package com.ibm.disthub.impl.server;

import com.ibm.disthub.impl.client.BaseConfig;
import com.ibm.disthub.impl.client.DebugObject;
import com.ibm.disthub.impl.security.AuthProtocol;
import com.ibm.disthub.impl.security.ICrypto;
import com.ibm.disthub.impl.security.ISSL;
import com.ibm.disthub.impl.security.MinCrypto;
import com.ibm.disthub.impl.util.Assert;
import com.ibm.disthub.impl.util.ExceptionWrapper;
import com.ibm.disthub.spi.ExceptionBuilder;
import com.ibm.disthub.spi.IllegalParameterException;
import com.ibm.disthub.spi.LogConstants;
import com.ibm.disthub.spi.ServerExceptionConstants;
import com.ibm.disthub.spi.ServerLogConstants;
import com.ibm.disthub.spi.ServiceStartupException;
import java.util.Properties;

/* loaded from: input_file:com/ibm/disthub/impl/server/SecurityResourceHandler.class */
public class SecurityResourceHandler extends StandardControlHandlerImpl implements ServerLogConstants, ServerExceptionConstants {
    private static final DebugObject debug = new DebugObject("SecurityResourceHandler");
    private boolean firstStart = false;
    protected static ICrypto s_icrypto;
    private short[] m_clientAuthProtocols;
    private short[] m_serverAuthProtocols;
    private ISSL m_B2B_iSSL;
    private ISSL m_B2B_iSSL2;
    private ISSL m_C2B_iSSL;
    private ISSL m_C2B_iSSL2;

    @Override // com.ibm.disthub.impl.server.StandardControlHandlerImpl, com.ibm.disthub.impl.server.ControlHandler
    public void init() throws ServiceStartupException {
        if (debug.debugIt(32)) {
            debug.debug(LogConstants.DEBUG_METHODENTRY, "init");
        }
        try {
            this.m_clientAuthProtocols = AuthProtocol.parseAuthProtocols(Config.CLIENT_AUTH_PROTOCOLS);
            this.m_serverAuthProtocols = AuthProtocol.parseAuthProtocols(Config.BROKER_AUTH_PROTOCOLS);
            if (debug.debugIt(64)) {
                debug.debug(LogConstants.DEBUG_METHODEXIT, "init");
            }
        } catch (IllegalArgumentException e) {
            throw new ServiceStartupException(ExceptionBuilder.buildReasonString(ServerExceptionConstants.ERR_AREG_AUTHUNKEXC, new Object[]{e}));
        }
    }

    @Override // com.ibm.disthub.impl.server.StandardControlHandlerImpl, com.ibm.disthub.impl.server.ControlHandler
    public void verify(Properties properties) throws IllegalParameterException {
        if (debug.debugIt(32)) {
            debug.debug(LogConstants.DEBUG_METHODENTRY, "verify", properties);
        }
        String property = properties.getProperty("CLIENT_AUTH_PROTOCOLS");
        String property2 = properties.getProperty("BROKER_AUTH_PROTOCOLS");
        try {
            if (!property.equals(Config.CLIENT_AUTH_PROTOCOLS)) {
                AuthProtocol.parseAuthProtocols(property);
            }
            if (!property2.equals(Config.BROKER_AUTH_PROTOCOLS)) {
                if (property2.indexOf(83) != -1) {
                    throw new IllegalArgumentException(ExceptionBuilder.buildReasonString(ServerExceptionConstants.ERR_AUTH_SISBAD, new Object[]{"S"}));
                }
                AuthProtocol.parseAuthProtocols(property2);
            }
            if (debug.debugIt(64)) {
                debug.debug(LogConstants.DEBUG_METHODEXIT, "verify");
            }
        } catch (IllegalArgumentException e) {
            throw new IllegalParameterException(ExceptionBuilder.buildReasonString(ServerExceptionConstants.ERR_AREG_AUTHUNKEXC, new Object[]{e}));
        }
    }

    @Override // com.ibm.disthub.impl.server.StandardControlHandlerImpl, com.ibm.disthub.impl.server.ControlHandler
    public void parameterSet(Properties properties) {
        if (debug.debugIt(32)) {
            debug.debug(LogConstants.DEBUG_METHODENTRY, "parameterSet", properties);
        }
        String property = properties.getProperty("CLIENT_AUTH_PROTOCOLS");
        if (property != null) {
            try {
                this.m_clientAuthProtocols = AuthProtocol.parseAuthProtocols(property);
            } catch (IllegalArgumentException e) {
                Assert.condition(false);
            }
        }
        String property2 = properties.getProperty("BROKER_AUTH_PROTOCOLS");
        if (property2 != null) {
            try {
                this.m_serverAuthProtocols = AuthProtocol.parseAuthProtocols(property2);
            } catch (IllegalArgumentException e2) {
                Assert.condition(false);
            }
        }
        if (debug.debugIt(64)) {
            debug.debug(LogConstants.DEBUG_METHODEXIT, "parameterSet");
        }
    }

