package com.ibm.ws.ssl.provider;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.orbssl.SSLCiphers;
import com.ibm.ws.security.orbssl.SSLDefaults;
import com.ibm.ws.ssl.JSSEProvider;
import com.ibm.ws.ssl.SSLConfig;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:lib/iwsorb.jar:com/ibm/ws/ssl/provider/IBMJSSEFIPSProvider.class */
public class IBMJSSEFIPSProvider extends AbstractJSSEProvider implements JSSEProvider {
    private String keyManager = "IbmX509";
    private String trustManager = "IbmX509";
    private String contextProvider = SSLCiphers.JSSEFIPS_PROVIDER;
    private String keyStoreProvider = "IBMJCE";
    private String socketFactory = SSLConfig.IBMJSSEFIPS_SOCKET_FACTORY;
    private String protocolPackageHandler = "com.ibm.fips.net.ssl.internal.www.protocol";
    private static final String[] HIGH_CIPHER_SUITES = {"SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_FIPS_WITH_DES_CBC_SHA", "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"};
    private static final String[] MEDIUM_CIPHER_SUITES = new String[0];
    private static final String[] LOW_SERVER_CIPHER_SUITES = new String[0];
    private static final String[] LOW_CLIENT_CIPHER_SUITES = new String[0];
    private static final String[] CONFIDENTIALITY_CIPHER_SUITES = {"SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_FIPS_WITH_DES_CBC_SHA", "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"};
    private static final String[] INTEGRITY_CIPHER_SUITES = new String[0];
    private static final String[] AUTHENTICITY_CIPHER_SUITES = new String[0];
    private static TraceComponent tc;
    static Class class$com$ibm$ws$ssl$provider$IBMJSSEFIPSProvider;

    public IBMJSSEFIPSProvider() {
        AbstractJSSEProvider.registerPackage(this.protocolPackageHandler);
        Provider provider = null;
        try {
            provider = Security.getProvider(SSLDefaults.DEFAULT_CONTEXT_PROVIDER);
        } catch (Throwable th) {
            System.err.println(new StringBuffer().append("getProvider(IBMJSSE) Exception caught: ").append(th.getMessage()).toString());
            th.printStackTrace();
        }
        Provider provider2 = null;
        try {
            provider2 = Security.getProvider(SSLCiphers.JSSEFIPS_PROVIDER);
        } catch (Throwable th2) {
            System.err.println(new StringBuffer().append("getProvider(IBMJSSEFIPS) Exception caught: ").append(th2.getMessage()).toString());
            th2.printStackTrace();
        }
        if (provider2 == null) {
            int i = 0;
            if (provider != null) {
                try {
                    Provider[] providers = Security.getProviders();
                    int i2 = 0;
                    while (true) {
                        if (i2 >= providers.length) {
                            break;
                        }
                        if (providers[i2] != null && new String(SSLDefaults.DEFAULT_CONTEXT_PROVIDER).equals(providers[i2].getName())) {
                            i = i2;
                            break;
                        }
                        i2++;
                    }
                } catch (Exception e) {
                    System.err.println(new StringBuffer().append("Exception caught adding IBMJSSEFIPS: ").append(e.getMessage()).toString());
                    e.printStackTrace();
                    return;
                }
            }
            Provider provider3 = (Provider) Class.forName(CommonConstants.IBMJSSEFIPS).newInstance();
            if (i > 0) {
                Security.insertProviderAt(provider3, i);
            } else {
                Security.addProvider(provider3);
            }
        }
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String getSSLSocketFactory() {
        return super.getSSLSocketFactory(this.socketFactory);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String getSSLProtocolPackageHandler() {
        return super.getSSLProtocolPackageHandler(this.protocolPackageHandler);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String[] getCiphersForSecurityLevel(boolean z, String str) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getCiphersForSecurityLevel: ", new Object[]{new Boolean(z), str});
        }
        return str == null ? CONFIDENTIALITY_CIPHER_SUITES : str.equalsIgnoreCase("high") ? HIGH_CIPHER_SUITES : str.equalsIgnoreCase("medium") ? MEDIUM_CIPHER_SUITES : str.equalsIgnoreCase("low") ? !z ? LOW_SERVER_CIPHER_SUITES : LOW_CLIENT_CIPHER_SUITES : str.equalsIgnoreCase("confidentiality") ? CONFIDENTIALITY_CIPHER_SUITES : str.equalsIgnoreCase("integrity") ? INTEGRITY_CIPHER_SUITES : str.equalsIgnoreCase("authenticity") ? AUTHENTICITY_CIPHER_SUITES : CONFIDENTIALITY_CIPHER_SUITES;
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public SSLContext getSSLContextInstance(String str) throws NoSuchAlgorithmException, NoSuchProviderException {
        return super.getSSLContextInstance(str, this.contextProvider);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public TrustManagerFactory getTrustManagerFactoryInstance() throws NoSuchAlgorithmException, NoSuchProviderException {
        return super.getTrustManagerFactoryInstance(this.trustManager, this.contextProvider);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public KeyManagerFactory getKeyManagerFactoryInstance() throws NoSuchAlgorithmException, NoSuchProviderException {
        return super.getKeyManagerFactoryInstance(this.keyManager, this.contextProvider);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public KeyStore getKeyStoreInstance(String str) throws KeyStoreException, NoSuchProviderException {
        return super.getKeyStoreInstance(str, this.keyStoreProvider);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String getKeyManager() {
        return this.keyManager;
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String getTrustManager() {
        return this.trustManager;
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String getContextProvider() {
        return this.contextProvider;
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String getKeyStoreProvider() {
        return this.keyStoreProvider;
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String getSocketFactory() {
        return this.socketFactory;
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String getProtocolPackageHandler() {
        return this.protocolPackageHandler;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$ssl$provider$IBMJSSEFIPSProvider == null) {
            cls = class$("com.ibm.ws.ssl.provider.IBMJSSEFIPSProvider");
            class$com$ibm$ws$ssl$provider$IBMJSSEFIPSProvider = cls;
        } else {
            cls = class$com$ibm$ws$ssl$provider$IBMJSSEFIPSProvider;
        }
        tc = Tr.register(cls.getName(), "SSL");
    }
}
