package com.ibm.ws.ssl;

import com.ibm.ejs.container.util.MethodAttribUtils;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.etools.emf.ref.EList;
import com.ibm.ivj.ejb.runtime.AbstractAccessBean;
import com.ibm.net.ssl.KeyManager;
import com.ibm.net.ssl.KeyManagerFactory;
import com.ibm.net.ssl.SSLContext;
import com.ibm.net.ssl.TrustManager;
import com.ibm.net.ssl.TrustManagerFactory;
import com.ibm.websphere.models.config.ipc.ssl.CryptoHardwareToken;
import com.ibm.websphere.models.config.ipc.ssl.SecureSocketLayer;
import com.ibm.websphere.models.config.properties.Property;
import com.ibm.ws.security.orbssl.WSPKCSInKeyStore;
import com.ibm.ws.security.orbssl.WSPKCSInKeyStoreList;
import com.ibm.ws.security.orbssl.WSX509KeyManager;
import com.ibm.ws.security.util.SASPropFile;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Properties;
import java.util.StringTokenizer;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;

/* loaded from: input_file:runtime/utils.jar:com/ibm/ws/ssl/SSLConfig.class */
public class SSLConfig {
    private static TraceComponent tc;
    private static WSPKCSInKeyStoreList pKSL;
    public static final String PROTOCOL = "com.ibm.ssl.protocol";
    public static final String KEY_MANAGER = "com.ibm.ssl.keyManager";
    public static final String KEY_STORE_TYPE = "com.ibm.ssl.keyStoreType";
    public static final String KEY_STORE_PROVIDER = "com.ibm.ssl.keyStoreProvider";
    public static final String KEY_FILE_NAME = "com.ibm.ssl.keyStore";
    public static final String KEY_FILE_PASSWORD = "com.ibm.ssl.keyStorePassword";
    public static final String TRUST_MANAGER = "com.ibm.ssl.trustManager";
    public static final String TRUST_STORE_TYPE = "com.ibm.ssl.trustStoreType";
    public static final String TRUST_STORE_PROVIDER = "com.ibm.ssl.trustStoreProvider";
    public static final String TRUST_FILE_NAME = "com.ibm.ssl.trustStore";
    public static final String TRUST_FILE_PASSWORD = "com.ibm.ssl.trustStorePassword";
    public static final String ENABLED_CIPHER_SUITES = "com.ibm.ssl.enabledCipherSuites";
    public static final String CLIENT_AUTH = "com.ibm.ssl.clientAuthentication";
    public static final String CONTEXT_PROVIDER = "com.ibm.ssl.contextProvider";
    public static final String SECURITY_LEVEL = "com.ibm.ssl.securityLevel";
    public static final String TOKEN_TYPE = "com.ibm.ssl.tokenType";
    public static final String TOKEN_LIBRARY_FILE = "com.ibm.ssl.tokenLibraryFile";
    public static final String TOKEN_PASSWORD = "com.ibm.ssl.tokenPassword";
    public static final String CLIENT_KEY_ALIAS = "com.ibm.ssl.keyStoreClientAlias";
    public static final String SERVER_KEY_ALIAS = "com.ibm.ssl.keyStoreServerAlias";
    public static final String CLIENT_SIDE = "client";
    public static final String SERVER_SIDE = "server";
    public static final String[] PROP_NAMES;
    public static final String[] HIGH_CIPHER_SUITES;
    public static final String[] MEDIUM_CIPHER_SUITES;
    public static final String[] LOW_SERVER_CIPHER_SUITES;
    public static final String[] LOW_CLIENT_CIPHER_SUITES;
    public static final String[] CONFIDENTIALITY_CIPHER_SUITES;
    public static final String[] INTEGRITY_CIPHER_SUITES;
    public static final String[] AUTHENTICITY_CIPHER_SUITES;
    private static final SSLConfig defaultClientConfig;
    private static final SSLConfig defaultServerConfig;
    private boolean isServer;
    private String prefix;
    private SSLConfig parent;
    private javax.net.ssl.SSLSocketFactory socketFactory;
    private javax.net.ssl.SSLServerSocketFactory serverSocketFactory;
    private final HashMap myProps;
    static Class class$com$ibm$ws$ssl$SSLConfig;

