package com.ibm.ws.webservices.engine.components.net;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ejs.ras.TraceNLS;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.util.SecurityHelper;
import com.ibm.ws.security.service.SecurityService;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.InvalidPasswordDecodingException;
import com.ibm.ws.security.util.PasswordUtil;
import com.ibm.ws.ssl.SSLConfig;
import com.ibm.ws.webservices.WSConstants;
import com.ibm.ws.webservices.component.WSServerImpl;
import com.ibm.ws.webservices.deploy.ModuleData;
import com.ibm.ws.webservices.engine.resources.Messages;
import com.ibm.ws.webservices.engine.utils.JavaUtils;
import java.io.InputStream;
import java.net.URL;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Properties;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: input_file:lib/webservices.jar:com/ibm/ws/webservices/engine/components/net/SSLConfiguration.class */
public class SSLConfiguration {
    private static final TraceNLS nls = TraceNLS.getTraceNLS(WSConstants.TR_RESOURCE_BUNDLE);
    private static final TraceComponent _tc;
    public static final String configURLProperty = "com.ibm.CORBA.ConfigURL";
    public static final String wsSSLconfigURLProperty = "com.ibm.webservices.sslConfigURL";
    private String sslAliasConfigured;
    private SSLConfig sslConfigured;
    private boolean asServer;
    static Class class$com$ibm$ws$webservices$engine$components$net$SSLConfiguration;

    public SSLConfiguration(boolean z) {
        this.sslAliasConfigured = null;
        this.sslConfigured = null;
        this.asServer = false;
        this.sslConfigured = new SSLConfig(z);
        this.asServer = z;
        DefaultHTTPSTransportClientProperties defaultHTTPSTransportClientProperties = (DefaultHTTPSTransportClientProperties) TransportClientPropertiesFactory.create(ModuleData.TRANSPORT_HTTPS);
        this.sslAliasConfigured = defaultHTTPSTransportClientProperties == null ? null : defaultHTTPSTransportClientProperties.getSSLConfigurationName();
    }

    public String getIdentityKey() {
        SecurityService securityService;
        if (_tc.isEntryEnabled()) {
            Tr.entry(_tc, Messages.getMessage("enter00", "SSLConfiguration.getIdentityKey()"));
        }
        String str = null;
        Properties properties = null;
        if (!this.asServer) {
            properties = getPropertiesObject();
        } else if (JavaUtils.hasValue(this.sslAliasConfigured) && (securityService = WSServerImpl.getSecurityService()) != null && JavaUtils.hasValue(this.sslAliasConfigured)) {
            properties = securityService.getSecureSocketLayer(this.sslAliasConfigured);
        }
        if (properties != null) {
            str = properties.getProperty("com.ibm.ssl.keyStore");
            if (JavaUtils.hasValue(str)) {
                String property = properties.getProperty("com.ibm.ssl.keyStoreClientAlias");
                if (JavaUtils.hasValue(property)) {
                    str = new StringBuffer().append(str).append(" : ").append(property).toString();
                }
            }
        }
        if (str == null) {
            str = System.getProperty(SecurityHelper.keyStoreProp);
        }
        if (_tc.isEntryEnabled()) {
            Tr.exit(_tc, Messages.getMessage("exit00", "SSLConfiguration.getIdentityKey()"));
        }
        return str;
    }

    public String configuredSSLAlias() {
        if (_tc.isEventEnabled()) {
            Tr.event(_tc, Messages.getMessage("enter00", "SSLConfiguration.configuredSSLAlias()..."));
            if (this.asServer) {
                Properties properties = null;
                if (JavaUtils.hasValue(this.sslAliasConfigured)) {
                    Tr.event(_tc, Messages.getMessage("sslConfiguration00", this.sslAliasConfigured));
                    SecurityService securityService = WSServerImpl.getSecurityService();
                    if (securityService != null && JavaUtils.hasValue(this.sslAliasConfigured)) {
                        properties = securityService.getSecureSocketLayer(this.sslAliasConfigured);
                    }
                } else {
                    Tr.event(_tc, Messages.getMessage("sslConfiguration00", "JSSE"));
                }
                printInfofromProperties(properties);
            }
            Tr.event(_tc, Messages.getMessage("exit00", "SSLConfiguration.configuredSSLAlias()"));
        }
        return this.sslAliasConfigured;
    }

