package com.ibm.HostPublisher.Server.ELF;

import com.ibm.hats.common.CommonConstants;
import com.ibm.hats.common.HHostSimulator;
import com.ibm.hpsslight.SSLCert;
import com.ibm.hpsslight.SSLContext;
import com.ibm.hpsslight.SSLException;
import com.ibm.sslight.SSLightKeyRing;
import java.util.Enumeration;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/hpMigElfSupport.jar:com/ibm/HostPublisher/Server/ELF/ELFSslContext.class */
public class ELFSslContext extends SSLContext implements ELFConstants {
    private static final String Copyright = "(C) Copyright IBM Corp. 2000.";
    private static final String className = "com.ibm.HostPublisher.Server.ELF.ELFSslContext";

    /* JADX INFO: Access modifiers changed from: protected */
    public ELFSslContext() {
        ((SSLContext) this).asyncConnections = true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void initialize() throws ELFException {
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "initialize");
        }
        loadKeyRings();
        String[] enabledCipherSuites = getEnabledCipherSuites();
        StringBuffer stringBuffer = new StringBuffer("Enabled cipher suites:");
        for (String str : enabledCipherSuites) {
            stringBuffer.append(new StringBuffer().append("\n\t").append(str).toString());
        }
        if (Ras.anyTracing) {
            Ras.traceExit(className, "initialize", stringBuffer.toString());
        }
    }

    protected void loadKeyRings() throws ELFException {
        if (ELFPassticketManager.getInstance().isUsingDefaultKeys()) {
            loadWellKnowns();
        }
        loadCustomizedKeys();
        traceKeyRings();
    }

    protected void traceKeyRings() throws ELFException {
        StringBuffer stringBuffer = new StringBuffer("Loaded certificates:\nTYPE\tCOMMON NAME\tORGANIZATION\tISSUED BY");
        Enumeration elements = getKeyRing(0).elements();
        while (elements.hasMoreElements()) {
            SSLCert sSLCert = (SSLCert) elements.nextElement();
            stringBuffer.append(new StringBuffer().append("\nCA\t").append(sSLCert.getNameComponent(1, 3)).append(HHostSimulator.TAB).append(sSLCert.getNameComponent(1, 10)).toString());
        }
        Enumeration elements2 = getKeyRing(1).elements();
        while (elements2.hasMoreElements()) {
            SSLCert sSLCert2 = (SSLCert) elements2.nextElement();
            stringBuffer.append(new StringBuffer().append("\nSITE\t").append(sSLCert2.getNameComponent(1, 3)).append(HHostSimulator.TAB).append(sSLCert2.getNameComponent(1, 10)).append(HHostSimulator.TAB).append(sSLCert2.getNameComponent(0, 3)).toString());
        }
        Enumeration elements3 = getKeyRing(2).elements();
        while (elements3.hasMoreElements()) {
            for (SSLCert sSLCert3 : (SSLCert[]) ((Object[]) elements3.nextElement())[0]) {
                stringBuffer.append(new StringBuffer().append("\nPRIV\t").append(sSLCert3.getNameComponent(1, 3)).append(HHostSimulator.TAB).append(sSLCert3.getNameComponent(1, 10)).append(HHostSimulator.TAB).append(sSLCert3.getNameComponent(0, 3)).toString());
            }
        }
        if (Ras.anyTracing) {
            Ras.trace(className, "traceKeyRings", stringBuffer.toString());
        }
    }

    protected synchronized boolean handleCertificateChain(Object obj, SSLCert[] sSLCertArr) {
        ELFConnection eLFConnection = (ELFConnection) obj;
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "handleCertificateChain", (Object[]) sSLCertArr);
        }
        eLFConnection.setValidCertificate(false);
        eLFConnection.setServerTrusted(false);
        eLFConnection.setServerCertificateChain(sSLCertArr);
        if (!Ras.anyTracing) {
            return false;
        }
        Ras.traceExit(className, "handleCertificateChain");
        return false;
    }

    protected synchronized boolean confirmCertificateChain(Object obj, SSLCert[] sSLCertArr) {
        ELFConnection eLFConnection = (ELFConnection) obj;
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "confirmCertificateChain");
        }
        eLFConnection.setValidCertificate(true);
        eLFConnection.setServerTrusted(true);
        eLFConnection.setServerCertificateChain(sSLCertArr);
        StringBuffer stringBuffer = new StringBuffer("Certificate Chain:");
        for (int i = 0; i < sSLCertArr.length; i++) {
            SSLCert sSLCert = sSLCertArr[i];
            stringBuffer.append(new StringBuffer().append("\n\tCERT #").append(i).append(CommonConstants.SETTING_KEY_VALUE_SEPARATOR).append("\n\t\tSubject CN:   ").append(sSLCert.getNameComponent(1, 3)).append("\n\t\tSubject ORG:  ").append(sSLCert.getNameComponent(1, 10)).append("\n\t\tIssued By CN: ").append(sSLCert.getNameComponent(0, 3)).toString());
        }
        if (!Ras.anyTracing) {
            return true;
        }
        Ras.traceExit(className, "confirmCertificateChain", stringBuffer.toString());
        return true;
    }

