package com.ibm.ctg.server;

import com.ibm.ctg.client.GatewayRequest;
import com.ibm.ctg.client.SafeIP;
import com.ibm.ctg.client.T;
import com.ibm.ctg.security.SystemSSLServerSecurity;
import com.ibm.ctg.server.ProtocolHandler;
import com.ibm.etools.validate.MarkerConstants;
import com.ibm.gskssl.SSLCertificate;
import com.ibm.gskssl.SSLServerSocket;
import com.ibm.gskssl.SSLSocket;
import com.ibm.gskssl.SSLWrapper;
import java.io.BufferedInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.StringTokenizer;

/* loaded from: input_file:/deploytool/itp/plugins/com.ibm.etools.j2ee/EARExamples/Auction.ear:CTGSERVER.JAR:com/ibm/ctg/server/GskSslHandler.class */
class GskSslHandler extends ProtocolHandler {
    private ManagedResources mgrResources;
    private SSLServerSocket socListenOn;
    private int iPort;
    private static final String strPort = "port=";
    private String strKeyRingClass;
    private String strKeyRingClassPW;
    private static final String strKeyRing = "keyring=";
    private static final String strKeyRingPW = "keyringpw=";
    private String strClientAuthenticationValue;
    private static final String strClientAuthentication = "clientauth=";
    private int iSoTimeout;
    private static final String strSoTimeout = "sotimeout=";
    private int iSoLinger;
    private static final String strSoLinger = "solinger=";
    private long lConnectTimeout;
    private static final String strConnectTimeout = "connecttimeout=";
    private SSLSocket socToClient;
    private DataInputStream disFromClient;
    private String strUs;
    public static String CLASS_VERSION = "1.5";
    private static ProtocolHandler.ProtocolHandlerParameters parAmsProtocols = null;

    GskSslHandler() {
        this.iPort = 8050;
        this.strKeyRingClass = "key.kdb";
        this.strKeyRingClassPW = "password";
        this.strClientAuthenticationValue = "false";
        T.ln(this, "GskSslHandler CTOR");
    }

    GskSslHandler(SSLSocket sSLSocket) throws IOException {
        super(sSLSocket.getImpl().getInetAddress());
        this.iPort = 8050;
        this.strKeyRingClass = "key.kdb";
        this.strKeyRingClassPW = "password";
        this.strClientAuthenticationValue = "false";
        if (T.bDebug) {
            T.in(this, "GskSslHandler", SafeIP.toString(sSLSocket.getImpl().getInetAddress()));
        }
        this.parAms = parAmsProtocols;
        this.socToClient = sSLSocket;
        int i = 0;
        if (this.parAms.lPingFrequency > 0) {
            i = (int) (this.parAms.lPingFrequency < this.parAms.lIdleTimeout ? this.parAms.lPingFrequency : this.parAms.lIdleTimeout);
        } else if (this.parAms.lIdleTimeout > 0) {
            i = (int) this.parAms.lIdleTimeout;
        }
        this.socToClient.setSoTimeout(i);
        T.ln(this, "Set SO_TIMEOUT to {0} ms", new Integer(i));
        if (this.iSoLinger > 0) {
            this.socToClient.setSoLinger(true, this.iSoLinger);
        } else {
            this.socToClient.setSoLinger(false, 0);
        }
        this.disFromClient = new DataInputStream(new BufferedInputStream(this.socToClient.getInputStream()));
        this.strUs = new StringBuffer("ssl:@").append(SafeIP.toString(this.socToClient.getImpl().getInetAddress())).toString();
        this.bInstanceOpen = true;
        T.out(this, "GskSslHandler");
    }

