package com.ibm.websm.bridge;

import com.ibm.websm.diagnostics.IDebug;
import com.ibm.websm.ssl.SSLCert;
import com.ibm.websm.ssl.SSLContext;
import com.ibm.websm.ssl.SSLPKCS12Token;
import com.ibm.websm.ssl.SSLServerSocket;
import com.ibm.websm.ssl.SSLSocket;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.UnknownHostException;

/* loaded from: input_file:com/ibm/websm/bridge/WSSLiteContext.class */
public class WSSLiteContext extends SSLContext {
    public static final String TEST_SUPPORTED = "com.ibm.websm.ssl.SSLSocket";
    private static final int PUBLIC = 0;
    private static final int PRIVATE = 1;
    private static final int CLIENT_AUTH = 2;
    private int _mode;
    public static String sccs_id = "@(#)75        1.5  src/sysmgt/dsm/com/ibm/websm/bridge/WSSLiteContext.java, wfbridge, websm530 1/12/04 15:58:14";
    private static WSSLiteContext[] contexts = {null, null, null};
    private static SSLPKCS12Token _publicToken = null;
    private static SSLPKCS12Token _privateToken = null;
    private static String _localDomain = null;
    private static boolean _triedlocalDomain = false;

    public static ServerSocket createServerSocket(int i, boolean z) throws IOException {
        try {
            return new SSLServerSocket(i, getContext(z ? 2 : 1), (Object) null);
        } catch (IOException e) {
            IDebug.println(e.toString());
            throw e;
        }
    }

    public static Socket createSocket(String str, int i, boolean z) throws UnknownHostException, IOException {
        try {
            return new SSLSocket(str, i, getContext(z ? 2 : 0), false, str);
        } catch (IOException e) {
            IDebug.println(e.toString());
            throw e;
        }
    }

    public static Socket createSocket(Socket socket, boolean z) throws IOException {
        try {
            SSLSocket sSLSocket = new SSLSocket(socket, false, getContext(z ? 2 : 1), true, (Object) null);
            if (IDebug.enabled) {
                IDebug.println(new StringBuffer().append("SSLite socket created. Cypher suite: ").append(sSLSocket.getCipherSuite()).toString());
            }
            return sSLSocket;
        } catch (IOException e) {
            if (IDebug.enabled) {
                IDebug.println(e.toString());
                e.printStackTrace();
            }
            throw e;
        }
    }

    public static Socket createSocket(Socket socket, String str, boolean z) throws IOException {
        try {
            SSLSocket sSLSocket = new SSLSocket(socket, false, getContext(z ? 2 : 0), false, str);
            if (IDebug.enabled) {
                IDebug.println(new StringBuffer().append("SSLight socket created. Cypher suite: ").append(sSLSocket.getCipherSuite()).toString());
            }
            return sSLSocket;
        } catch (IOException e) {
            if (IDebug.enabled) {
                IDebug.println(e.toString());
                e.printStackTrace();
            }
            throw e;
        }
    }

    protected boolean confirmPeerCertificate(Object obj, SSLCert sSLCert) {
        IDebug.println("confirmPeerCertificate");
        if (this._mode == 1) {
            return true;
        }
        String component = sSLCert.subjectName().getComponent(316532, 0);
        String str = "";
        try {
            str = System.getProperty("WSM_SSL_CORRELATOR");
        } catch (Exception e) {
        }
        if (str != null && str.length() > 0) {
            if (component.equalsIgnoreCase(str)) {
                if (!IDebug.enabled) {
                    return true;
                }
                IDebug.println("MMCorrelator matches exact name");
                return true;
            }
            if (!IDebug.enabled) {
                return false;
            }
            IDebug.println("MMCorrelator does not match");
            return false;
        }
        if (obj == null) {
            return true;
        }
        String str2 = (String) obj;
        IDebug.println(new StringBuffer().append("Server certified name: ").append(component).append(" server: ").append(str2).toString());
        String localDomain = getLocalDomain();
        if (component.equalsIgnoreCase(str2)) {
            IDebug.println("Server matches exact name");
            return true;
        }
        if (_localDomain != null && component.equalsIgnoreCase(new StringBuffer().append(str2).append(localDomain).toString())) {
            IDebug.println("Server matches with localDomain");
            return true;
        }
        if (localDomain == null && component.toLowerCase().startsWith(new StringBuffer().append(str2.toLowerCase()).append(".").toString())) {
            IDebug.println("Server matches short name");
            return true;
        }
        IDebug.println("Server names do not match.");
        return false;
    }

