package com.ibm.rational.clearcase.remote_core.rpc;

import com.ibm.icu.impl.locale.BaseLocale;
import com.ibm.rational.clearcase.remote_core.util.CCLog;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:remote_core.jar:com/ibm/rational/clearcase/remote_core/rpc/KeyTrustUtil.class */
public class KeyTrustUtil {
    private int m_aliasNum = 0;
    private boolean m_isKeyStoreLoaded = false;
    private static final String USER_HOME = System.getProperty("user.home");
    private static final String JAVA_HOME = System.getProperty("java.home");
    private static final String SEP = System.getProperty("file.separator");
    private static final String SSL_TRUST_STORE_LOCATION = System.getProperty("javax.net.ssl.trustStore");
    private static final String DEFAULT_USER_KEYSTORE = ".keystore";
    private static final String UNABLE_TO_INSTALL_CERT = "Unable to install certificate: ";
    private static final String ALIAS_NOT_UNIQUE = "Cannot install certificate because failed to create unique alias for certificate.";
    private static final String UNABLE_TO_WRITE_CERT = "Unable to write certificate to keystore file";
    private static final String ERROR_READING_KEYSTORE_FILE = "I/O problem while reading keystore file";
    private static final String ERROR_READING_CERTS_FROM_KEYSTORE = "Unable to read some certificates from keystore file";
    private static final String UNABLE_READ_ANY_TRUSTED_CERT_KEYSTORES = "Unable to read any trusted certificate keystores: ";
    private static final String ERROR_MERGING_KEYSTORES = "Unable to merge trusted certificate keystores: ";
    private static final String UNABLE_TO_FIND_TRUSTED_KEYSTORES_AT_PATH = "Unable to locate any trusted certificate keystores in the following path: ";
    private static final String UNABLE_TO_FIND_LOCAL_CERTS = "Unable to find local security certificates.";

    public static KeyTrustUtil getInstance() {
        return new KeyTrustUtil();
    }

    private KeyTrustUtil() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TrustManagerFactory getX509TrustFactory() {
        TrustManagerFactory iBMX509TrustFactory = getIBMX509TrustFactory();
        if (iBMX509TrustFactory == null) {
            iBMX509TrustFactory = getSunX509TrustFactory();
        }
        return iBMX509TrustFactory;
    }

    private TrustManagerFactory getIBMX509TrustFactory() {
        return getX509TrustFactory("IbmX509");
    }

    private TrustManagerFactory getSunX509TrustFactory() {
        return getX509TrustFactory("SunX509");
    }

    private TrustManagerFactory getX509TrustFactory(String str) {
        TrustManagerFactory trustManagerFactory = null;
        try {
            trustManagerFactory = TrustManagerFactory.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
        }
        return trustManagerFactory;
    }

    KeyStore getKeyStore(String str) throws CertificateException {
        try {
            KeyStore readKeyStore = readKeyStore(new File(str));
            if (readKeyStore == null) {
                readKeyStore = KeyStore.getInstance("JKS");
                readKeyStore.load(null, null);
            }
            return readKeyStore;
        } catch (Exception e) {
            throw new CertificateException(ERROR_READING_KEYSTORE_FILE + str + ": " + e.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyStore initEmptyKeyStore(String str) throws KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(str);
        try {
            keyStore.load(null, null);
        } catch (Exception e) {
        }
        return keyStore;
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x004c, code lost:
    
        r6.setCertificateEntry(r9, r7);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    void addCertificateToKeyStore(java.security.KeyStore r6, java.security.cert.X509Certificate r7) throws java.security.cert.CertificateException {
        /*
            r5 = this;
            r0 = r5
            r1 = r7
            java.security.Principal r1 = r1.getSubjectDN()
            java.lang.String r1 = r1.getName()
            java.lang.String r0 = r0.generateAliasString(r1)
            r8 = r0
            r0 = r8
            r9 = r0
            java.util.Random r0 = new java.util.Random
            r1 = r0
            r1.<init>()
            r10 = r0
            r0 = 10
            r11 = r0
            r0 = 0
            r12 = r0
        L21:
            r0 = r12
            r1 = 10
            if (r0 >= r1) goto L5c
            r0 = r6
            r1 = r9
            boolean r0 = r0.containsAlias(r1)     // Catch: java.security.KeyStoreException -> L5f
            if (r0 == 0) goto L4c
            java.lang.StringBuilder r0 = new java.lang.StringBuilder     // Catch: java.security.KeyStoreException -> L5f
            r1 = r0
            r1.<init>()     // Catch: java.security.KeyStoreException -> L5f
            r1 = r8
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.security.KeyStoreException -> L5f
            r1 = r10
            int r1 = r1.nextInt()     // Catch: java.security.KeyStoreException -> L5f
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.security.KeyStoreException -> L5f
            java.lang.String r0 = r0.toString()     // Catch: java.security.KeyStoreException -> L5f
            r9 = r0
            goto L56
        L4c:
            r0 = r6
            r1 = r9
            r2 = r7
            r0.setCertificateEntry(r1, r2)     // Catch: java.security.KeyStoreException -> L5f
            goto L5c
        L56:
            int r12 = r12 + 1
            goto L21
        L5c:
            goto L80
        L5f:
            r13 = move-exception
            java.security.cert.CertificateException r0 = new java.security.cert.CertificateException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "Unable to install certificate: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r13
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r1.<init>(r2)
            throw r0
        L80:
            r0 = r12
            r1 = 10
            if (r0 < r1) goto L91
            java.security.cert.CertificateException r0 = new java.security.cert.CertificateException
            r1 = r0
            java.lang.String r2 = "Cannot install certificate because failed to create unique alias for certificate."
            r1.<init>(r2)
            throw r0
        L91:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.rational.clearcase.remote_core.rpc.KeyTrustUtil.addCertificateToKeyStore(java.security.KeyStore, java.security.cert.X509Certificate):void");
    }