    protected synchronized String confirmKeySelection(Object obj, String str, SSLContext.KeyConstraints keyConstraints) {
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "confirmKeySelection", str);
        }
        String confirmKeySelection = super.confirmKeySelection(obj, str, keyConstraints);
        if (Ras.anyTracing) {
            Ras.traceExit(className, "confirmKeySelection", confirmKeySelection);
        }
        return confirmKeySelection;
    }

    protected void loadCustomizedKeys() throws ELFException {
        ELFPassticketManager eLFPassticketManager = ELFPassticketManager.getInstance();
        String customizedKeyringClassName = eLFPassticketManager.getCustomizedKeyringClassName();
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "loadCustomizedKeys", customizedKeyringClassName);
        }
        try {
            String keyRingData = ((SSLightKeyRing) Class.forName(customizedKeyringClassName).newInstance()).getKeyRingData();
            String keyringPassword = eLFPassticketManager.getKeyringPassword();
            if (keyringPassword == null || keyringPassword.equals("")) {
                throw new ELFException("Keyring password not set", "MISSING_KEYRING_INFO", new String[]{customizedKeyringClassName}).log(className, "loadCustomizedKeys");
            }
            try {
                Ras.trace(className, "loadCustomizedKeys", new StringBuffer().append("importKeyRings complete: ").append(importKeyRings(keyRingData, keyringPassword)).toString());
                if (Ras.anyTracing) {
                    Ras.traceExit(className, "loadCustomizedKeys");
                }
            } catch (SSLException e) {
                logSSLException(e, className, "loadCustomizedKeys");
                throw new ELFException(new StringBuffer().append("Cannot load keys from ").append(customizedKeyringClassName).toString(), (Throwable) e, "KEYRING_IMPORT_ERROR", new String[]{customizedKeyringClassName}).log(className, "loadCustomizedKeys");
            }
        } catch (Exception e2) {
            throw new ELFException(new StringBuffer().append("Cannot load ").append(customizedKeyringClassName).toString(), "CANNOT_READ_KEYRING", new String[]{customizedKeyringClassName}).log(className, "loadCustomizedKeys");
        }
    }