    public Properties getPropertiesObject() {
        Properties properties = null;
        try {
            if (_tc.isEntryEnabled()) {
                Tr.entry(_tc, Messages.getMessage("enter00", "SSLConfiguration.getPropertiesObject()"));
            }
            String property = JavaUtils.hasValue(System.getProperty(wsSSLconfigURLProperty)) ? System.getProperty(wsSSLconfigURLProperty) : System.getProperty(configURLProperty);
            if (property != null) {
                properties = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction(this, property) { // from class: com.ibm.ws.webservices.engine.components.net.SSLConfiguration.1
                    private final String val$fromConfigured;
                    private final SSLConfiguration this$0;

                    {
                        this.this$0 = this;
                        this.val$fromConfigured = property;
                    }

                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        InputStream inputStream = null;
                        Properties properties2 = null;
                        try {
                            try {
                                inputStream = new URL(this.val$fromConfigured).openStream();
                                if (inputStream != null) {
                                    properties2 = new Properties();
                                    properties2.load(inputStream);
                                }
                                if (inputStream != null) {
                                    inputStream.close();
                                }
                                return properties2;
                            } catch (Exception e) {
                                FFDCFilter.processException(e, "com.ibm.ws.webservices.engine.components.net.SSLConfiguration.run", "231", this);
                                throw e;
                            }
                        } catch (Throwable th) {
                            if (inputStream != null) {
                                inputStream.close();
                            }
                            throw th;
                        }
                    }
                });
                if (properties != null) {
                    String[] strArr = {"com.ibm.ssl.keyStorePassword", "com.ibm.ssl.trustStorePassword", "com.ibm.ssl.tokenPassword"};
                    for (int i = 0; i < strArr.length; i++) {
                        String property2 = properties.getProperty(strArr[i]);
                        if (JavaUtils.hasValue(property2)) {
                            try {
                                properties.setProperty(strArr[i], PasswordUtil.decode(property2));
                                if (_tc.isEventEnabled()) {
                                    Tr.event(_tc, Messages.getMessage("readKsPwdProperty", strArr[i]));
                                }
                            } catch (InvalidPasswordDecodingException e) {
                            }
                        }
                    }
                }
            }
            if (_tc.isEventEnabled()) {
                if (JavaUtils.hasValue(property)) {
                    Tr.event(_tc, Messages.getMessage("sslConfiguration00", property));
                } else {
                    Tr.event(_tc, Messages.getMessage("sslConfiguration00", "JSSE"));
                }
            }
        } catch (PrivilegedActionException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.webservices.engine.components.net.SSLConfiguration.getPropertiesObject", "286");
            if (_tc.isEventEnabled()) {
                Tr.event(_tc, Messages.getMessage("exception01", JavaUtils.stackToString(e2.getCause() == null ? e2 : e2.getCause())));
            }
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.webservices.engine.components.net.SSLConfiguration.getPropertiesObject", "292");
            if (_tc.isEventEnabled()) {
                Tr.event(_tc, Messages.getMessage("exception01", JavaUtils.stackToString(th)));
            }
        }
        if (_tc.isEntryEnabled()) {
            Tr.exit(_tc, Messages.getMessage("exit00", "SSLConfiguration.getPropertiesObject()"));
        }
        return properties;
    }