    private String generateAliasString(String str) {
        if (str == null) {
            return "nocn";
        }
        int indexOf = str.indexOf("CN=");
        if (indexOf < 0) {
            return "nocn";
        }
        int i = indexOf + 3;
        int i2 = i;
        while (i2 < str.length() && (Character.isLetterOrDigit(str.charAt(i2)) || str.charAt(i2) == '.')) {
            i2++;
        }
        return i2 == i ? "emptycn" : str.substring(i, i2);
    }

    void writeKeyStore(KeyStore keyStore, String str, char[] cArr) throws CertificateException {
        try {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(new File(str)));
            Throwable th = null;
            try {
                try {
                    keyStore.store(bufferedOutputStream, cArr);
                    if (bufferedOutputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedOutputStream.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
            throw new CertificateException("Unable to write certificate to keystore file " + str + ProtocolConstant.LF + e.toString());
        }
    }

    synchronized void initCommonKeyStore(String[] strArr, KeyStore keyStore) {
        String str;
        if (this.m_isKeyStoreLoaded) {
            return;
        }
        this.m_isKeyStoreLoaded = true;
        String str2 = null;
        int i = 0;
        while (i < strArr.length) {
            try {
                String str3 = strArr[i];
                mergeKeyStore(str3, keyStore);
                str2 = i == 0 ? str3 : str2 + ':' + str3;
                i++;
            } catch (CertificateException e) {
                CCLog.logWarning(getClass(), UNABLE_TO_FIND_LOCAL_CERTS, e);
                return;
            }
        }
        String str4 = USER_HOME + SEP + DEFAULT_USER_KEYSTORE;
        mergeKeyStore(str4, keyStore);
        String str5 = str2 + ':' + str4;
        if (SSL_TRUST_STORE_LOCATION != null) {
            mergeKeyStore(SSL_TRUST_STORE_LOCATION, keyStore);
            str = str5 + ':' + SSL_TRUST_STORE_LOCATION;
        } else {
            String str6 = JAVA_HOME + SEP + "lib" + SEP + "security";
            String str7 = str6 + SEP + "jssecacerts";
            mergeKeyStore(str7, keyStore);
            String str8 = str5 + ':' + str7;
            String str9 = str6 + SEP + "cacerts";
            mergeKeyStore(str9, keyStore);
            str = str8 + ':' + str9;
        }
        if (keyStore == null) {
            CCLog.logWarning(getClass(), UNABLE_TO_FIND_TRUSTED_KEYSTORES_AT_PATH + str, null);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyStore readKeyStore(File file) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException {
        KeyStore keyStore = null;
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            Throwable th = null;
            try {
                try {
                    keyStore = KeyStore.getInstance("JKS");
                    keyStore.load(fileInputStream, null);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (fileInputStream != null) {
                    if (th != null) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                throw th3;
            }
        } catch (FileNotFoundException e) {
            return null;
        } catch (IOException e2) {
            CCLog.logWarning(CCX509TrustManager.class, "I/O problem while reading keystore file\"" + file.getPath() + '\"', e2);
        } catch (CertificateException e3) {
            CCLog.logWarning(CCX509TrustManager.class, "Unable to read some certificates from keystore file \"" + file.getPath() + '\"', e3);
        }
        return keyStore;
    }

    KeyStore mergeKeyStore(String str, KeyStore keyStore) throws CertificateException {
        File file = new File(str);
        try {
            KeyStore readKeyStore = readKeyStore(file);
            if (readKeyStore == null) {
                return keyStore;
            }
            String str2 = file.getName() + BaseLocale.SEP;
            try {
                Enumeration<String> aliases = readKeyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    if (readKeyStore.isCertificateEntry(nextElement)) {
                        Certificate certificate = readKeyStore.getCertificate(nextElement);
                        StringBuilder append = new StringBuilder().append(str2);
                        int i = this.m_aliasNum;
                        this.m_aliasNum = i + 1;
                        keyStore.setCertificateEntry(append.append(i).append('_').append(nextElement).toString(), certificate);
                    }
                }
            } catch (KeyStoreException e) {
                CCLog.logWarning(getClass(), ERROR_MERGING_KEYSTORES + e.toString(), null);
            }
            return keyStore;
        } catch (Exception e2) {
            throw new CertificateException(UNABLE_READ_ANY_TRUSTED_CERT_KEYSTORES + e2.toString());
        }
    }
}
