package com.ibm.mq.ese.pki;

import com.ibm.mq.ese.config.KeyStoreConfig;
import com.ibm.mq.ese.core.AMBIException;
import com.ibm.mq.ese.core.Lifecycle;
import com.ibm.mq.ese.core.SecurityProvider;
import com.ibm.mq.ese.nls.AmsErrorMessageInserts;
import com.ibm.mq.ese.nls.AmsErrorMessages;
import com.ibm.msg.client.commonservices.trace.Trace;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.AccessControlException;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Arrays;
import java.util.HashMap;
import java.util.regex.Pattern;

/* loaded from: input_file:lib/com.ibm.mq.jmqi.jar:com/ibm/mq/ese/pki/KeyStoreAccessJCEKSImpl.class */
public class KeyStoreAccessJCEKSImpl extends AbstractKeyStoreAccess implements Lifecycle {
    static final String copyright_notice = "Licensed Materials - Property of IBM 5724-H72, 5655-R36, 5724-L26, 5655-L82, 5724-Z94 (c) Copyright IBM Corp. 2010, 2011, 2012 All Rights Reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    public static final String sccsid = "@(#) MQMBID sn=p750-004-140807 su=_pY8W4B4HEeS1ypf5zzZGLw pn=com.ibm.mq.ese/src/com/ibm/mq/ese/pki/KeyStoreAccessJCEKSImpl.java";
    public static final int KS_SECONDARY = 1;

    public KeyStoreAccessJCEKSImpl(KeyStoreConfig keyStoreConfig) {
        super(keyStoreConfig);
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.mq.ese.pki.KeyStoreAccessJCEKSImpl", "KeyStoreAccessJCEKSImpl(KeyStoreConfig)");
        }
        if (this.keyStoreProvider != null && this.keyStoreProvider.equals(SecurityProvider.Provider.IBMJCEFIPS)) {
            if (Trace.isOn) {
                Trace.traceInfo(this, "com.ibm.mq.ese.pki.KeyStoreAccessJCEKSImpl", "KeyStoreAccessJCEKSImpl(KeyStoreConfig)", "keyStoreFile: '" + this.keyStoreFile + "' will be using IBMJCE as a keystore provider", "");
            }
            this.keyStoreProvider = SecurityProvider.getProvider();
        }
        this.keyStorePassword = keyStoreConfig.getKeyStorePassword();
        setPkeyPass(keyStoreConfig);
        if (Trace.isOn) {
            Trace.exit(this, "com.ibm.mq.ese.pki.KeyStoreAccessJCEKSImpl", "KeyStoreAccessJCEKSImpl(KeyStoreConfig)");
        }
    }

    public KeyStoreAccessJCEKSImpl(KeyStoreConfig keyStoreConfig, int i) {
        this(keyStoreConfig);
        if (i == 1) {
            this.keyStoreType = KeyStoreConfig.KeystoreType.KEYSTORE_JCEKS;
            if (this.keyStoreProvider != null && !this.keyStoreProvider.equals(SecurityProvider.Provider.IBMJCE) && !this.keyStoreProvider.equals(SecurityProvider.Provider.IBMJCEFIPS)) {
                this.keyStoreProvider = SecurityProvider.Provider.IBMJCE;
            }
            this.keyStoreFile = keyStoreConfig.getSecondaryKeyStorePath();
            this.keyStorePassword = keyStoreConfig.getSecondaryKeyStorePass();
            this.passwordsProtected = false;
        }
    }