    public boolean isValid(Properties properties) {
        SecurityService securityService;
        Properties properties2 = properties;
        String property = properties2.getProperty("alias");
        if (JavaUtils.hasValue(property) && (securityService = WSServerImpl.getSecurityService()) != null) {
            properties2 = securityService.getSecureSocketLayer(property);
        }
        return ((JavaUtils.hasValue(properties2.getProperty("com.ibm.ssl.keyStore")) && JavaUtils.hasValue(properties2.getProperty("com.ibm.ssl.keyStorePassword"))) && (JavaUtils.hasValue(properties2.getProperty("com.ibm.ssl.trustStore")) && JavaUtils.hasValue(properties2.getProperty("com.ibm.ssl.trustStorePassword")))) || (JavaUtils.hasValue(properties2.getProperty("com.ibm.ssl.tokenLibraryFile")) && JavaUtils.hasValue(properties2.getProperty("com.ibm.ssl.tokenPassword")) && JavaUtils.hasValue(properties2.getProperty("com.ibm.ssl.tokenType"))) || (JavaUtils.hasValue(System.getProperty(SecurityHelper.keyStoreProp)) && JavaUtils.hasValue(System.getProperty(SecurityHelper.keyStorePasswordProp)) && JavaUtils.hasValue(System.getProperty(SecurityHelper.trustStoreProp)) && JavaUtils.hasValue(System.getProperty(SecurityHelper.trustStorePasswordProp)));
    }

    public static void printInfofromProperties(Properties properties) {
        if (_tc.isDebugEnabled()) {
            String[] strArr = {"com.ibm.ssl.keyManager", "com.ibm.ssl.keyStoreType", "com.ibm.ssl.keyStoreProvider", "com.ibm.ssl.keyStore", "com.ibm.ssl.trustManager", "com.ibm.ssl.trustStoreType", "com.ibm.ssl.trustStoreProvider", "com.ibm.ssl.trustStore", "com.ibm.ssl.clientAuthentication", "com.ibm.ssl.tokenType", "com.ibm.ssl.tokenLibraryFile", "com.ibm.ssl.keyStoreClientAlias", "com.ibm.ssl.keyStoreServerAlias"};
            String[] strArr2 = {SecurityHelper.keyStoreProp, SecurityHelper.keyStoreTypeProp, SecurityHelper.trustStoreProp, SecurityHelper.trustStoreTypeProp};
            if (properties != null) {
                for (int i = 0; i < strArr.length; i++) {
                    Tr.debug(_tc, new StringBuffer().append(strArr[i]).append(": ").append(properties.getProperty(strArr[i])).toString());
                }
                return;
            }
            for (int i2 = 0; i2 < strArr2.length; i2++) {
                Tr.debug(_tc, new StringBuffer().append(strArr2[i2]).append(": ").append(System.getProperty(strArr2[i2])).toString());
            }
        }
    }

    public SSLSocketFactory getSocketFactoryByPropFile(String str) {
        SSLSocketFactory sSLSocketFactory = null;
        Properties properties = null;
        try {
            properties = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction(this, str) { // from class: com.ibm.ws.webservices.engine.components.net.SSLConfiguration.2
                private final String val$props;
                private final SSLConfiguration this$0;

