProviderInstance", this);
                    Tr.error(tc, "ssl.crypto.hw.provider.unavailable.CWPKI0047E", e2.getMessage());
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getHWCryptoProviderInstance");
        }
        return provider;
    }

    public void returnHWCryptoProviderInstance(String str, Provider provider) {
        returnHWCryptoProviderInstance(this.keyStoreMap.get(str), provider);
    }

    public void returnHWCryptoProviderInstance(WSKeyStore wSKeyStore, Provider provider) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "returnHWCryptoProviderInstance", new Object[0]);
        }
        WSPKCSInKeyStore wSPKCSInKeyStore = null;
        if (wSKeyStore != null) {
            String property = wSKeyStore.getProperty(Constants.SSLPROP_KEY_STORE);
            try {
                wSPKCSInKeyStore = pkcsStoreList.getListElement(property);
            } catch (Exception e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Cannot get the HW crypto keystore list element [" + property + "]; " + e, new Object[0]);
                }
            }
            if (wSPKCSInKeyStore != null) {
                try {
                    wSPKCSInKeyStore.returnHWCryptoProviderInstance(provider);
                } catch (Exception e2) {
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "Cannot return provider instance; " + e2, new Object[0]);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "returnHWCryptoProviderInstance");
        }
    }

    public static WSKeyStore getDefaultKeyStore(String str) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getDefaultKeyStore", new Object[0]);
        }
        WSKeyStore keyStore = getInstance().getKeyStore(getDefaultKeyStoreName(str));
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getDefaultKeyStore", new Object[]{keyStore});
        }
        return keyStore;
    }

    public static String getDefaultKeyStoreName(String str) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getDefaultKeyStoreName", new Object[0]);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getDefaultKeyStoreName: " + str);
        }
        return str;
    }

    public static String stripLastSlash(String str) {
        char charAt;
        if (null == str) {
            return null;
        }
        String trim = str.trim();
        int length = trim.length();
        if (0 < length && ('/' == (charAt = trim.charAt(length - 1)) || '\\' == charAt)) {
            trim = trim.substring(0, length - 1);
        }
        return trim;
    }

    public KeyStore getJavaKeyStore(String str) throws Exception {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getJavaKeyStore: " + str, new Object[0]);
        }
        if (str == null) {
            throw new SSLException("No keystore name provided.");
        }
        KeyStore keyStore = null;
        WSKeyStore wSKeyStore = this.keyStoreMap.get(str);
        if (wSKeyStore != null) {
            keyStore = wSKeyStore.getKeyStore(false, false);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getJavaKeyStore: " + keyStore);
        }
        return keyStore;
    }

    public WSKeyStore getWSKeyStore(String str) throws SSLException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getWSKeyStore: " + str, new Object[0]);
        }
        if (str == null) {
            throw new SSLException("No keystore name provided.");
        }
        WSKeyStore wSKeyStore = this.keyStoreMap.get(str);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getWSKeyStore: " + wSKeyStore);
        }
        return wSKeyStore;
    }
}