    @Override // com.ibm.ctg.server.ProtocolHandler
    public String toString() {
        return this.strUs;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.ibm.ctg.server.ProtocolHandler
    public void initialize(ManagedResources managedResources, String str) throws Exception {
        StringBuffer stringBuffer = new StringBuffer();
        this.mgrResources = managedResources;
        ProtocolHandler.ProtocolHandlerParameters protocolHandlerParameters = new ProtocolHandler.ProtocolHandlerParameters();
        parAmsProtocols = protocolHandlerParameters;
        this.parAms = protocolHandlerParameters;
        this.parAms.bRequireSecurity = ProtocolHandler.bGlobalRequireSecurity;
        if (str == null) {
            str = "";
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.startsWith(strPort)) {
                try {
                    this.iPort = Integer.parseInt(nextToken.substring(strPort.length()));
                    if (this.iPort < 1) {
                        throw new IllegalArgumentException();
                    }
                    stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                    T.ln(this, "Set ssl: {0} = {1}", nextToken, new Integer(this.iPort));
                } catch (Exception unused) {
                    throw new IllegalArgumentException(new StringBuffer("port= ").append(nextToken.substring(strPort.length())).toString());
                }
            } else if (nextToken.startsWith(strKeyRing)) {
                this.strKeyRingClass = nextToken.substring(strKeyRing.length());
                stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                T.ln(this, "Set ssl: {0} = {1}", nextToken, this.strKeyRingClass);
            } else if (nextToken.startsWith(strKeyRingPW)) {
                this.strKeyRingClassPW = nextToken.substring(strKeyRingPW.length());
                stringBuffer.append(new String("keyringpw=******;"));
            } else if (nextToken.startsWith(strClientAuthentication)) {
                this.strClientAuthenticationValue = nextToken.substring(strClientAuthentication.length());
                stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                T.ln(this, "Set ssl: {0} = {1}", nextToken, this.strClientAuthenticationValue);
            } else if (nextToken.startsWith("idletimeout=")) {
                try {
                    this.parAms.lIdleTimeout = Long.parseLong(nextToken.substring("idletimeout=".length()));
                    if (this.parAms.lIdleTimeout < 0) {
                        throw new IllegalArgumentException();
                    }
                    stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                    T.ln(this, "Set ssl: {0} = {1}", nextToken, new Long(this.parAms.lIdleTimeout));
                } catch (Exception unused2) {
                    throw new IllegalArgumentException(new StringBuffer("idletimeout= ").append(nextToken.substring("idletimeout=".length())).toString());
                }
            } else if (nextToken.equals("dropworking")) {
                this.parAms.bDropWorking = true;
                stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                T.ln(this, "Set ssl: dropworking = true");
            } else if (nextToken.equals("requiresecurity")) {
                this.parAms.bRequireSecurity = true;
                stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                T.ln(this, "Set ssl: requiresecurity = true");
            } else if (nextToken.startsWith("pingfrequency=")) {
                try {
                    this.parAms.lPingFrequency = Long.parseLong(nextToken.substring("pingfrequency=".length()));
                    if (this.parAms.lPingFrequency < 0) {
                        throw new IllegalArgumentException();
                    }
                    stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                    T.ln(this, "Set ssl: {0} = {1}", nextToken, new Long(this.parAms.lPingFrequency));
                } catch (Exception unused3) {
                    throw new IllegalArgumentException(new StringBuffer("pingfrequency= ").append(nextToken.substring("pingfrequency=".length())).toString());
                }
            } else if (nextToken.startsWith(strConnectTimeout)) {
                try {
                    this.lConnectTimeout = Long.parseLong(nextToken.substring(strConnectTimeout.length()));
                    if (this.lConnectTimeout < 0) {
                        throw new IllegalArgumentException();
                    }
                    stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                    T.ln(this, "Set ssl: {0} = {1}", nextToken, new Long(this.lConnectTimeout));
                } catch (Exception unused4) {
                    throw new IllegalArgumentException(new StringBuffer("connecttimeout= ").append(nextToken.substring(strConnectTimeout.length())).toString());
                }
            } else if (nextToken.startsWith(strSoTimeout)) {
                try {
                    this.iSoTimeout = Integer.parseInt(nextToken.substring(strSoTimeout.length()));
                    if (this.iSoTimeout < 0) {
                        throw new IllegalArgumentException();
                    }
                    stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                    T.ln(this, "Set ssl {0} = {1}", nextToken, new Integer(this.iSoTimeout));
                } catch (Exception unused5) {
                    throw new IllegalArgumentException(new StringBuffer("sotimeout= ").append(nextToken.substring(strSoTimeout.length())).toString());
                }
            } else if (nextToken.startsWith(strSoLinger)) {
                try {
                    this.iSoLinger = Integer.parseInt(nextToken.substring(strSoLinger.length()));
                    if (this.iSoLinger < 0) {
                        throw new IllegalArgumentException();
                    }
                    stringBuffer.append(nextToken.toString()).append(MarkerConstants.PRJ_MARKER_VALLIST_SEPARATOR);
                    T.ln(this, "Set ssl: {0} = {1}", nextToken, new Integer(this.iSoLinger));
                } catch (Exception unused6) {
                    throw new IllegalArgumentException(new StringBuffer("solinger= ").append(nextToken.substring(strSoLinger.length())).toString());
                }
            } else {
                continue;
            }
        }
        T.in(this, "initialize", managedResources, stringBuffer.toString());
        SSLWrapper sSLWrapper = new SSLWrapper();
        if (this.strClientAuthenticationValue.equalsIgnoreCase("true") || this.strClientAuthenticationValue.equalsIgnoreCase("on") || this.strClientAuthenticationValue.equalsIgnoreCase("yes")) {
            sSLWrapper.setHsType(2);
            T.ln(this, "(System-SSL) ssl: Client Authentication enabled");
        } else {
            sSLWrapper.setHsType(1);
            T.ln(this, "(System-SSL) ssl: Server-only Authentication enabled");
        }
        sSLWrapper.setKeyring(this.strKeyRingClass);
        sSLWrapper.setKeyringPassword(this.strKeyRingClassPW);
        this.socListenOn = new SSLServerSocket(this.iPort, 8192, sSLWrapper);
        this.socListenOn.setSoTimeout(this.iSoTimeout);
        T.out(this, "initialize");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.ibm.ctg.server.ProtocolHandler
    public synchronized void closeProtocol() {
        T.in(this, "closeProtocol");
        this.bProtocolOpen = false;
        T.out(this, "closeProtocol");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.ibm.ctg.server.ProtocolHandler
    public synchronized void close(boolean z) throws IOException {
        T.in(this, "close", new Boolean(z));
        if (z) {
            try {
                GatewayRequest gatewayRequest = new GatewayRequest();
                gatewayRequest.setFlowType(4);
                gatewayRequest.setRc(GatewayRequest.ERROR_GATEWAY_CLOSED);
                gatewayRequest.setMessageId(-1);
                sendReply(gatewayRequest);
            } catch (IOException e) {
                T.ex(this, e);
            }
        }
        this.socToClient.close();
        this.socToClient = null;
        this.bInstanceOpen = false;
        T.out(this, "close");
    }

