package com.ibm.ISecurityLocalObjectBaseL13Impl;

import com.ibm.CORBA.iiop.ClientDelegate;
import com.ibm.CORBA.iiop.IOR;
import com.ibm.CORBA.iiop.ORB;
import com.ibm.CORBA.iiop.Profile;
import com.ibm.CSIv2Security.CSIv2RequirementsNotSatisfied;
import com.ibm.IExtendedSecurityReplaceablePriv.SecurityContext;
import com.ibm.IExtendedSecurityReplaceablePriv.SessionEntry;
import com.ibm.IExtendedSecurityReplaceablePriv.SessionEntryHolder;
import com.ibm.IExtendedSecurityReplaceablePriv.VaultPackage.SessionDoesNotExist;
import com.ibm.ISecurityL13SupportImpl.SecurityLogger;
import com.ibm.ISecurityL13SupportImpl.SecurityUIDGenerator;
import com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.CSIv2EffectivePerformPolicy;
import com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.CSIv2TaggedComponent;
import com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.CSIv2TaggedComponentHolder;
import com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.ServerConnectionKey;
import com.ibm.ISecurityUtilityImpl.ConfigURLProperties;
import com.ibm.ISecurityUtilityImpl.MechanismFactory;
import com.ibm.ISecurityUtilityImpl.RealmSecurityName;
import com.ibm.ISecurityUtilityImpl.SecConstants;
import com.ibm.ISecurityUtilityImpl.SecurityConfiguration;
import com.ibm.ISecurityUtilityImpl.SecurityMinorCodes;
import com.ibm.ISecurityUtilityImpl.SecurityProtocol;
import com.ibm.ISecurityUtilityImpl.ServiceInit;
import com.ibm.ISecurityUtilityImpl.StringBytesConversion;
import com.ibm.ISecurityUtilityImpl.VaultConstants;
import com.ibm.ras.RASFormatter;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.orb.transport.ConnectionData;
import com.ibm.ws.orb.transport.ConnectionDataCarrier;
import com.ibm.ws.orb.transport.ConnectionInformation;
import com.ibm.ws.orb.transport.DefaultConnectionInterceptor;
import com.ibm.ws.orb.transport.ServerConnectionData;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.orbssl.ConnectionDataImpl;
import com.ibm.ws.security.orbssl.ExtendedSSLConnectionData;
import com.ibm.ws.security.orbssl.SSLConnectionData;
import com.ibm.ws.security.orbssl.SSLServerConnectionData;
import com.ibm.ws.security.orbssl.SSLServerConnectionDataImpl;
import com.ibm.ws.security.orbssl.ServerConnectionDataImpl;
import com.ibm.ws.security.util.AccessController;
import com.sun.tools.doclets.TagletManager;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.CompletionStatus;
import org.omg.CORBA.INITIALIZE;
import org.omg.CORBA.INTERNAL;
import org.omg.CORBA.IntHolder;
import org.omg.CORBA.ORBPackage.InvalidName;
import org.omg.CORBA.Object;
import org.omg.CORBA.portable.Delegate;
import org.omg.CORBA.portable.IDLEntity;
import org.omg.CORBA.portable.ObjectImpl;
import org.omg.CSIIOP.TLS_SEC_TRANSHolder;
import org.omg.Security.AssociationStatus;
import org.omg.Security.CommunicationDirection;
import org.omg.Security.CredentialType;
import org.omg.Security.DuplicateAssociationOption;
import org.omg.Security.InvalidAssociationOption;
import org.omg.Security.InvalidCommDirection;
import org.omg.Security.InvalidCredentialType;
import org.omg.Security.InvalidTargetName;
import org.omg.Security.OptionsDirectionPair;
import org.omg.SecurityLevel2.Credentials;
import org.omg.SecurityLevel2.InvalidCredential;
import org.omg.SecurityReplaceable.SecurityContextHolder;

/* loaded from: input_file:lib/sas.jar:com/ibm/ISecurityLocalObjectBaseL13Impl/SecurityConnectionInterceptor.class */
public class SecurityConnectionInterceptor extends DefaultConnectionInterceptor {
    private VaultImpl vault = null;
    private SecurityConfiguration secConfig = null;
    private MechanismFactory mechFactory = null;
    private ORB orb = null;
    private SSLServerConnectionData csiServerSSLConnData = null;
    private SSLServerConnectionData csiClientCertServerSSLConnData = null;
    private SSLServerConnectionData sasServerSSLConnData = null;
    private ServerConnectionData serverTCPConnData = null;
    private CurrentImpl current = null;
    private DefaultConnectionInterceptor defaultConnInt = null;
    private static final int OutcomeUnknown = 0;
    private static final int OutcomeSuccessful = 1;
    private static final int OutcomeRetry = 2;
    private static final int OutcomeFail = 3;
    private static final short WebSphereAS = 16384;

