package com.ibm.wps.pe.pc.legacy.service.proxysupport;

import com.ibm.net.ssl.HttpsURLConnection;
import com.ibm.net.ssl.KeyManager;
import com.ibm.net.ssl.KeyManagerFactory;
import com.ibm.net.ssl.SSLContext;
import com.ibm.net.ssl.TrustManager;
import com.ibm.net.ssl.TrustManagerFactory;
import com.ibm.wps.logging.LogManager;
import com.ibm.wps.logging.Logger;
import com.ibm.wps.security.Base64Coder;
import com.ibm.wps.wsrp.util.Constants;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.Socket;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLStreamHandler;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.text.MessageFormat;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import sun.net.www.protocol.http.HttpURLConnection;

/* loaded from: input_file:wps.jar:com/ibm/wps/pe/pc/legacy/service/proxysupport/ProxyURLStreamHandler.class */
public class ProxyURLStreamHandler extends URLStreamHandler {
    private static final String COPYRIGHT = "Licensed Materials - Property of IBM, 5724-E76 and 5724-E77, (C) Copyright IBM Corp. 2001, 2003 - All Rights reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private Logger logger;
    private String username;
    private String password;
    private boolean useAuthentication = false;
    private String proxyHost;
    private int proxyPort;
    private static KeyManager[] km = null;
    private static TrustManager[] tm = null;
    private static URL ksURL = null;
    private static String ksPwd = null;
    private static String ksFMT = "JKS";
    private static URL tsURL = null;
    private static String tsPwd = null;
    private static String tsFMT = "JKS";
    static Class class$com$ibm$wps$pe$pc$legacy$service$proxysupport$ProxyURLStreamHandler;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:wps.jar:com/ibm/wps/pe/pc/legacy/service/proxysupport/ProxyURLStreamHandler$SSLTunnelSocketFactory.class */
    public class SSLTunnelSocketFactory extends SSLSocketFactory {
        private SSLSocketFactory dfactory;
        private int tries;
        private String proxyHost;
        private int proxyPort;
        private int proxyType;
        private final ProxyURLStreamHandler this$0;

        public SSLTunnelSocketFactory(ProxyURLStreamHandler proxyURLStreamHandler, SSLSocketFactory sSLSocketFactory, String str, int i) {
            this.this$0 = proxyURLStreamHandler;
            this.dfactory = null;
            this.tries = 0;
            this.proxyHost = null;
            this.proxyPort = 0;
            this.proxyType = -1;
            this.dfactory = sSLSocketFactory;
            this.proxyHost = str;
            this.proxyPort = i;
        }

        public SSLTunnelSocketFactory(ProxyURLStreamHandler proxyURLStreamHandler, SSLSocketFactory sSLSocketFactory) {
            this(proxyURLStreamHandler, sSLSocketFactory, null, 0);
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException, UnknownHostException {
            if (this.this$0.isDebugOn()) {
                this.this$0.traceEntry("createSocket", new Object[]{socket, str, new Integer(i), new Boolean(z)});
            }
            SSLSocket sSLSocket = null;
            if (this.proxyHost != null) {
                Socket socket2 = new Socket(this.proxyHost, this.proxyPort);
                doTunnelHandshake(socket2, str, i);
                sSLSocket = (SSLSocket) this.dfactory.createSocket(socket2, str, i, z);
            }
            if (sSLSocket != null) {
                sSLSocket.startHandshake();
            }
            return sSLSocket;
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getDefaultCipherSuites() {
            return this.dfactory.getDefaultCipherSuites();
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getSupportedCipherSuites() {
            return this.dfactory.getSupportedCipherSuites();
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
            return createSocket(inetAddress.toString(), i);
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
            return this.dfactory.createSocket(inetAddress, i, inetAddress2, i2);
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
            if (this.this$0.isDebugOn()) {
                this.this$0.traceEntry("createSocket", new Object[]{str, new Integer(i)});
            }
            SSLSocket sSLSocket = null;
            Socket socket = null;
            if (this.proxyHost != null) {
                if (this.this$0.isDebugOn()) {
                    this.this$0.trace("createSocket", "proxyHost is not null.  Proceeding with tunnelling.");
                }
                int i2 = -1;
                this.tries = 0;
                while (i2 != 200) {
                    if (i2 == 407) {
                        if (this.this$0.isDebugOn()) {
                            this.this$0.trace("createSocket", "Received auth challenge from proxy.  Using proxy authentication.");
                        }
                        this.this$0.useAuthentication = true;
                    }
                    socket = new Socket(this.proxyHost, this.proxyPort);
                    i2 = doTunnelHandshake(socket, str, i);
                }
                sSLSocket = (SSLSocket) this.dfactory.createSocket(socket, str, i, true);
            }
            if (sSLSocket != null) {
                sSLSocket.addHandshakeCompletedListener(new HandshakeCompletedListener(this) { // from class: com.ibm.wps.pe.pc.legacy.service.proxysupport.ProxyURLStreamHandler.1
                    private final SSLTunnelSocketFactory this$1;

