package com.ibm.hod5sslight;

import java.util.StringTokenizer;

/* loaded from: input_file:hasslite.jar:com/ibm/hod5sslight/SSLContext.class */
public class SSLContext implements Cloneable {
    public static final int CONNECTION_TIMEOUT = 0;
    public static final int SESSION_TIMEOUT = 1;
    public static final int CONNECT_TIMEOUT = 2;
    public boolean clientAuthentication;
    public boolean plainConnections;
    public boolean asyncConnections;
    public boolean certificateConfirmation;
    public boolean certificateHandling;
    public boolean debug;
    public int trace;
    private static int contextCounter;
    SSLToken[] tokens;
    int nTokens;
    int context_id;
    boolean updated;
    public static final int VERSION = SSLCert.VERSION;
    public static final String RELEASE = SSLCert.RELEASE;
    public static final String CL_RELEASE = CL3.RELEASE;
    static final byte[] cmEnabled = {0};
    static final String[] cmName = {"NULL"};
    static final short[] csEnabled = {4, 5, 47, 53, 9, -258, 10, -257, 51, 57, 21, 22, 50, 56, 102, 18, 19, 100, 98, 3, 8, 6, 101, 20, 99, 17, 1, 2, 52, 58, 24, 26, 27, 23, 25, -232, -230, -229, -233, -231};
    static String[] csName = (String[]) getTokens("SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_AES_256_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA SSL_RSA_FIPS_WITH_DES_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA SSL_DHE_RSA_WITH_AES_128_CBC_SHA SSL_DHE_RSA_WITH_AES_256_CBC_SHA SSL_DHE_RSA_WITH_DES_CBC_SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_DSS_WITH_AES_128_CBC_SHA SSL_DHE_DSS_WITH_AES_256_CBC_SHA SSL_DHE_DSS_WITH_RC4_128_SHA SSL_DHE_DSS_WITH_DES_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA SSL_RSA_EXPORT1024_WITH_RC4_56_SHA SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA SSL_RSA_WITH_NULL_MD5 SSL_RSA_WITH_NULL_SHA SSL_DH_anon_WITH_AES_128_CBC_SHA SSL_DH_anon_WITH_AES_256_CBC_SHA SSL_DH_anon_WITH_RC4_128_MD5 SSL_DH_anon_WITH_DES_CBC_SHA SSL_DH_anon_WITH_3DES_EDE_CBC_SHA SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA SSL_IBM_DH_EKE_WITH_RC4_128_MD5 SSL_IBM_DH_EKE_WITH_DES_CBC_SHA SSL_IBM_DH_EKE_WITH_3DES_EDE_CBC_SHA SSL_IBM_DH_EKE_EXPORT_WITH_RC4_40_MD5 SSL_IBM_DH_EKE_EXPORT_WITH_DES40_CBC_SHA ", null, false);
    private static final int[][] timeoutLimit = {new int[]{0, 3600}, new int[]{0, 86400}, new int[]{0, 600}};
    public boolean stepUpEncryption = true;
    int[] timeout = {0, 3600000, 120000};
    short[] cs_list = csEnabled;
    byte[] cm_list = cmEnabled;
    public boolean SSLv20 = true;
    public boolean SSLv30 = true;
    public boolean SSLv31 = true;

    private static synchronized int newContextId() {
        int i = contextCounter;
        contextCounter = i + 1;
        return i;
    }

    static final Object getTokens(String str, String[] strArr, boolean z) {
        StringTokenizer stringTokenizer = new StringTokenizer(str);
        int countTokens = stringTokenizer.countTokens();
        if (countTokens > 0) {
            String[] strArr2 = null;
            short[] sArr = null;
            if (strArr == null) {
                strArr2 = new String[countTokens];
            } else {
                sArr = new short[countTokens];
            }
            int i = 0;
            for (int i2 = 0; i2 < countTokens; i2++) {
                String nextToken = stringTokenizer.nextToken();
                if (strArr == null) {
                    strArr2[i2] = nextToken;
                } else {
                    if (nextToken.startsWith("TLS")) {
                        nextToken = new StringBuffer().append("SSL").append(nextToken.substring(3)).toString();
                    }
                    for (int i3 = 0; i3 < strArr.length; i3++) {
                        if (nextToken.equals(strArr[i3])) {
                            sArr[i] = csEnabled[i3];
                            int i4 = i;
                            while (true) {
                                i4--;
                                if (i4 <= 0) {
                                    i++;
                                    break;
                                }
                                if (sArr[i4] == sArr[i]) {
                                    break;
                                }
                            }
                        }
                    }
                }
            }
            if (strArr == null) {
                return strArr2;
            }
            if (i < countTokens) {
                short[] sArr2 = sArr;
                short[] sArr3 = new short[i];
                sArr = sArr3;
                System.arraycopy(sArr2, 0, sArr3, 0, i);
            }
            return sArr;
        }
        throw new SSLRuntimeException(1);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final String getCipherSuite(short s) {
        int i = 0;
        while (s != csEnabled[i]) {
            i++;
            if (i >= csEnabled.length) {
                return "<UNKNOWN>";
            }
        }
        return csName[i];
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void handlePeerTime(Object obj, long j) {
        if (this.debug) {
            System.out.println(new StringBuffer().append("SSLContext: handlePeerTime[").append(obj).append("]").toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean handlePlainConnection(Object obj) {
        if (!this.debug) {
            return true;
        }
        System.out.println(new StringBuffer().append("SSLContext: handlePlainConnection[").append(obj).append("]").toString());
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean handleSession(Object obj, SSLSession sSLSession) {
        if (!this.debug) {
            return true;
        }
        System.out.println(new StringBuffer().append("SSLContext: handleSession[").append(obj).append("]").toString());
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean handleConnection(Object obj, SSLSession sSLSession, byte[] bArr) {
        if (!this.debug) {
            return true;
        }
        System.out.println(new StringBuffer().append("SSLContext: handleConnection[").append(obj).append("]").toString());
        return true;
    }

