package com.ibm.etools.mft.navigator.startup;

import com.ibm.etools.mft.navigator.NavigatorPlugin;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.eclipse.core.runtime.Status;
import org.eclipse.osgi.util.NLS;
import org.eclipse.swt.widgets.Display;
import org.eclipse.ui.PlatformUI;

/* loaded from: input_file:com/ibm/etools/mft/navigator/startup/DynamicX509TrustManager.class */
public class DynamicX509TrustManager implements X509TrustManager {
    private X509TrustManager trustManager;
    private static final String CERTIFICATE_ALIAS_PERFIX = "com.ibm.etools.msg.importer.wsdl_";
    public static final String DEFAULT_JVMTRUSTSTORE_LOCATION = String.valueOf(System.getProperty("java.home")) + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts";
    public static final String DEFAULT_JVMTRUSTSTORE_PWD = "changeit";

    /* renamed from: com.ibm.etools.mft.navigator.startup.DynamicX509TrustManager$1RunnableTrustCertDialog, reason: invalid class name */
    /* loaded from: input_file:com/ibm/etools/mft/navigator/startup/DynamicX509TrustManager$1RunnableTrustCertDialog.class */
    class C1RunnableTrustCertDialog implements Runnable {
        public int buttonPressed = 1;
        private final /* synthetic */ X509Certificate val$cert;

        C1RunnableTrustCertDialog(X509Certificate x509Certificate) {
            this.val$cert = x509Certificate;
        }

        @Override // java.lang.Runnable
        public void run() {
            this.buttonPressed = new TrustCertificateDialog(PlatformUI.getWorkbench().getDisplay().getActiveShell(), this.val$cert).open();
        }
    }

    public DynamicX509TrustManager() throws CertificateException {
        String property = System.getProperty("javax.net.ssl.trustStore");
        String property2 = System.getProperty("javax.net.ssl.trustStorePassword");
        initializeTrustManager(property == null ? DEFAULT_JVMTRUSTSTORE_LOCATION : property, property2 == null ? DEFAULT_JVMTRUSTSTORE_PWD : property2);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.trustManager.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.trustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            C1RunnableTrustCertDialog c1RunnableTrustCertDialog = new C1RunnableTrustCertDialog(x509CertificateArr[0]);
            Display.getDefault().syncExec(c1RunnableTrustCertDialog);
            if (c1RunnableTrustCertDialog.buttonPressed != 0) {
                throw new CertificateException(SSLMessages.Error_CertificateIsNotTrustedByUser, e);
            }
            String property = System.getProperty("javax.net.ssl.trustStore");
            String property2 = System.getProperty("javax.net.ssl.trustStorePassword");
            if (property == null) {
                property = DEFAULT_JVMTRUSTSTORE_LOCATION;
            }
            if (property2 == null) {
                property2 = DEFAULT_JVMTRUSTSTORE_PWD;
            }
            addCertificateToTrustStore(x509CertificateArr[0], property, property2);
            initializeTrustManager(property, property2);
            this.trustManager.checkServerTrusted(x509CertificateArr, str);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.trustManager.getAcceptedIssuers();
    }

    private void initializeTrustManager(String str, String str2) throws CertificateException {
        FileInputStream fileInputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                fileInputStream = new FileInputStream(str);
                keyStore.load(fileInputStream, str2.toCharArray());
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                for (int i = 0; i < trustManagers.length; i++) {
                    if (trustManagers[i] instanceof X509TrustManager) {
                        this.trustManager = (X509TrustManager) trustManagers[i];
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                                return;
                            } catch (IOException unused) {
                                return;
                            }
                        }
                        return;
                    }
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException unused2) {
                    }
                }
            } catch (Exception e) {
                handleException(e, str, null);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException unused3) {
                    }
                }
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException unused4) {
                }
            }
            throw th;
        }
    }

    public static String addCertificateToTrustStore(Certificate certificate, String str, String str2) throws CertificateException {
        String str3 = null;
        FileInputStream fileInputStream = null;
        FileOutputStream fileOutputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                fileInputStream = new FileInputStream(str);
                keyStore.load(fileInputStream, str2.toCharArray());
                str3 = CERTIFICATE_ALIAS_PERFIX + System.currentTimeMillis();
                keyStore.setCertificateEntry(str3, certificate);
                fileInputStream.close();
                fileOutputStream = new FileOutputStream(str);
                keyStore.store(fileOutputStream, str2.toCharArray());
                fileOutputStream.close();
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException unused) {
                    }
                }
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException unused2) {
                        throw th;
                    }
                }
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                throw th;
            }
        } catch (Exception e) {
            handleException(e, str, str3);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException unused3) {
                }
            }
            if (fileOutputStream != null) {
                fileOutputStream.close();
            }
        }
        return str3;
    }

    private static void handleException(Exception exc, String str, String str2) throws CertificateException {
        if (exc instanceof FileNotFoundException) {
            throw new CertificateException(NLS.bind(SSLMessages.Error_TrustStoreFileNotFoundException, str), exc);
        }
        if (exc instanceof IOException) {
            throw new CertificateException(exc.getCause() instanceof UnrecoverableKeyException ? NLS.bind(SSLMessages.Error_TrustStoreIOExceptionInvalidPassword, str) : NLS.bind(SSLMessages.Error_TrustStoreIOExceptionIOProblem, str), exc);
        }
        if (exc instanceof KeyStoreException) {
            throw new CertificateException(str2 != null ? NLS.bind(SSLMessages.Error_TrustStoreKeyStoreException, new Object[]{str, str2}) : NLS.bind(SSLMessages.Error_TrustStoreKeyStoreGetInstanceException, new Object[]{str, KeyStore.getDefaultType()}), exc);
        }
        if (exc instanceof NoSuchAlgorithmException) {
            throw new CertificateException(NLS.bind(SSLMessages.Error_TrustStoreNoSuchAlgorithmException, str), exc);
        }
        if (!(exc instanceof CertificateException)) {
            throw new CertificateException(exc.getClass().getName(), exc);
        }
        throw new CertificateException(NLS.bind(SSLMessages.Error_TrustStoreCertificateException, str), exc);
    }

    public static void hookIntoDefaultSSLContext() {
        try {
            TrustManager[] trustManagerArr = {new DynamicX509TrustManager()};
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, trustManagerArr, null);
            HostnameVerifier hostnameVerifier = new HostnameVerifier() { // from class: com.ibm.etools.mft.navigator.startup.DynamicX509TrustManager.1
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    boolean z = false;
                    if (str != null && sSLSession != null && str.equals(sSLSession.getPeerHost())) {
                        z = true;
                    }
                    return z;
                }
            };
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
            HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
            SSLContext.setDefault(sSLContext);
        } catch (Exception e) {
            NavigatorPlugin.getInstance().getLog().log(new Status(4, "DynamicX509TrustManager", 4, e.getLocalizedMessage(), e));
        }
    }
}
