package com.ibm.ws.ssl.config;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ssl.JSSEProviderFactory;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.wsspi.management.metadata.ManagedObjectMetadataCollectorManager;
import java.io.File;

/* loaded from: input_file:lib/com.ibm.ws.webservices.thinclient_8.5.0.jar:com/ibm/ws/ssl/config/FIPSManager.class */
public class FIPSManager {
    private static final TraceComponent tc = Tr.register(FIPSManager.class, "SSL", "com.ibm.ws.ssl.resources.ssl");
    private static FIPSManager thisClass = null;
    private boolean fipsEnabled = false;
    private boolean fips140_2Enabled = false;
    private String fipsLevel = "";
    private String suiteBLevel = "";
    private boolean initialized = false;

    private FIPSManager() {
    }

    public static FIPSManager getInstance() {
        if (thisClass == null) {
            thisClass = new FIPSManager();
        }
        return thisClass;
    }

    public void initializeFIPS() throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeFips");
        }
        try {
            readWASPropertiesForFips();
            FIPSUtils.setJavaPropsForFips(this.fipsEnabled, this.fipsLevel, this.suiteBLevel);
            FIPSUtils.setSecurityProviders(this.fipsEnabled, this.fipsLevel, this.suiteBLevel);
            if (this.fipsEnabled && FIPSUtils.isFips140_2Enabled(this.fipsEnabled, this.fipsLevel, this.suiteBLevel)) {
                checkDefaultProviderListFromJavaSecurity();
                JSSEProviderFactory.initializeFips();
            }
            this.initialized = true;
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "initializeFips");
            }
        } catch (Exception e) {
            Tr.debug(tc, "Exception initializing FIPS.", new Object[]{e});
            Manager.Ffdc.log(e, this, "com.ibm.ws.ssl.config.FIPSManager.initializeFIPS", "135", this);
            throw new SSLException(e);
        }
    }

    public boolean isFIPSEnabled() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isFIPSEnabled");
        }
        if (!this.initialized) {
            Tr.debug(tc, "FIPS parameters are not initialized yet.");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isFIPSEnabled -> " + this.fipsEnabled);
        }
        return this.fipsEnabled;
    }

    public String getFipsLevel() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFipsLevel");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getFipsLevel -> " + this.fipsEnabled);
        }
        return this.fipsLevel;
    }

    public String getSuiteBLevel() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSuiteBLevel");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSuiteBLevel -> " + this.suiteBLevel);
        }
        return this.suiteBLevel;
    }

    protected void readWASPropertiesForFips() {
        this.fipsEnabled = FIPSUtils.checkFipsEnabled();
        this.fipsLevel = FIPSUtils.checkFipsLevel();
        this.suiteBLevel = FIPSUtils.checkSuiteBLevel();
        this.fips140_2Enabled = FIPSUtils.isFips140_2Enabled(this.fipsEnabled, this.fipsLevel, this.suiteBLevel);
        if (SSLConfigManager.getInstance().isServerProcess()) {
            if (this.fipsEnabled) {
                Tr.info(tc, "ssl.fips.enabled.CWPKI0012I");
            }
            Tr.info(tc, "ssl.fips.enabled.CWPKI0044I", new Object[]{Constants.securityModeName[FIPSUtils.getFipsSecurityMode(this.fipsEnabled, this.fipsLevel, this.suiteBLevel)]});
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:25:0x0073, code lost:
    
        if (r10 == false) goto L23;
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x007d, code lost:
    
        if (r6.fips140_2Enabled == false) goto L28;
     */
    /* JADX WARN: Code restructure failed: missing block: B:45:0x0080, code lost:
    
        com.ibm.ejs.ras.Tr.warning(com.ibm.ws.ssl.config.FIPSManager.tc, "ssl.checkProviderList.warning.CWPKI0013W");
     */
    /* JADX WARN: Code restructure failed: missing block: B:46:0x008e, code lost:
    
        if (com.ibm.ws.ssl.config.FIPSManager.tc.isEntryEnabled() == false) goto L28;
     */
    /* JADX WARN: Code restructure failed: missing block: B:47:0x0091, code lost:
    
        com.ibm.ejs.ras.Tr.debug(com.ibm.ws.ssl.config.FIPSManager.tc, "In FIPS mode, IBMJCEFIPS provider is not found before the IBMJCE provider in the java.security file.");
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void checkDefaultProviderListFromJavaSecurity() {
        /*
            Method dump skipped, instructions count: 468
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.ssl.config.FIPSManager.checkDefaultProviderListFromJavaSecurity():void");
    }

    protected String getJavaSecurityFile() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getJavaSecurityFile");
        }
        String str = null;
        if (System.getProperty("security.overridePropertiesFile") != null && System.getProperty("security.overridePropertiesFile").equalsIgnoreCase("true")) {
            str = System.getProperty("java.security.properties");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Overriding default java.security with java.security.properties= " + System.getProperty("java.security.properties"));
            }
        }
        if (str == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Find default java.security file");
            }
            if (System.getProperty("os.name").equals("OS/400")) {
                str = System.getProperty(ManagedObjectMetadataCollectorManager.USER_INSTALL_ROOT) + File.separator + "properties" + File.separator + "java.security";
            } else {
                str = System.getProperty("java.home") + File.separator + "lib" + File.separator + "security" + File.separator + "java.security";
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getJavaSecurityFile " + str);
        }
        return str;
    }
}