    public static SSLConfig getDefaultClientConfig() {
        return defaultClientConfig;
    }

    public static SSLConfig getDefaultServerConfig() {
        return defaultServerConfig;
    }

    public SSLConfig(boolean z) {
        this.socketFactory = null;
        this.serverSocketFactory = null;
        this.myProps = new HashMap();
        this.parent = null;
        this.prefix = AbstractAccessBean.DEFAULT_INSTANCENAME;
        this.isServer = z;
        if (z) {
            setProtocol("SSL");
        } else {
            setProtocol("SSLv3");
        }
        setKeyManager("IbmX509");
        setKeyStoreType("JKS");
        setTrustManager("IbmX509");
        setTrustStoreType("JKS");
        setSecurityLevel("high");
        setTokenType("PKCS#11");
        setEnabledCipherSuites(null);
    }

    public SSLConfig(SSLConfig sSLConfig, String str) {
        this.socketFactory = null;
        this.serverSocketFactory = null;
        this.myProps = new HashMap();
        this.parent = sSLConfig;
        this.prefix = str;
    }

    public void init(Properties properties) throws IllegalArgumentException {
        Enumeration<?> propertyNames = properties.propertyNames();
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            setValue(str.substring(this.prefix.length()), properties.get(str));
        }
    }

    public void init(SecureSocketLayer secureSocketLayer) {
        if (secureSocketLayer == null) {
            return;
        }
        String checkKeyStoreType = checkKeyStoreType(secureSocketLayer.getStringKeyFileFormat());
        if (hasValue(checkKeyStoreType)) {
            setKeyStoreType(checkKeyStoreType);
        }
        String keyFileName = secureSocketLayer.getKeyFileName();
        if (hasValue(keyFileName)) {
            setKeyFileName(keyFileName);
        }
        String keyFilePassword = secureSocketLayer.getKeyFilePassword();
        if (hasValue(keyFilePassword)) {
            setKeyFilePassword(keyFilePassword);
        }
        String checkKeyStoreType2 = checkKeyStoreType(secureSocketLayer.getStringTrustFileFormat());
        if (hasValue(checkKeyStoreType2)) {
            setTrustStoreType(checkKeyStoreType2);
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "TrustFileFormat was not specified, defualt to KeyFileFormat value");
            }
            setTrustStoreType(checkKeyStoreType);
        }
        String trustFileName = secureSocketLayer.getTrustFileName();
        if (hasValue(trustFileName)) {
            setTrustFileName(trustFileName);
        }
        String trustFilePassword = secureSocketLayer.getTrustFilePassword();
        if (hasValue(trustFilePassword)) {
            setTrustFilePassword(trustFilePassword);
        }
        String stringSecurityLevel = secureSocketLayer.getStringSecurityLevel();
        if (hasValue(stringSecurityLevel)) {
            setSecurityLevel(stringSecurityLevel);
        }
        Boolean clientAuthentication = secureSocketLayer.getClientAuthentication();
        if (clientAuthentication != null) {
            setClientAuthentication(clientAuthentication);
        }
        Boolean enableCryptoHardwareSupport = secureSocketLayer.getEnableCryptoHardwareSupport();
        if (enableCryptoHardwareSupport != null && enableCryptoHardwareSupport.booleanValue()) {
            CryptoHardwareToken cryptoHardware = secureSocketLayer.getCryptoHardware();
            if (cryptoHardware.isSetTokenType()) {
                setTokenType(cryptoHardware.getTokenType());
            }
            if (cryptoHardware.isSetLibraryFile()) {
                setTokenLibraryFile(cryptoHardware.getLibraryFile());
            }
            if (cryptoHardware.isSetPassword()) {
                setTokenPassword(cryptoHardware.getPassword());
            }
        }
        EList properties = secureSocketLayer.getProperties();
        if (properties != null) {
            for (int i = 0; i < properties.size(); i++) {
                Property property = (Property) properties.get(i);
                String value = property.getValue();
                if (hasValue(value)) {
                    setValue(property.getName(), value);
                }
            }
        }
    }