    private static WSSLiteContext getContext(int i) throws IOException {
        if (contexts[i] != null) {
            return contexts[i];
        }
        WSSLiteContext wSSLiteContext = new WSSLiteContext(i);
        if (IDebug.enabled) {
            String[] enabledCipherSuites = wSSLiteContext.getEnabledCipherSuites();
            IDebug.println("SSLite context created. Enabled cipher suites:");
            for (String str : enabledCipherSuites) {
                IDebug.println(new StringBuffer().append("   ").append(str).toString());
            }
            wSSLiteContext.debug = true;
        }
        contexts[i] = wSSLiteContext;
        return wSSLiteContext;
    }

    private WSSLiteContext(int i) throws IOException {
        this._mode = i;
        if (i == 2) {
            this.clientAuthentication = true;
        }
        if (i == 0 || i == 2) {
            importToken(getPublicToken());
        }
        if (i == 1 || i == 2) {
            importToken(getPrivateToken());
        }
        String[] enabledCipherSuites = getEnabledCipherSuites();
        boolean z = false;
        int i2 = 0;
        while (true) {
            if (i2 >= enabledCipherSuites.length) {
                break;
            }
            if ("SSL_RSA_WITH_RC4_128_SHA".equals(enabledCipherSuites[i2])) {
                z = true;
                break;
            }
            i2++;
        }
        if (z) {
            setEnabledCipherSuites("SSL_RSA_WITH_RC4_128_SHA SSL_RSA_EXPORT_WITH_RC4_40_MD5");
        } else {
            setEnabledCipherSuites("SSL_RSA_EXPORT_WITH_RC4_40_MD5");
        }
    }

    private SSLPKCS12Token getPublicToken() throws IOException {
        if (_publicToken == null) {
            try {
                InputStream resourceAsStream = getClass().getResourceAsStream("/SM.pubkr");
                IDebug.println(new StringBuffer().append("in class = ").append(resourceAsStream.getClass()).toString());
                byte[] bArr = new byte[4096];
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(4096);
                while (true) {
                    int read = resourceAsStream.read(bArr);
                    if (read <= 0) {
                        break;
                    }
                    byteArrayOutputStream.write(bArr, 0, read);
                }
                _publicToken = new SSLPKCS12Token();
                _publicToken.open(byteArrayOutputStream.toByteArray(), "defp");
            } catch (Exception e) {
                _publicToken = null;
                throw new IOException(new StringBuffer().append("Could not open public key ring: ").append(e).toString());
            }
        }
        return _publicToken;
    }

    private SSLPKCS12Token getPrivateToken() throws IOException {
        if (_privateToken == null) {
            _privateToken = new SSLPKCS12Token();
            FileInputStream fileInputStream = new FileInputStream("/var/websm/security/SM.privkr");
            try {
                byte[] bArr = new byte[(int) new File("/var/websm/security/SM.privkr").length()];
                fileInputStream.read(bArr);
                _privateToken.open(bArr, "defp");
            } catch (Exception e) {
                try {
                    fileInputStream.close();
                } catch (Exception e2) {
                }
                throw new IOException(new StringBuffer().append("Could not open private key ring: ").append(e).toString());
            }
        }
        return _privateToken;
    }

    private String getLocalDomain() {
        if (!_triedlocalDomain) {
            _triedlocalDomain = true;
            try {
                String hostName = InetAddress.getLocalHost().getHostName();
                int indexOf = hostName.indexOf(46);
                if (indexOf != -1) {
                    _localDomain = hostName.substring(indexOf);
                }
            } catch (Exception e) {
            }
        }
        return _localDomain;
    }
}