                    {
                        this.this$1 = this;
                    }

                    @Override // javax.net.ssl.HandshakeCompletedListener
                    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                        if (this.this$1.this$0.isDebugOn()) {
                            this.this$1.this$0.trace("handshakeCompleted", MessageFormat.format("SSL Handshake successful. CipherSuite: {0}, PeerHost: {1}", handshakeCompletedEvent.getCipherSuite(), handshakeCompletedEvent.getSession().getPeerHost()));
                        }
                    }
                });
                if (this.this$0.isDebugOn()) {
                    this.this$0.trace("createSocket", "Starting SSL handshake.");
                }
                sSLSocket.startHandshake();
            }
            return sSLSocket;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
            return this.dfactory.createSocket(str, i, inetAddress, i2);
        }

        private int doTunnelHandshake(Socket socket, String str, int i) throws IOException {
            if (this.this$0.isDebugOn()) {
                this.this$0.traceEntry("doTunnelHandshake", new Object[]{socket, str, new Integer(i)});
            }
            String tryConnectRequest = tryConnectRequest(socket, str, i);
            this.tries++;
            if (this.tries >= 5) {
                throw new IOException(new StringBuffer().append("Unable to tunnel through ").append(str).append(Constants.COLON).append(i).append(".  Proxy returns \"").append(tryConnectRequest).append("\"").toString());
            }
            if (tryConnectRequest.toLowerCase().indexOf("200 connection established") >= 0) {
                return 200;
            }
            if (tryConnectRequest.toLowerCase().indexOf("407 proxy authentication required") < 0) {
                throw new IOException(new StringBuffer().append("Unable to tunnel through ").append(str).append(Constants.COLON).append(i).append(".  Proxy returns \"").append(tryConnectRequest).append("\"").toString());
            }
            if (this.this$0.username == null || this.this$0.password == null) {
                throw new IOException(new StringBuffer().append("Unable to tunnel through ").append(str).append(Constants.COLON).append(i).append(".  Authorization required.").toString());
            }
            do {
            } while (socket.getInputStream().read() != -1);
            this.this$0.useAuthentication = true;
            new StringBuffer().append("Proxy-Authorization: Basic ").append(Base64Coder.base64Encode(new StringBuffer().append(this.this$0.username).append(Constants.COLON).append(this.this$0.password).toString())).append(Constants.CRLF).toString();
            return 407;
        }