    public String getProperty(String str) {
        return ("com.ibm.ssl.enabledCipherSuites".equals(str) || "com.ibm.ssl.clientAuthentication".equals(str)) ? "com.ibm.ssl.enabledCipherSuites".equals(str) ? makeString((String[]) getValue(str)) : ((Boolean) getValue(str)).toString() : (String) getValue(str);
    }

    public void setProperty(String str, String str2) throws IllegalArgumentException {
        setValue(str, str2);
    }

    private Object getValue(String str) {
        Object obj = this.myProps.get(str);
        return (obj != null || this.parent == null) ? obj : this.parent.getValue(str);
    }

    private void setValue(String str, Object obj) throws IllegalArgumentException {
        if (str.equals("com.ibm.ssl.clientAuthentication") && (obj instanceof String)) {
            obj = new Boolean((String) obj);
        } else if (str.equals("com.ibm.ssl.enabledCipherSuites") && (obj instanceof String)) {
            obj = makeStringArray((String) obj);
        }
        iSetValue(str, obj);
    }

    private void iSetValue(String str, Object obj) {
        Object obj2 = this.myProps.get(str);
        if ((obj2 == null || !obj2.equals(obj)) && obj != null) {
            if ((obj instanceof String) && ((String) obj).length() == 0) {
                return;
            }
            if (tc.isDebugEnabled()) {
                if (str.indexOf("Password") != -1) {
                    Tr.debug(tc, new StringBuffer().append("SSL property: name=").append(str).append("; value=").append("*****").toString());
                } else {
                    Tr.debug(tc, new StringBuffer().append("SSL property: name=").append(str).append("; value=").append(obj).toString());
                }
            }
            this.myProps.put(str, obj);
            this.socketFactory = null;
            this.serverSocketFactory = null;
        }
    }

    public boolean isServer() {
        return this.isServer;
    }

    public boolean isClient() {
        return !this.isServer;
    }

    public String getProtocol() {
        return getProperty("com.ibm.ssl.protocol");
    }

    public void setProtocol(String str) {
        iSetValue("com.ibm.ssl.protocol", str);
    }

    public String getKeyManager() {
        return getProperty("com.ibm.ssl.keyManager");
    }

    public void setKeyManager(String str) {
        iSetValue("com.ibm.ssl.keyManager", str);
    }

    public String getKeyStoreType() {
        return getProperty("com.ibm.ssl.keyStoreType");
    }

    public void setKeyStoreType(String str) {
        iSetValue("com.ibm.ssl.keyStoreType", str);
    }

    public String getKeyStoreProvider() {
        return getProperty("com.ibm.ssl.keyStoreProvider");
    }

    public void setKeyStoreProvider(String str) {
        iSetValue("com.ibm.ssl.keyStoreProvider", str);
    }

    public String getContextProvider() {
        return getProperty("com.ibm.ssl.contextProvider");
    }

    public void setContextProvider(String str) {
        iSetValue("com.ibm.ssl.contextProvider", str);
    }

    public String getKeyFileName() {
        return getProperty("com.ibm.ssl.keyStore");
    }

    public void setKeyFileName(String str) {
        iSetValue("com.ibm.ssl.keyStore", str);
    }

    public String getKeyFilePassword() {
        return getProperty("com.ibm.ssl.keyStorePassword");
    }

    public void setKeyFilePassword(String str) {
        iSetValue("com.ibm.ssl.keyStorePassword", str);
    }

    public String getTrustManager() {
        return getProperty("com.ibm.ssl.trustManager");
    }

