package com.micromuse.objectserver;

import com.ibm.security.cmskeystore.CMSProvider;
import com.micromuse.centralconfig.ConfigurationContext;
import com.micromuse.centralconfig.swing.CertOptionsDialog;
import com.micromuse.centralconfig.util.OpSys;
import com.micromuse.common.repository.util.Lib;
import com.micromuse.common.repository.util.Strings;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.Security;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Properties;
import java.util.ResourceBundle;
import java.util.Vector;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:nco_administrator-5.11.45-noarch.npm:omnibus/java/jars/ControlTower.jar:com/micromuse/objectserver/Crypto.class */
public class Crypto {
    private static String keyStoreFileName;
    private static String keyStoreDirName;
    private static String pwdStashFileName;
    private static String pwdStashDirName;
    private String USER_ACCEPTED_CERTS = "usr.accepted.certs";
    private String password = "";
    KeyStore ks = null;
    static ResourceBundle res = ResourceBundle.getBundle("com.micromuse.objectserver.Crypto");
    private static String okCertsFileName = "user_allowed_certs.properties";
    private static String STASH = "omni.sth";
    private static String STORE = "omni.kdb";
    private static Vector accepted_certs = new Vector();
    private static Vector session_certs = new Vector();
    static String CV = res.getString("String_1");
    static String IK = res.getString("String_2");
    private static String SEP = res.getString("String_3");
    static String CNR = res.getString("String_4");
    static String SSL = res.getString("String_5");
    private static Crypto crypto = null;

    public static Crypto getInstance() {
        if (crypto == null) {
            crypto = new Crypto();
            crypto.initialize();
        }
        return crypto;
    }

    private Crypto() {
        Security.insertProviderAt(new CMSProvider(), 0);
        initialiseUserAcceptedCerts();
    }

    public void clearAcceptedCerts() {
        accepted_certs.clear();
        session_certs.clear();
        Lib.setPersonalAttributeString(okCertsFileName, this.USER_ACCEPTED_CERTS, getUACerts());
    }

    public void setProperties(Properties properties) {
        properties.put("javax.net.ssl.trustStore", getKeyStoreDirName() + System.getProperty(Strings.FILE_SEPARATOR_PROPERTY) + getKeyStoreFileName());
        properties.put("javax.net.ssl.trustStorePassword", this.password);
    }

    private int getUserOption(String str, X509Certificate x509Certificate) {
        CertOptionsDialog certOptionsDialog = new CertOptionsDialog(ConfigurationContext.getApplicationFrame(), CV, str, x509Certificate);
        ConfigurationContext.getFrameSupport().centerDialog(certOptionsDialog);
        certOptionsDialog.setVisible(true);
        return certOptionsDialog.getUserOption();
    }

    private void initialiseUserAcceptedCerts() {
        String userAttributeString = Lib.getUserAttributeString(okCertsFileName, this.USER_ACCEPTED_CERTS);
        if (userAttributeString == null || userAttributeString.length() <= 0) {
            return;
        }
        for (String str : Lib.tokenize(userAttributeString, ",")) {
            addCert(str);
        }
    }

    public void addSessionCert(String str, PublicKey publicKey) throws Exception {
        addSessionCert(str, stringForCert(publicKey));
    }

    public void addSessionCert(String str, String str2) {
        synchronized (session_certs) {
            if (!session_certs.contains(str + SEP + str2)) {
                session_certs.add(str + SEP + str2);
            }
        }
    }

    private String getUACerts() {
        String str = "";
        for (int i = 0; i < accepted_certs.size(); i++) {
            str = str + accepted_certs.elementAt(i) + ",";
        }
        return str;
    }

    public void addCert(String str, PublicKey publicKey) throws Exception {
        addCert(str, stringForCert(publicKey));
    }

    public void addCert(String str, String str2) {
        synchronized (accepted_certs) {
            if (!accepted_certs.contains(str + SEP + str2)) {
                accepted_certs.add(str + SEP + str2);
                Lib.setPersonalAttributeString(okCertsFileName, this.USER_ACCEPTED_CERTS, getUACerts());
            }
        }
    }

    public void addCert(String str) {
        synchronized (accepted_certs) {
            if (!accepted_certs.contains(str)) {
                accepted_certs.add(str);
                Lib.setPersonalAttributeString(okCertsFileName, this.USER_ACCEPTED_CERTS, getUACerts());
            }
        }
    }

    public boolean allowConnectionToProceed(String str, String str2, X509Certificate x509Certificate) throws Exception {
        PublicKey publicKey = x509Certificate.getPublicKey();
        if (isUserAllowedCert(str2, publicKey)) {
            return true;
        }
        int userOption = getUserOption(str, x509Certificate);
        switch (userOption) {
            case 1:
                addSessionCert(str2, publicKey);
                break;
            case 2:
                addCert(str2, publicKey);
                break;
        }
        return userOption != 0;
    }

    String stringForCert(PublicKey publicKey) throws Exception {
        if (publicKey instanceof RSAPublicKey) {
            return ((RSAPublicKey) publicKey).getModulus() + "";
        }
        if (publicKey instanceof DSAPublicKey) {
            return ((DSAPublicKey) publicKey).getY() + "";
        }
        throw new Exception(IK);
    }

    public boolean isUserAllowedCert(String str, PublicKey publicKey) throws Exception {
        String stringForCert = stringForCert(publicKey);
        boolean isSessionCert = isSessionCert(str, stringForCert);
        if (!isSessionCert) {
            isSessionCert = isUserAcceptedCert(str, stringForCert);
        }
        return isSessionCert;
    }

    private boolean isUserAcceptedCert(String str, String str2) {
        boolean contains;
        synchronized (accepted_certs) {
            contains = accepted_certs.contains(str + SEP + str2);
        }
        return contains;
    }

    private boolean isSessionCert(String str, String str2) {
        boolean contains;
        synchronized (session_certs) {
            contains = session_certs.contains(str + SEP + str2);
        }
        return contains;
    }

    public void initialize() {
        String str = System.getProperty("nc.home") + Lib.FS + (OpSys.isWindows() ? "ini" : "etc") + Lib.FS + "security" + Lib.FS + "keys" + Lib.FS;
        setKeyStoreDirName(str);
        setKeyStoreFileName(STORE);
        setStashDirName(str);
        setStashFileName(STASH);
    }

    public void setStashFileName(String str) {
        pwdStashFileName = str;
    }

    public void setStashDirName(String str) {
        pwdStashDirName = str;
    }

    public void setKeyStoreDirName(String str) {
        keyStoreDirName = str;
    }

    public void setKeyStoreFileName(String str) {
        keyStoreFileName = str;
    }

    public String getStashFileName() {
        return pwdStashFileName;
    }

    public String getStashDirName() {
        return pwdStashDirName;
    }

    public String getKeyStoreDirName() {
        return keyStoreDirName;
    }

    public String getKeyStoreFileName() {
        return keyStoreFileName;
    }
}