        protected String tryConnectRequest(Socket socket, String str, int i) throws IOException {
            byte[] bytes;
            String str2;
            String str3 = "";
            if (this.this$0.useAuthentication && this.this$0.username != null && this.this$0.password != null) {
                str3 = new StringBuffer().append("Proxy-Authorization: Basic ").append(Base64Coder.base64Encode(new StringBuffer().append(this.this$0.username).append(Constants.COLON).append(this.this$0.password).toString())).append(Constants.CRLF).toString();
            }
            OutputStream outputStream = socket.getOutputStream();
            String stringBuffer = new StringBuffer().append("CONNECT ").append(str).append(Constants.COLON).append(i).append(" HTTP/1.0\r\n").append("User-Agent: ").append(HttpURLConnection.userAgent).append(Constants.CRLF).append(str3).append(Constants.CRLF).toString();
            try {
                bytes = stringBuffer.getBytes("ASCII7");
            } catch (UnsupportedEncodingException e) {
                bytes = stringBuffer.getBytes();
            }
            outputStream.write(bytes);
            outputStream.flush();
            byte[] bArr = new byte[200];
            int i2 = 0;
            int i3 = 0;
            boolean z = false;
            InputStream inputStream = socket.getInputStream();
            while (i3 < 2) {
                int read = inputStream.read();
                if (read < 0) {
                    throw new IOException("Unexpected EOF from proxy");
                }
                if (read == 10) {
                    z = true;
                    i3++;
                } else if (read != 13) {
                    i3 = 0;
                    if (!z && i2 < bArr.length) {
                        int i4 = i2;
                        i2++;
                        bArr[i4] = (byte) read;
                    }
                }
            }
            try {
                str2 = new String(bArr, 0, i2, "ASCII7");
            } catch (UnsupportedEncodingException e2) {
                str2 = new String(bArr, 0, i2);
            }
            return str2;
        }
    }

    public ProxyURLStreamHandler(String str, int i, String str2, String str3) {
        Class cls;
        this.logger = null;
        this.username = null;
        this.password = null;
        this.proxyHost = null;
        this.proxyPort = 0;
        this.proxyHost = str;
        this.proxyPort = i;
        this.username = str2;
        this.password = str3;
        LogManager logManager = LogManager.getLogManager();
        if (class$com$ibm$wps$pe$pc$legacy$service$proxysupport$ProxyURLStreamHandler == null) {
            cls = class$("com.ibm.wps.pe.pc.legacy.service.proxysupport.ProxyURLStreamHandler");
            class$com$ibm$wps$pe$pc$legacy$service$proxysupport$ProxyURLStreamHandler = cls;
        } else {
            cls = class$com$ibm$wps$pe$pc$legacy$service$proxysupport$ProxyURLStreamHandler;
        }
        this.logger = logManager.getLogger(cls);
    }

    @Override // java.net.URLStreamHandler
    protected URLConnection openConnection(URL url) throws IOException {
        if (isDebugOn()) {
            this.logger.entry(Logger.TRACE_HIGH, "openConnection", url);
        }
        if (url.getProtocol().equals("http")) {
            if (isDebugOn()) {
                trace("openConnection", "HTTP URL.  Returning a ProxiedURLConnection.");
            }
            return new ProxiedURLConnection(url, this.proxyHost, this.proxyPort, 1, this.username, this.password);
        }
        if (!url.getProtocol().equals("https")) {
            if (isDebugOn()) {
                trace("openConnection", new StringBuffer().append("Unsupported protocol, ").append(url.getProtocol()).append(".  Returning default URLConnection.").toString());
            }
            return getDefaultURLConnection(url);
        }
        if (isDebugOn()) {
            trace("openConnection", "HTTPS URL.  Returning URL with new SSLSocketFactory.");
        }
        URLConnection openConnection = new URL(url.toString()).openConnection();
        setSSLSocketFactory(openConnection);
        return openConnection;
    }

    protected URLConnection getDefaultURLConnection(URL url) throws MalformedURLException, IOException {
        if (isDebugOn()) {
            this.logger.entry(Logger.TRACE_HIGH, "getDefaultURLConnection", url);
        }
        return new URL(url.toString()).openConnection();
    }