    public void setTrustManager(String str) {
        iSetValue("com.ibm.ssl.trustManager", str);
    }

    public String getTrustStoreType() {
        return getProperty("com.ibm.ssl.trustStoreType");
    }

    public void setTrustStoreType(String str) {
        iSetValue("com.ibm.ssl.trustStoreType", str);
    }

    public String getTrustStoreProvider() {
        return getProperty("com.ibm.ssl.trustStoreProvider");
    }

    public void setTrustStoreProvider(String str) {
        iSetValue("com.ibm.ssl.trustStoreProvider", str);
    }

    public String getTrustFileName() {
        return getProperty("com.ibm.ssl.trustStore");
    }

    public void setTrustFileName(String str) {
        iSetValue("com.ibm.ssl.trustStore", str);
    }

    public String getTrustFilePassword() {
        return getProperty("com.ibm.ssl.trustStorePassword");
    }

    public void setTrustFilePassword(String str) {
        iSetValue("com.ibm.ssl.trustStorePassword", str);
    }

    public Boolean getClientAuthentication() {
        return (Boolean) getValue("com.ibm.ssl.clientAuthentication");
    }

    public void setClientAuthentication(Boolean bool) {
        iSetValue("com.ibm.ssl.clientAuthentication", bool);
    }

    public String getKeyStoreClientAlias() {
        return (String) getValue("com.ibm.ssl.keyStoreClientAlias");
    }

    public void setKeyStoreClientAlias(String str) {
        iSetValue("com.ibm.ssl.keyStoreClientAlias", str);
    }

    public String getKeyStoreServerAlias() {
        return (String) getValue("com.ibm.ssl.keyStoreServerAlias");
    }

    public void setKeyStoreServerAlias(String str) {
        iSetValue("com.ibm.ssl.keyStoreServerAlias", str);
    }

    public String[] getEnabledCipherSuites() {
        String securityLevel = getSecurityLevel();
        String[] strArr = (String[]) getValue("com.ibm.ssl.enabledCipherSuites");
        if (strArr != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("enabledCipherSuites ").append(strArr).toString());
            }
            return strArr;
        }
        if (!hasValue(securityLevel)) {
            Tr.warning(tc, "security.ssl.config.initialization.warning.badSecurityLevel");
            return HIGH_CIPHER_SUITES;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("Use default set of Cipher Suites of level ").append(securityLevel).toString());
        }
        if (securityLevel.equalsIgnoreCase("high")) {
            return HIGH_CIPHER_SUITES;
        }
        if (securityLevel.equalsIgnoreCase("medium")) {
            return MEDIUM_CIPHER_SUITES;
        }
        if (securityLevel.equalsIgnoreCase("low")) {
            return this.isServer ? LOW_SERVER_CIPHER_SUITES : LOW_CLIENT_CIPHER_SUITES;
        }
        if (securityLevel.equalsIgnoreCase("confidentiality")) {
            return CONFIDENTIALITY_CIPHER_SUITES;
        }
        if (securityLevel.equalsIgnoreCase("integrity")) {
            return INTEGRITY_CIPHER_SUITES;
        }
        if (securityLevel.equalsIgnoreCase("authenticity")) {
            return AUTHENTICITY_CIPHER_SUITES;
        }
        Tr.warning(tc, "security.ssl.config.initialization.warning.badSecurityLevel");
        return HIGH_CIPHER_SUITES;
    }

    public void setEnabledCipherSuites(String[] strArr) {
        iSetValue("com.ibm.ssl.enabledCipherSuites", strArr);
    }

    public String getSecurityLevel() {
        return getProperty("com.ibm.ssl.securityLevel");
    }

    public void setSecurityLevel(String str) {
        iSetValue("com.ibm.ssl.securityLevel", str);
    }

    public String getTokenType() {
        return getProperty("com.ibm.ssl.tokenType");
    }

    public void setTokenType(String str) {
        iSetValue("com.ibm.ssl.tokenType", str);
    }