    protected boolean handlePeerCertificate(Object obj, SSLCert sSLCert) {
        if (!this.debug) {
            return false;
        }
        System.out.println(new StringBuffer().append("SSLContext: handlePeerCertificate[").append(obj).append("]").toString());
        return false;
    }

    protected boolean confirmPeerCertificate(Object obj, SSLCert sSLCert) {
        if (!this.debug) {
            return true;
        }
        System.out.println(new StringBuffer().append("SSLContext: confirmPeerCertificate[").append(obj).append("]").toString());
        return true;
    }

    protected boolean handleInvalidPeerCertificate(Object obj, SSLCert sSLCert, SSLCert sSLCert2, SSLRuntimeException sSLRuntimeException) {
        if (!this.debug) {
            return false;
        }
        System.out.println(new StringBuffer().append("SSLContext: handleInvalidPeerCertificate[").append(obj).append("]").toString());
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean handleNoPeerAuthentication(Object obj) {
        if (!this.debug) {
            return false;
        }
        System.out.println(new StringBuffer().append("SSLContext: handleNoPeerAuthentication[").append(obj).append("]").toString());
        return false;
    }

    protected SSLCert confirmCertificate(Object obj, SSLCert[] sSLCertArr) {
        if (this.debug) {
            System.out.println(new StringBuffer().append("SSLContext: confirmCertificate[").append(obj).append("]").toString());
        }
        return sSLCertArr[0];
    }

    protected SSLCert handleCertificate(Object obj, byte[] bArr, int i, int i2, int i3, boolean z) {
        if (!this.debug) {
            return null;
        }
        System.out.println(new StringBuffer().append("SSLContext: handleCertificate[").append(obj).append("]").toString());
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[][] handleSecret(Object obj) {
        if (this.debug) {
            System.out.println(new StringBuffer().append("SSLContext: handleSecret[").append(obj).append("]").toString());
        }
        return (byte[][]) null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] handlePeerSecret(Object obj, byte[] bArr) {
        if (!this.debug) {
            return null;
        }
        System.out.println(new StringBuffer().append("SSLContext: handlePeerSecret[").append(obj).append("]").toString());
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized boolean verify(Object obj, SSLCert sSLCert, boolean z) throws SSLRuntimeException {
        SSLCert sSLCert2;
        for (int i = 0; i < this.nTokens; i++) {
            if (this.tokens[i].verify(sSLCert, z)) {
                SSLCert sSLCert3 = sSLCert;
                do {
                    try {
                        sSLCert3.valid(true);
                    } catch (SSLRuntimeException e) {
                        if (e.reason == 2 || !handleInvalidPeerCertificate(obj, sSLCert, sSLCert3, e)) {
                            throw e;
                        }
                    }
                    if (sSLCert3.isRevoked()) {
                        SSLRuntimeException sSLRuntimeException = new SSLRuntimeException(25);
                        if (!handleInvalidPeerCertificate(obj, sSLCert, sSLCert3, sSLRuntimeException)) {
                            throw sSLRuntimeException;
                        }
                    }
                    if (sSLCert3.signer == sSLCert3) {
                        break;
                    }
                    sSLCert2 = sSLCert3.signer;
                    sSLCert3 = sSLCert2;
                } while (sSLCert2 != null);
                return confirmPeerCertificate(obj, sSLCert);
            }
        }
        if (sSLCert.isRevoked()) {
            SSLRuntimeException sSLRuntimeException2 = new SSLRuntimeException(25);
            if (!handleInvalidPeerCertificate(obj, sSLCert, sSLCert, sSLRuntimeException2)) {
                throw sSLRuntimeException2;
            }
        }
        return handlePeerCertificate(obj, sSLCert);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized SSLCert getPrivateCertificate(Object obj, byte[] bArr, int i, int i2, int i3, boolean z) {
        SSLCert[] sSLCertArr = null;
        do {
            this.updated = false;
            for (int i4 = 0; i4 < this.nTokens; i4++) {
                try {
                    if (this.certificateConfirmation) {
                        SSLCert[] privateCertificates = this.tokens[i4].getPrivateCertificates(bArr, i, i2, i3, bArr == null);
                        if (privateCertificates != null) {
                            if (sSLCertArr == null) {
                                sSLCertArr = privateCertificates;
                            } else {
                                SSLCert[] sSLCertArr2 = sSLCertArr;
                                int length = sSLCertArr.length;
                                SSLCert[] sSLCertArr3 = new SSLCert[length + privateCertificates.length];
                                sSLCertArr = sSLCertArr3;
                                System.arraycopy(sSLCertArr2, 0, sSLCertArr3, 0, length);
                                System.arraycopy(privateCertificates, 0, sSLCertArr, length, privateCertificates.length);
                            }
                        }
                    } else {
                        SSLCert privateCertificate = this.tokens[i4].getPrivateCertificate(i3, z, bArr == null);
                        if (privateCertificate != null) {
                            return privateCertificate;
                        }
                    }
                } catch (Exception e) {
                }
            }
            if (sSLCertArr != null) {
                return confirmCertificate(obj, sSLCertArr);
            }
            SSLCert handleCertificate = handleCertificate(obj, bArr, i, i2, i3, z);
            if (handleCertificate != null) {
                return handleCertificate;
            }
        } while (this.updated);
        return null;
    }