    @Override // com.ibm.disthub.impl.server.StandardControlHandlerImpl, com.ibm.disthub.impl.server.ControlHandler
    public void start() throws ServiceStartupException {
        if (debug.debugIt(32)) {
            debug.debug(LogConstants.DEBUG_METHODENTRY, "start");
        }
        if (!this.firstStart) {
            try {
                BrokerControl.topologyEP.isActivated();
                s_icrypto = new MinCrypto();
                if (Services.serverPDir == null) {
                    throw new ServiceStartupException(ExceptionBuilder.buildReasonString(ServerExceptionConstants.ERR_CNF_NOSERVERPD, null));
                }
                boolean SSLrequired = AuthProtocol.SSLrequired(this.m_clientAuthProtocols);
                boolean SSLrequired2 = AuthProtocol.SSLrequired(this.m_serverAuthProtocols);
                if (SSLrequired || SSLrequired2) {
                    Class<?> cls = Class.forName(BaseConfig.SSL_CLASS);
                    if (SSLrequired) {
                        this.m_C2B_iSSL = (ISSL) cls.newInstance();
                        this.m_C2B_iSSL2 = (ISSL) cls.newInstance();
                        this.m_C2B_iSSL.lazySetup(false);
                        this.m_C2B_iSSL2.lazySetup(false);
                        this.m_C2B_iSSL.setKeyRingPWFile(BaseConfig.SSL_KEYRING_FILE, BaseConfig.SSL_PASSPHRASE_FILE);
                        this.m_C2B_iSSL2.setKeyRingPWFile(BaseConfig.SSL_KEYRING_FILE, BaseConfig.SSL_PASSPHRASE_FILE);
                        this.m_C2B_iSSL.setEnabledCipherSuites(BaseConfig.SSL_CIPHER_SUITES);
                        this.m_C2B_iSSL2.setEnabledCipherSuites(BaseConfig.SSL_CIPHER_SUITES);
                    }
                    if (SSLrequired2) {
                        this.m_B2B_iSSL = (ISSL) cls.newInstance();
                        this.m_B2B_iSSL2 = (ISSL) cls.newInstance();
                        this.m_B2B_iSSL.lazySetup(false);
                        this.m_B2B_iSSL2.lazySetup(false);
                        this.m_B2B_iSSL.setKeyRingPWFile(BaseConfig.SSL_KEYRING_FILE, BaseConfig.SSL_PASSPHRASE_FILE);
                        this.m_B2B_iSSL2.setKeyRingPWFile(BaseConfig.SSL_KEYRING_FILE, BaseConfig.SSL_PASSPHRASE_FILE);
                        String str = Config.SSL_B2B_CIPHER_SUITES;
                        if (str == null || str.length() == 0) {
                            str = BaseConfig.SSL_CIPHER_SUITES;
                        }
                        this.m_B2B_iSSL.setEnabledCipherSuites(str);
                        this.m_B2B_iSSL2.setEnabledCipherSuites(str);
                    }
                }
                this.firstStart = true;
            } catch (ServiceStartupException e) {
                throw e;
            } catch (Exception e2) {
                throw new ServiceStartupException(ExceptionBuilder.buildReasonString(ServerExceptionConstants.ERR_AREG_AUTHUNKEXC, new Object[]{new ExceptionWrapper(e2)}));
            }
        }
        super.start();
        if (debug.debugIt(64)) {
            debug.debug(LogConstants.DEBUG_METHODEXIT, "start");
        }
    }

    public short[] getClientAuthProtocols() {
        return this.m_clientAuthProtocols;
    }

    public short[] getServerAuthProtocols() {
        return this.m_serverAuthProtocols;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ISSL getClientServerSSLImpl() {
        return this.m_C2B_iSSL;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ISSL getClientServerPureSSLImpl() {
        return this.m_C2B_iSSL2;
    }

    public ISSL getServerServerSSLImpl() {
        return this.m_B2B_iSSL;
    }

    public ISSL getServerServerPureSSLImpl() {
        return this.m_B2B_iSSL2;
    }
}