    public String getTokenLibraryFile() {
        return getProperty("com.ibm.ssl.tokenLibraryFile");
    }

    public void setTokenLibraryFile(String str) {
        iSetValue("com.ibm.ssl.tokenLibraryFile", str);
    }

    public String getTokenPassword() {
        return getProperty("com.ibm.ssl.tokenPassword");
    }

    public void setTokenPassword(String str) {
        iSetValue("com.ibm.ssl.tokenPassword", str);
    }

    public javax.net.ssl.SSLSocketFactory getSocketFactory() throws Exception {
        if (this.socketFactory == null) {
            synchronized (this) {
                if (this.socketFactory == null) {
                    this.socketFactory = getSSLContext(CLIENT_SIDE).getSocketFactory();
                }
            }
        }
        return this.socketFactory;
    }

    public javax.net.ssl.SSLServerSocketFactory getServerSocketFactory() throws Exception {
        if (this.serverSocketFactory == null) {
            synchronized (this) {
                if (this.serverSocketFactory == null) {
                    this.serverSocketFactory = getSSLContext(SERVER_SIDE).getServerSocketFactory();
                }
            }
        }
        return this.serverSocketFactory;
    }

    public SSLSocket configure(Socket socket) {
        SSLSocket sSLSocket = (SSLSocket) socket;
        String[] enabledCipherSuites = getEnabledCipherSuites();
        if (enabledCipherSuites != null) {
            sSLSocket.setEnabledCipherSuites(enabledCipherSuites);
        }
        return sSLSocket;
    }

    public SSLServerSocket configure(ServerSocket serverSocket) {
        SSLServerSocket sSLServerSocket = (SSLServerSocket) serverSocket;
        String[] enabledCipherSuites = getEnabledCipherSuites();
        if (enabledCipherSuites != null) {
            sSLServerSocket.setEnabledCipherSuites(enabledCipherSuites);
        }
        Boolean clientAuthentication = getClientAuthentication();
        if (clientAuthentication != null) {
            sSLServerSocket.setNeedClientAuth(clientAuthentication.booleanValue());
        }
        return sSLServerSocket;
    }