    protected void loadWellKnowns() throws ELFException {
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "loadWellKnowns", ELFConstants.DEFAULT_BUILTIN_KEYRING_CLASS);
        }
        try {
            try {
                importCACertificates(((SSLightKeyRing) Class.forName(ELFConstants.DEFAULT_BUILTIN_KEYRING_CLASS).newInstance()).getKeyRingData());
                Ras.trace(className, "loadWellKnowns", "importCACertificates complete");
                if (Ras.anyTracing) {
                    Ras.traceExit(className, "loadWellKnowns");
                }
            } catch (SSLException e) {
                logSSLException(e, className, "loadWellKnowns");
                throw new ELFException("Cannot load CA Certs from WellKnownTrustedCAs", (Throwable) e, "CA_IMPORT_ERROR", new String[]{ELFConstants.DEFAULT_BUILTIN_KEYRING_CLASS}).log(className, "loadWellKnowns");
            }
        } catch (Exception e2) {
            throw new ELFException("Cannot load WellKnownTrustedCAs", e2, "CANNOT_READ_KEYRING", new String[]{ELFConstants.DEFAULT_BUILTIN_KEYRING_CLASS}).log(className, "loadWellKnowns");
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: RegionMakerVisitor
        jadx.core.utils.exceptions.JadxRuntimeException: Failed to find switch 'out' block (already processed)
        	at jadx.core.dex.visitors.regions.RegionMaker.calcSwitchOut(RegionMaker.java:923)
        	at jadx.core.dex.visitors.regions.RegionMaker.processSwitch(RegionMaker.java:797)
        	at jadx.core.dex.visitors.regions.RegionMaker.traverse(RegionMaker.java:157)
        	at jadx.core.dex.visitors.regions.RegionMaker.makeRegion(RegionMaker.java:91)
        	at jadx.core.dex.visitors.regions.RegionMaker.processFallThroughCases(RegionMaker.java:841)
        	at jadx.core.dex.visitors.regions.RegionMaker.processSwitch(RegionMaker.java:800)
        	at jadx.core.dex.visitors.regions.RegionMaker.traverse(RegionMaker.java:157)
        	at jadx.core.dex.visitors.regions.RegionMaker.makeRegion(RegionMaker.java:91)
        	at jadx.core.dex.visitors.regions.RegionMakerVisitor.visit(RegionMakerVisitor.java:52)
        */
    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    public static java.lang.String getSSLExceptionMessageKey(com.ibm.hpsslight.SSLException r2) {
        /*
            r0 = 0
            r3 = r0
            r0 = r2
            int r0 = r0.getCategory()
            switch(r0) {
                case 0: goto Ldb;
                case 1: goto La0;
                case 2: goto L38;
                case 3: goto La6;
                case 4: goto Le7;
                case 5: goto L12c;
                case 6: goto Le1;
                case 7: goto L59;
                case 8: goto L76;
                default: goto L12c;
            }
        L38:
            r0 = r2
            int r0 = r0.getError()
            switch(r0) {
                case 1002: goto L50;
                default: goto L56;
            }
        L50:
            java.lang.String r0 = "SSL_APPLICATIONREJECTED"
            r3 = r0
            goto L59
        L56:
            java.lang.String r0 = "SSL_CONNECTIONESTABLISHMENT"
            r3 = r0
        L59:
            r0 = r2
            int r0 = r0.getError()
            switch(r0) {
                case 1012: goto L70;
                default: goto L76;
            }
        L70:
            java.lang.String r0 = "SSL_INVALIDPARAMETER"
            r3 = r0
            goto L76
        L76:
            r0 = r2
            int r0 = r0.getError()
            switch(r0) {
                case 1009: goto L94;
                case 1012: goto L9a;
                default: goto La0;
            }
        L94:
            java.lang.String r0 = "SSL_EXCEPTIONOCCURRED"
            r3 = r0
            goto La0
        L9a:
            java.lang.String r0 = "SSL_INVALIDPARAMETER"
            r3 = r0
            goto La0
        La0:
            java.lang.String r0 = "SSL_MESSAGEFORMAT"
            r3 = r0
            goto L12c
        La6:
            r0 = r2
            int r0 = r0.getError()
            switch(r0) {
                case 1001: goto Lcc;
                case 1003: goto Lcc;
                case 1009: goto Ld2;
                default: goto Ld8;
            }
        Lcc:
            java.lang.String r0 = "SSL_CERTIFICATEVALIDITYPERIOD"
            r3 = r0
            goto Ldb
        Ld2:
            java.lang.String r0 = "SSL_EXCEPTIONOCCURRED"
            r3 = r0
            goto Ldb
        Ld8:
            java.lang.String r0 = "SSL_CERTIFICATEERROR"
            r3 = r0
        Ldb:
            java.lang.String r0 = "SSL_PEERCONNECTIONTERMINATION"
            r3 = r0
            goto L12c
        Le1:
            java.lang.String r0 = "SSL_TIMEREXPIRED"
            r3 = r0
            goto L12c
        Le7:
            r0 = r2
            int r0 = r0.getError()
            switch(r0) {
                case 1002: goto L114;
                case 1013: goto L11a;
                case 1017: goto L120;
                case 1024: goto L126;
                default: goto L12c;
            }
        L114:
            java.lang.String r0 = "SSL_APPLICATIONREJECTED"
            r3 = r0
            goto L12c
        L11a:
            java.lang.String r0 = "SSL_ISSUERSUBJECTNOTEQUALTOSUBJECTISSUER"
            r3 = r0
            goto L12c
        L120:
            java.lang.String r0 = "SSL_PEERCERTIFICATECHAINNOTTRUSTED"
            r3 = r0
            goto L12c
        L126:
            java.lang.String r0 = "SSL_SUBJECTNOTSIGNEDBYISSUER"
            r3 = r0
            goto L12c
        L12c:
            r0 = r3
            if (r0 != 0) goto L133
            java.lang.String r0 = "SSL_EXCEPTIONOCCURRED"
            r3 = r0
        L133:
            r0 = r3
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.HostPublisher.Server.ELF.ELFSslContext.getSSLExceptionMessageKey(com.ibm.hpsslight.SSLException):java.lang.String");
    }

    public static void logSSLException(SSLException sSLException, String str, String str2) {
        String[] strArr = {String.valueOf(sSLException.getCategory()), String.valueOf(sSLException.getError()), String.valueOf(sSLException.getInt1())};
        String sSLExceptionMessageKey = getSSLExceptionMessageKey(sSLException);
        Ras.traceException(sSLException, str, str2);
        Ras.logMessage(2, str, str2, sSLExceptionMessageKey, strArr);
    }
}