    protected void setSSLSocketFactory(URLConnection uRLConnection) {
        if (isDebugOn()) {
            traceEntry("setSSLSocketFactory", new Object[]{uRLConnection});
        }
        if (!(uRLConnection instanceof HttpsURLConnection)) {
            if (isDebugOn()) {
                trace("setSSLSocketFactory", "URLConnection is not an HttpsURLConnection.  Returning.");
                return;
            }
            return;
        }
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) uRLConnection;
        try {
            if (km == null && ksURL != null) {
                KeyStore keyStore = KeyStore.getInstance(ksFMT);
                keyStore.load(ksURL.openStream(), null);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("IbmX509");
                keyManagerFactory.init(keyStore, ksPwd.toCharArray());
                km = keyManagerFactory.getKeyManagers();
            } else if (km == null) {
                KeyManagerFactory keyManagerFactory2 = KeyManagerFactory.getInstance("IbmX509");
                keyManagerFactory2.init((KeyStore) null, (char[]) null);
                km = keyManagerFactory2.getKeyManagers();
            }
        } catch (IOException e) {
            if (isDebugOn()) {
                this.logger.text(Logger.TRACE_LOW, "setSSLSocketFactory", new StringBuffer().append("IOException while creating key store ").append(ksURL.toString()).toString(), e);
            }
            ksURL = null;
        } catch (NoSuchAlgorithmException e2) {
            if (isDebugOn()) {
                this.logger.text(Logger.TRACE_LOW, "setSSLSocketFactory", new StringBuffer().append("GeneralSecurityException while creating key store ").append(ksURL.toString()).toString(), e2);
            }
            ksURL = null;
        } catch (GeneralSecurityException e3) {
            if (isDebugOn()) {
                this.logger.text(Logger.TRACE_LOW, "setSSLSocketFactory", new StringBuffer().append("GeneralSecurityException while creating key store ").append(ksURL.toString()).toString(), e3);
            }
            ksURL = null;
        }
        try {
            if (tm == null && tsURL != null) {
                KeyStore keyStore2 = KeyStore.getInstance(tsFMT);
                keyStore2.load(tsURL.openStream(), null);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("IbmX509");
                trustManagerFactory.init(keyStore2);
                tm = trustManagerFactory.getTrustManagers();
            } else if (tm == null) {
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance("IbmX509");
                trustManagerFactory2.init((KeyStore) null);
                tm = trustManagerFactory2.getTrustManagers();
            }
        } catch (IOException e4) {
            if (isDebugOn()) {
                this.logger.text(Logger.TRACE_LOW, "setSSLSocketFactory", new StringBuffer().append("IOException while creating trust store ").append(tsURL.toString()).toString(), e4);
            }
            tsURL = null;
        } catch (GeneralSecurityException e5) {
            if (isDebugOn()) {
                this.logger.text(Logger.TRACE_LOW, "setSSLSocketFactory", new StringBuffer().append("GeneralSecurityException while creating trust store ").append(tsURL.toString()).toString(), e5);
            }
            tsURL = null;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(km, tm, (SecureRandom) null);
            httpsURLConnection.setSSLSocketFactory(new SSLTunnelSocketFactory(this, sSLContext.getSocketFactory(), this.proxyHost, this.proxyPort));
        } catch (GeneralSecurityException e6) {
            if (isDebugOn()) {
                this.logger.text(Logger.TRACE_LOW, "setSSLSocketFactory", MessageFormat.format("GeneralSecurityException while creating socket factory from key store {0} and trust store {1}", ksURL.toString(), tsURL.toString()), e6);
            }
            km = null;
            tm = null;
        }
    }

    protected boolean isDebugOn() {
        return this.logger.isLogging(Logger.TRACE_HIGH);
    }

    protected void trace(String str, String str2) {
        this.logger.text(Logger.TRACE_HIGH, str, str2);
    }

    protected void traceEntry(String str, Object[] objArr) {
        this.logger.entry(Logger.TRACE_HIGH, str, objArr);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