    private SSLContext getSSLContext(String str) throws Exception {
        try {
            SSLContext sSLContext = hasValue(getContextProvider()) ? SSLContext.getInstance(getProtocol(), getContextProvider()) : SSLContext.getInstance(getProtocol());
            String property = !hasValue(getProperty("com.ibm.ssl.tokenSlot")) ? "0" : getProperty("com.ibm.ssl.tokenSlot");
            String tokenLibraryFile = getTokenLibraryFile();
            String str2 = AbstractAccessBean.DEFAULT_INSTANCENAME;
            String str3 = AbstractAccessBean.DEFAULT_INSTANCENAME;
            int i = -1;
            int i2 = -1;
            if (hasValue(tokenLibraryFile)) {
                tokenLibraryFile = new StringBuffer().append(tokenLibraryFile).append(MethodAttribUtils.METHOD_ARGLIST_SEP).append(property).toString();
                if (str.equalsIgnoreCase(CLIENT_SIDE)) {
                    str2 = getKeyStoreClientAlias();
                    i = Integer.valueOf(property).intValue();
                }
                if (str.equalsIgnoreCase(SERVER_SIDE)) {
                    str3 = getKeyStoreServerAlias();
                    i2 = Integer.valueOf(property).intValue();
                    str2 = getKeyStoreClientAlias();
                    i = Integer.valueOf(property).intValue();
                }
            }
            TrustManagerFactory trustManagerFactory = null;
            TrustManager[] trustManagerArr = null;
            if (hasValue(getTrustFileName()) && hasValue(getTrustFilePassword())) {
                KeyStore keyStore = getKeyStore(getTrustStoreType(), getTrustStoreProvider(), getTrustFileName(), getTrustFilePassword());
                trustManagerFactory = hasValue(getContextProvider()) ? TrustManagerFactory.getInstance(getTrustManager(), getContextProvider()) : TrustManagerFactory.getInstance(getTrustManager());
                trustManagerFactory.init(keyStore);
            } else if (hasValue(tokenLibraryFile)) {
                WSPKCSInKeyStore insert = pKSL.insert(getTokenType(), tokenLibraryFile, getTokenPassword(), false);
                if (insert != null) {
                    insert.getTS();
                    trustManagerFactory = insert.getTMF();
                } else {
                    Tr.error(tc, "Unable to get a PKCS keystore.");
                }
            }
            if (trustManagerFactory != null) {
                trustManagerArr = trustManagerFactory.getTrustManagers();
            }
            KeyStore keyStore2 = null;
            char[] cArr = null;
            KeyManagerFactory keyManagerFactory = null;
            if (hasValue(getKeyFileName()) && hasValue(getKeyFilePassword())) {
                keyStore2 = getKeyStore(getKeyStoreType(), getKeyStoreProvider(), getKeyFileName(), getKeyFilePassword());
                keyManagerFactory = hasValue(getContextProvider()) ? KeyManagerFactory.getInstance(getKeyManager(), getContextProvider()) : KeyManagerFactory.getInstance(getKeyManager());
                if (hasValue(getKeyFilePassword())) {
                    cArr = getKeyFilePassword().toCharArray();
                }
                try {
                    keyManagerFactory.init(keyStore2, cArr);
                    keyManagerFactory.getKeyManagers();
                } catch (UnrecoverableKeyException e) {
                    if (cArr == null) {
                        throw new UnrecoverableKeyException(new StringBuffer().append(e.getMessage()).append(": unspecified password for file '").append(getKeyFileName()).append("'").toString());
                    }
                    throw new UnrecoverableKeyException(new StringBuffer().append(e.getMessage()).append(": invalid password for file '").append(getKeyFileName()).append("'").toString());
                }
            } else if (hasValue(tokenLibraryFile)) {
                WSPKCSInKeyStore insert2 = pKSL.insert(getTokenType(), tokenLibraryFile, getTokenPassword(), true);
                if (insert2 != null) {
                    keyStore2 = insert2.getKS();
                    keyManagerFactory = insert2.getKMF();
                } else {
                    Tr.error(tc, "Unable to get a PKCS keystore.");
                }
            }
            if (str.equalsIgnoreCase(CLIENT_SIDE)) {
                KeyManager wSX509KeyManager = new WSX509KeyManager(keyStore2, cArr, keyManagerFactory);
                if (wSX509KeyManager == null || wSX509KeyManager.getX509KeyManager() == null || !hasValue(str2)) {
                    sSLContext.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, trustManagerArr, (SecureRandom) null);
                } else {
                    wSX509KeyManager.setClientAlias(str2, i);
                    sSLContext.init(new KeyManager[]{wSX509KeyManager}, trustManagerArr, (SecureRandom) null);
                }
            } else if (str.equalsIgnoreCase(SERVER_SIDE)) {
                KeyManager wSX509KeyManager2 = new WSX509KeyManager(keyStore2, cArr, keyManagerFactory);
                if (wSX509KeyManager2 == null || wSX509KeyManager2.getX509KeyManager() == null || !(hasValue(str3) || hasValue(str2))) {
                    sSLContext.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, trustManagerArr, (SecureRandom) null);
                } else {
                    if (hasValue(str2)) {
                        wSX509KeyManager2.setClientAlias(str2, i);
                    }
                    if (hasValue(str3)) {
                        wSX509KeyManager2.setServerAlias(str3, i2);
                    }
                    sSLContext.init(new KeyManager[]{wSX509KeyManager2}, trustManagerArr, (SecureRandom) null);
                }
            }
            return sSLContext;
        } catch (Exception e2) {
            Tr.error(tc, "Unable to get SSL context: ", e2.getLocalizedMessage());
            throw e2;
        }
    }