    @Override // com.ibm.ctg.server.ProtocolHandler
    DataInputStream readFromWire(GatewayRequest gatewayRequest) throws IOException {
        T.in(this, "readFromWire", gatewayRequest);
        gatewayRequest.readObject(this.disFromClient);
        T.out(this, "readFromWire", this.disFromClient);
        return this.disFromClient;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.ibm.ctg.server.ProtocolHandler
    public void resetWire(GatewayRequest gatewayRequest) {
        T.in(this, "resetWire");
        int dataWhichFollows = gatewayRequest.getDataWhichFollows();
        T.ln(this, "Bytes to lose = {0}", new Integer(dataWhichFollows));
        try {
            InputStream inputStream = this.socToClient.getInputStream();
            byte[] bArr = new byte[dataWhichFollows];
            int i = 1;
            while (dataWhichFollows > 0 && i > 0) {
                int read = inputStream.read(bArr, 0, dataWhichFollows);
                i = read;
                dataWhichFollows -= read;
            }
        } catch (IOException e) {
            T.ex(this, e);
        }
        T.out(this, "resetWire");
    }

    /* JADX WARN: Type inference failed for: r0v5, types: [java.lang.Throwable, com.ibm.gskssl.SSLSocket] */
    @Override // com.ibm.ctg.server.ProtocolHandler
    void writeToWire(byte[] bArr, GatewayRequest gatewayRequest) throws IOException {
        T.in(this, "writeToWire", bArr, gatewayRequest);
        if (this.socToClient != null) {
            synchronized (this.socToClient) {
                this.socToClient.getOutputStream().write(bArr);
                this.socToClient.getOutputStream().flush();
                T.ln(this, "Sent {0} bytes to client SSLSocket", new Integer(bArr.length));
            }
        }
        T.out(this, "writeToWire");
    }

    /* JADX WARN: Code restructure failed: missing block: B:67:0x003f, code lost:
    
        ret jsr -> L3a;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:41:0x013a A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Type inference failed for: r0v6 */
    /* JADX WARN: Type inference failed for: r0v7, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v9, types: [boolean] */
    /* JADX WARN: Type inference failed for: r5v0, types: [java.lang.Throwable, com.ibm.ctg.server.ProtocolHandler, com.ibm.ctg.server.GskSslHandler, java.lang.Object] */
    @Override // com.ibm.ctg.server.ProtocolHandler, java.lang.Runnable
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void run() {
        /*
            Method dump skipped, instructions count: 336
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ctg.server.GskSslHandler.run():void");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.ibm.ctg.server.ProtocolHandler
    public void afterDecode(GatewayRequest gatewayRequest) throws IOException {
        T.in(this, "afterDecode", gatewayRequest);
        if (this.serSecurity != null) {
            T.ln(this, "Calling this connection's ServerSecurity handler");
            SSLCertificate certificate = this.socToClient.getImpl().getCertificate();
            try {
                if (this.serSecurity instanceof SystemSSLServerSecurity) {
                    T.ln(this, "Using a SystemSSLServerSecurity exit");
                    ((SystemSSLServerSecurity) this.serSecurity).afterDecode(gatewayRequest, certificate);
                } else {
                    this.serSecurity.afterDecode(gatewayRequest);
                }
            } catch (Exception e) {
                T.ex(this, e);
                throw new IOException(e.getMessage());
            }
        }
        T.out(this, "afterDecode");
    }
}
