package com.ibm.wbimonitor.ute.itc.emitter;

import com.ibm.wbimonitor.ute.itc.LoggerUtility;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:monitorItc.jar:com/ibm/wbimonitor/ute/itc/emitter/CertificateManager.class */
public class CertificateManager {
    public static final String COPYRIGHT = "Copyright IBM Corporation 2009, 2011.";
    public final String PASSWORD;
    private final KeyStore keyStore;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:monitorItc.jar:com/ibm/wbimonitor/ute/itc/emitter/CertificateManager$SavingTrustManager.class */
    public static class SavingTrustManager implements X509TrustManager {
        public static final String COPYRIGHT = "Copyright IBM Corporation 2011.";
        public final X509TrustManager tm;
        public X509Certificate[] chain;

        public SavingTrustManager(X509TrustManager x509TrustManager) {
            this.tm = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.chain = x509CertificateArr;
            this.tm.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public CertificateManager(String str) {
        this.PASSWORD = str;
        try {
            this.keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                char c = File.separatorChar;
                File file = new File(new File(String.valueOf(System.getProperty("java.home")) + c + "lib" + c + "security"), "cacerts");
                char[] charArray = this.PASSWORD.toCharArray();
                FileInputStream fileInputStream = null;
                try {
                    fileInputStream = new FileInputStream(file);
                    this.keyStore.load(fileInputStream, charArray);
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException unused) {
                        }
                    }
                } catch (Throwable th) {
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException unused2) {
                        }
                    }
                    throw th;
                }
            } catch (IOException unused3) {
            } catch (NoSuchAlgorithmException unused4) {
            } catch (CertificateException unused5) {
            }
        } catch (KeyStoreException e) {
            throw new AssertionError(e);
        }
    }

    public SSLSocketFactory getSSLSocketFactory() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(this.keyStore);
        SavingTrustManager savingTrustManager = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{savingTrustManager}, null);
        return sSLContext.getSocketFactory();
    }

    public File createTempCertificate(String str, int i) {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                File createTempFile = File.createTempFile("tempTrust", ".store");
                fileOutputStream = new FileOutputStream(createTempFile);
                if (createCertificate(str, i)) {
                    this.keyStore.store(fileOutputStream, this.PASSWORD.toCharArray());
                }
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException unused) {
                    }
                }
                return createTempFile;
            } catch (Exception e) {
                LoggerUtility.getLogger().severe("Failed to get the certificate from the target server: " + str);
                LoggerUtility.exceptionToLogger(e);
                if (fileOutputStream == null) {
                    return null;
                }
                try {
                    fileOutputStream.close();
                    return null;
                } catch (IOException unused2) {
                    return null;
                }
            }
        } catch (Throwable th) {
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException unused3) {
                }
            }
            throw th;
        }
    }

    public boolean createCertificate(String str, int i) throws KeyStoreException, NoSuchAlgorithmException, IOException, KeyManagementException {
        String alias = getAlias(str, i);
        if (this.keyStore.containsAlias(alias)) {
            return true;
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(this.keyStore);
        SavingTrustManager savingTrustManager = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{savingTrustManager}, null);
        SSLSocket sSLSocket = null;
        try {
            sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, i);
            sSLSocket.setSoTimeout(10000);
            sSLSocket.startHandshake();
            sSLSocket.close();
            if (sSLSocket != null && !sSLSocket.isClosed()) {
                sSLSocket.close();
            }
        } catch (SSLException unused) {
            if (sSLSocket != null && !sSLSocket.isClosed()) {
                sSLSocket.close();
            }
        } catch (Throwable th) {
            if (sSLSocket != null && !sSLSocket.isClosed()) {
                sSLSocket.close();
            }
            throw th;
        }
        X509Certificate[] x509CertificateArr = savingTrustManager.chain;
        if (x509CertificateArr == null) {
            LoggerUtility.console(Level.SEVERE, "Can not obtain the certificate chain from the target server, please check the host and port of the target server.");
            return false;
        }
        this.keyStore.setCertificateEntry(alias, x509CertificateArr[0]);
        return true;
    }

    private static String getAlias(String str, int i) {
        return String.valueOf(str) + "-" + i;
    }
}