    public SSLContext() {
        CL3.rng(null, new byte[0], 0, 0);
        this.tokens = new SSLToken[2];
        this.context_id = newContextId();
    }

    public synchronized String[] getEnabledCipherSuites() {
        String[] strArr = new String[this.cs_list.length];
        for (int i = 0; i < this.cs_list.length; i++) {
            strArr[i] = getCipherSuite(this.cs_list[i]);
        }
        return strArr;
    }

    public synchronized String[] getStepUpCipherSuites() {
        return null;
    }

    public synchronized void setEnabledCipherSuites(String str) throws SSLRuntimeException {
        this.cs_list = (short[]) getTokens(str, csName, false);
    }

    public synchronized String[] getEnabledCompressionMethods() {
        return cmName;
    }

    public synchronized void setTimeout(int i, int i2) throws SSLRuntimeException {
        if (i < 0 || i >= 3 || i2 < timeoutLimit[i][0] || i2 > timeoutLimit[i][1]) {
            throw new SSLRuntimeException(1);
        }
        this.timeout[i] = i2 * 1000;
    }

    public synchronized int getTimeout(int i) {
        if (i < 0 || i >= 3) {
            throw new SSLRuntimeException(1);
        }
        return this.timeout[i] / 1000;
    }

    public synchronized void importToken(SSLToken sSLToken) {
        if (sSLToken != null) {
            int i = 0;
            while (i < this.nTokens && sSLToken != this.tokens[i]) {
                i++;
            }
            if (i == this.nTokens) {
                if (this.tokens.length == this.nTokens) {
                    SSLToken[] sSLTokenArr = this.tokens;
                    SSLToken[] sSLTokenArr2 = new SSLToken[i + 2];
                    this.tokens = sSLTokenArr2;
                    System.arraycopy(sSLTokenArr, 0, sSLTokenArr2, 0, i);
                }
                SSLToken[] sSLTokenArr3 = this.tokens;
                int i2 = this.nTokens;
                this.nTokens = i2 + 1;
                sSLTokenArr3[i2] = sSLToken;
            }
            byte[] random = sSLToken.random(32);
            if (random != null) {
                CL3.rngSeed(null, random, 0, 32);
            }
        }
        this.updated = true;
    }

    public synchronized void removeToken(SSLToken sSLToken) {
        if (sSLToken != null) {
            for (int i = 0; i < this.nTokens; i++) {
                if (sSLToken == this.tokens[i]) {
                    int i2 = i;
                    int i3 = this.nTokens - 1;
                    this.nTokens = i3;
                    if (i2 != i3) {
                        System.arraycopy(this.tokens, i + 1, this.tokens, i, this.nTokens - i);
                        return;
                    }
                    return;
                }
            }
        }
        throw new SSLRuntimeException(1);
    }

    public Object clone() throws CloneNotSupportedException {
        SSLContext sSLContext = (SSLContext) super.clone();
        sSLContext.timeout = (int[]) this.timeout.clone();
        sSLContext.tokens = (SSLToken[]) this.tokens.clone();
        return sSLContext;
    }

    public final int getProtocolVersion() {
        if (this.SSLv31) {
            return 769;
        }
        if (this.SSLv30) {
            return 768;
        }
        return this.SSLv20 ? 512 : 0;
    }
}