    protected void openKeyStore() throws AMBIException {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.mq.ese.pki.KeyStoreAccessJCEKSImpl", "openKeyStore()");
        }
        FileInputStream fileInputStream = null;
        try {
            if (this.ks == null) {
                try {
                    if (this.keyStoreProvider == null) {
                        this.ks = KeyStore.getInstance(this.keyStoreType);
                    } else {
                        this.ks = KeyStore.getInstance(this.keyStoreType, this.keyStoreProvider);
                    }
                    File accessKeystoreFile = accessKeystoreFile(this.keyStoreFile);
                    FileInputStream fileInputStream2 = new FileInputStream(accessKeystoreFile);
                    this.ks.load(fileInputStream2, null);
                    fileInputStream2.close();
                    if (this.passwordsProtected) {
                        this.keyStoreEncPassword = this.keyStoreEncPassword.replaceAll(Pattern.quote("\\r\\n"), "\r\n");
                        this.keyStoreEncPassword = this.keyStoreEncPassword.replaceAll(Pattern.quote("\\="), "=");
                        this.keyStorePassword = decryptPassword(this.keyStoreEncPassword);
                        this.pkeyEncPassword = this.pkeyEncPassword.replaceAll(Pattern.quote("\\r\\n"), "\r\n");
                        this.pkeyEncPassword = this.pkeyEncPassword.replaceAll(Pattern.quote("\\="), "=");
                        this.pkeyPassword = decryptPassword(this.pkeyEncPassword);
                    }
                    if (this.keyStoreProvider == null) {
                        this.ks = KeyStore.getInstance(this.keyStoreType);
                    } else {
                        this.ks = KeyStore.getInstance(this.keyStoreType, this.keyStoreProvider);
                    }
                    fileInputStream = new FileInputStream(accessKeystoreFile);
                    this.ks.load(fileInputStream, this.keyStorePassword);
                    fileInputStream.close();
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                        }
                    }
                } catch (AMBIException e2) {
                    throw e2;
                } catch (Exception e3) {
                    HashMap hashMap = new HashMap();
                    hashMap.put(AmsErrorMessageInserts.AMS_INSERT_FILENAME, this.keyStoreFile);
                    throw new AMBIException(AmsErrorMessages.mju_error_keystore_init_failed, hashMap, e3);
                }
            }
            if (Trace.isOn) {
                Trace.exit(this, "com.ibm.mq.ese.pki.KeyStoreAccessJCEKSImpl", "openKeyStore()");
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }

    static File accessKeystoreFile(String str) throws AMBIException {
        File file;
        SecurityException securityException = null;
        for (String str2 : new String[]{".jks", ".jceks", "", ".jck"}) {
            try {
                file = new File(str + str2);
            } catch (SecurityException e) {
                if (securityException == null) {
                    securityException = e;
                }
            }
            if (file.exists()) {
                return file;
            }
        }
        if (securityException != null) {
            HashMap hashMap = new HashMap();
            hashMap.put(AmsErrorMessageInserts.AMS_INSERT_FILENAME, str);
            throw new AMBIException(AmsErrorMessages.mju_error_keystore_init_failed, hashMap, new AccessControlException(str));
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put(AmsErrorMessageInserts.AMS_INSERT_FILENAME, str);
        throw new AMBIException(AmsErrorMessages.mju_error_keystore_init_failed, hashMap2, new FileNotFoundException(str));
    }

    @Override // com.ibm.mq.ese.core.Lifecycle
    public void init() throws AMBIException {
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.mq.ese.pki.KeyStoreAccessJCEKSImpl.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    KeyStoreAccessJCEKSImpl.this.openKeyStore();
                    return null;
                }
            });
            if (this.keyStorePassword != null) {
                Arrays.fill(this.keyStorePassword, (char) 0);
            }
        } catch (PrivilegedActionException e) {
            if (!(e.getException() instanceof AMBIException)) {
                throw new AMBIException(e.getException());
            }
            throw ((AMBIException) e.getException());
        }
    }

    @Override // com.ibm.mq.ese.core.Lifecycle
    public void cleanUp() throws AMBIException {
    }

    static {
        if (Trace.isOn) {
            Trace.data("com.ibm.mq.ese.pki.KeyStoreAccessJCEKSImpl", "static", "SCCS id", (Object) sccsid);
        }
    }
}