                {
                    this.this$0 = this;
                    this.val$props = str;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    InputStream inputStream = null;
                    Properties properties2 = null;
                    try {
                        try {
                            inputStream = new URL(this.val$props).openStream();
                            if (inputStream != null) {
                                properties2 = new Properties();
                                properties2.load(inputStream);
                            }
                            if (inputStream != null) {
                                inputStream.close();
                            }
                            return properties2;
                        } catch (Exception e) {
                            FFDCFilter.processException(e, "com.ibm.ws.webservices.engine.components.net.SSLConfiguration.run", "430", this);
                            throw e;
                        }
                    } catch (Throwable th) {
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        throw th;
                    }
                }
            });
        } catch (PrivilegedActionException e) {
            FFDCFilter.processException(e, "com.ibm.ws.webservices.engine.components.net.SSLConfiguration.getSocketFactoryByPropFile", "444", this);
            if (_tc.isEventEnabled()) {
                Tr.event(_tc, Messages.getMessage("exception01", JavaUtils.stackToString(e.getCause() == null ? e : e.getCause())));
            }
        }
        if (properties != null) {
            this.sslConfigured.init(properties);
            try {
                if (_tc.isEventEnabled()) {
                    String keyFileName = this.sslConfigured.getKeyFileName();
                    String trustFileName = this.sslConfigured.getTrustFileName();
                    String tokenLibraryFile = this.sslConfigured.getTokenLibraryFile();
                    if (JavaUtils.hasValue(keyFileName) && JavaUtils.hasValue(trustFileName) && JavaUtils.hasValue(tokenLibraryFile)) {
                        Tr.event(_tc, Messages.getMessage("keyStoresUsed00", keyFileName, trustFileName, null));
                    } else {
                        Tr.event(_tc, Messages.getMessage("keyStoresUsed00", keyFileName, trustFileName, tokenLibraryFile));
                    }
                }
                sSLSocketFactory = this.sslConfigured.getSocketFactory();
            } catch (Exception e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.webservices.engine.components.net.SSLConfiguration.getSocketFactoryByPropFile", "473", this);
                if (_tc.isEventEnabled()) {
                    Tr.event(_tc, Messages.getMessage("exception01", JavaUtils.stackToString(e2)));
                }
            }
        } else if (_tc.isDebugEnabled()) {
            Tr.debug(_tc, new StringBuffer().append("SSL Properties: ").append(properties).toString());
        }
        return sSLSocketFactory;
    }

    public SSLSocketFactory getSocketFactoryBySSLAlias(String str) {
        SSLSocketFactory sSLSocketFactory = null;
        if (str != null) {
            this.sslAliasConfigured = new String(str);
            try {
                SecurityService securityService = WSServerImpl.getSecurityService();
                if (securityService != null) {
                    Properties secureSocketLayer = securityService.getSecureSocketLayer(this.sslAliasConfigured);
                    if (secureSocketLayer != null) {
                        this.sslConfigured.init(secureSocketLayer);
                        String keyFileName = this.sslConfigured.getKeyFileName();
                        String trustFileName = this.sslConfigured.getTrustFileName();
                        String tokenLibraryFile = this.sslConfigured.getTokenLibraryFile();
                        if (_tc.isEventEnabled()) {
                            if (JavaUtils.hasValue(keyFileName) && JavaUtils.hasValue(trustFileName) && JavaUtils.hasValue(tokenLibraryFile)) {
                                Tr.event(_tc, Messages.getMessage("keyStoresUsed00", keyFileName, trustFileName, null));
                            } else {
                                Tr.event(_tc, Messages.getMessage("keyStoresUsed00", keyFileName, trustFileName, tokenLibraryFile));
                            }
                        }
                        sSLSocketFactory = this.sslConfigured.getSocketFactory();
                    } else if (_tc.isDebugEnabled()) {
                        Tr.debug(_tc, new StringBuffer().append("SSL Properties: ").append(secureSocketLayer).toString());
                    }
                } else if (_tc.isDebugEnabled()) {
                    Tr.debug(_tc, new StringBuffer().append("SecurityService: ").append(securityService).toString());
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.webservices.engine.components.net.SSLConfiguration.getSocketFactoryBySSLAlias", "540", this);
                if (_tc.isEventEnabled()) {
                    Tr.event(_tc, Messages.getMessage("exception01", JavaUtils.stackToString(e)));
                }
            }
        }
        return sSLSocketFactory;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$webservices$engine$components$net$SSLConfiguration == null) {
            cls = class$("com.ibm.ws.webservices.engine.components.net.SSLConfiguration");
            class$com$ibm$ws$webservices$engine$components$net$SSLConfiguration = cls;
        } else {
            cls = class$com$ibm$ws$webservices$engine$components$net$SSLConfiguration;
        }
        _tc = Tr.register(cls, "WebServices", WSConstants.TR_RESOURCE_BUNDLE);
    }
}