    private KeyStore getKeyStore(String str, String str2, String str3, String str4) throws Exception {
        KeyStore keyStore = null;
        boolean z = true;
        int i = 0;
        while (z) {
            keyStore = hasValue(str2) ? KeyStore.getInstance(str, str2) : KeyStore.getInstance(str);
            FileInputStream fileInputStream = new FileInputStream(str3);
            char[] cArr = null;
            if (hasValue(str4)) {
                cArr = str4.toCharArray();
            }
            try {
                keyStore.load(fileInputStream, cArr);
                z = false;
            } catch (IOException e) {
                if (!e.getMessage().equalsIgnoreCase("Invalid keystore format") && e.getMessage().indexOf("DerInputStream.getLength()") == -1) {
                    throw e;
                }
                Tr.warning(tc, "security.ssl.config.initialization.warning.invalidkeystoretype");
                if (str.equalsIgnoreCase("JKS")) {
                    str = "JCEKS";
                } else if (str.equalsIgnoreCase("JCEKS")) {
                    str = "PKCS12";
                } else if (str.equalsIgnoreCase("PKCS12")) {
                    str = "JCEKS";
                }
                int i2 = i;
                i++;
                if (i2 > 1) {
                    throw e;
                }
            }
        }
        return keyStore;
    }

    private boolean hasValue(String str) {
        return str != null && str.length() > 0;
    }

    private String[] makeStringArray(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str);
        int i = 0;
        while (stringTokenizer.hasMoreTokens()) {
            stringTokenizer.nextToken();
            i++;
        }
        String[] strArr = new String[i];
        StringTokenizer stringTokenizer2 = new StringTokenizer(str);
        for (int i2 = 0; i2 < i; i2++) {
            strArr[i2] = stringTokenizer2.nextToken();
        }
        return strArr;
    }

    private String makeString(String[] strArr) {
        if (strArr == null || strArr.length == 0) {
            return null;
        }
        String str = strArr[0];
        for (int i = 1; i < strArr.length; i++) {
            str = new StringBuffer().append(new StringBuffer().append(str).append(" ").toString()).append(strArr[i]).toString();
        }
        return str;
    }

    public void print() {
        if (tc.isDebugEnabled()) {
            for (int i = 0; i < PROP_NAMES.length; i++) {
                Tr.debug(tc, new StringBuffer().append(PROP_NAMES[i]).append(" = ").append(getValue(PROP_NAMES[i])).toString());
            }
        }
    }

    private String checkKeyStoreType(String str) {
        return (str == null || !str.equalsIgnoreCase("JCEK")) ? str : "JCEKS";
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$ssl$SSLConfig == null) {
            cls = class$("com.ibm.ws.ssl.SSLConfig");
            class$com$ibm$ws$ssl$SSLConfig = cls;
        } else {
            cls = class$com$ibm$ws$ssl$SSLConfig;
        }
        tc = Tr.register(cls.getName(), "SSL");
        pKSL = new WSPKCSInKeyStoreList();
        PROP_NAMES = SASPropFile.SSL_PROP_NAMES;
        HIGH_CIPHER_SUITES = new String[]{"SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"};
        MEDIUM_CIPHER_SUITES = new String[]{"SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"};
        LOW_SERVER_CIPHER_SUITES = new String[]{"SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA", "SSL_DH_anon_WITH_RC4_128_MD5", "SSL_DH_anon_WITH_DES_CBC_SHA", "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"};
        LOW_CLIENT_CIPHER_SUITES = new String[]{"SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA"};
        CONFIDENTIALITY_CIPHER_SUITES = new String[]{"SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"};
        INTEGRITY_CIPHER_SUITES = new String[]{"SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA"};
        AUTHENTICITY_CIPHER_SUITES = new String[]{"SSL_NULL_WITH_NULL_NULL"};
        defaultClientConfig = new SSLConfig(false);
        defaultServerConfig = new SSLConfig(true);
    }
}