    @Override // com.ibm.ws.orb.transport.ConnectionInterceptor
    public void init(ORB orb) {
        if (orb == null) {
            throw new INTERNAL("ORB is NULL passed into Security!!!");
        }
        this.orb = orb;
        this.defaultConnInt = new DefaultConnectionInterceptor();
        ServiceInit.getInstance().initialize(orb);
        if (ConfigURLProperties.isSecurityEnabled()) {
            SecurityLogger.logAudit("SecurityConnectionInterceptor.init", "security.LoadSCI");
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.init", "Initializing SecurityConnectionInterceptor.");
            }
            this.vault = getVault();
            if (this.vault == null) {
                SecurityLogger.logError("security.JSAS0010E", new Object[]{"SecurityConnectionInterceptor.init"});
                return;
            }
            this.secConfig = getSecurityConfig();
            this.mechFactory = this.vault.getMechanismFactory();
            this.vault.setSecurityConnectionInterceptor(this);
            this.vault.setORB(this.orb);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public CurrentImpl current() {
        if (this.current == null) {
            try {
                this.current = (CurrentImpl) this.orb.resolve_initial_references(CommonConstants.SECURITY_CURRENT);
            } catch (InvalidName e) {
                FFDCFilter.processException((Throwable) e, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.current", "373", (Object) this);
                SecurityLogger.logError("security.JSAS0438E", new Object[]{"SecurityConnectionInterceptor.current", e});
                this.current = null;
            } catch (Exception e2) {
                FFDCFilter.processException(e2, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.current", "382", this);
                SecurityLogger.logError("security.JSAS0030E", new Object[]{"SecurityConnectionInterceptor.current", e2});
                this.current = null;
            }
        }
        return this.current;
    }

    public int establishSecurityContext(SecurityContextHolder securityContextHolder, Object object, String str, short s, String str2, String str3, String str4, String str5, long j) {
        boolean session_exists;
        String str6 = null;
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.establishSecurityContext");
        }
        Credentials[] credentialsArr = new Credentials[1];
        CredentialsImpl credentialsImpl = null;
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", new StringBuffer().append("coalescedQOP is ").append((int) s).append("; EstablishTrustInClient value is ").append(64).toString());
        }
        if ((s & 64) != 0) {
            credentialsArr[0] = getCredentials(RealmSecurityName.getRealm(str2), str3);
            if (credentialsArr[0] == null || !(credentialsArr[0] instanceof CredentialsImpl)) {
                if (SecurityLogger.traceEnabled) {
                    SecurityLogger.traceMessage("SecurityConnectionInterceptor.establishSecurityContext", "JSAS0020W: Unable to get credentials. Trying unauthenticated login.");
                }
                securityContextHolder.value = null;
                if (!SecurityLogger.debugEntryEnabled) {
                    return 3;
                }
                SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                return 3;
            }
            credentialsImpl = (CredentialsImpl) credentialsArr[0];
            if (credentialsImpl.isUnauthenticated()) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Encountered unauthenticated credential. Proceed with insecure association.");
                }
                try {
                    this.current.set_credentials(CredentialType.SecInvocationCredentials, credentialsArr[0]);
                } catch (InvalidCredentialType e) {
                    FFDCFilter.processException((Throwable) e, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "457", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e, 0, 0);
                } catch (InvalidCredential e2) {
                    FFDCFilter.processException((Throwable) e2, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "452", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e2, 0, 0);
                }
                securityContextHolder.value = null;
                if (!SecurityLogger.debugEntryEnabled) {
                    return 3;
                }
                SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                return 3;
            }
            try {
                if (!credentialsImpl.is_valid(new IntHolder(0))) {
                    if (SecurityLogger.traceEnabled) {
                        SecurityLogger.traceMessage("SecurityConnectionInterceptor.establishSecurityContext", "JSAS0030W: Credentials are invalid. Trying unauthenticated login.");
                    }
                    securityContextHolder.value = null;
                    if (!SecurityLogger.debugEntryEnabled) {
                        return 3;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                    return 3;
                }
                str6 = credentialsImpl.getUniqueID();
            } catch (Exception e3) {
                FFDCFilter.processException(e3, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "522", this);
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Java runtime exception in establishSecurityContext.");
                SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e3, 0, 0);
            } catch (InvalidCredential e4) {
                FFDCFilter.processException((Throwable) e4, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "504", (Object) this);
                if (SecurityLogger.traceEnabled) {
                    SecurityLogger.traceMessage("SecurityConnectionInterceptor.establishSecurityContext", "JSAS0030W: Credentials are invalid. Trying unauthenticated login.");
                }
                SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e4, 0, 0);
                securityContextHolder.value = null;
                if (!SecurityLogger.debugEntryEnabled) {
                    return 3;
                }
                SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                return 3;
            }
        } else if (SecurityLogger.traceEnabled) {
            SecurityLogger.traceMessage("SecurityConnectionInterceptor.establishSecurityContext", "JSAS0120W: Security enabled but EstablishTrustInClient is not set.");
            SecurityLogger.traceMessage("SecurityConnectionInterceptor.establishSecurityContext", "JSAS0030W: Trying unauthenticated login.");
        }
        IntHolder intHolder = new IntHolder();
        AssociationStatus associationStatus = AssociationStatus.SecAssocSuccess;
        OptionsDirectionPair[] optionsDirectionPairArr = new OptionsDirectionPair[1];
        SecurityContext securityContext = null;
        SessionEntryHolder sessionEntryHolder = new SessionEntryHolder();
        if (str.equals("_non_existent") || j > 1) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", new StringBuffer().append("Checking for session using session_exists(). Attempts = ").append(j).toString());
            }
            session_exists = this.vault.session_exists(str6, str2, str3, s, intHolder);
        } else {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", new StringBuffer().append("Checking for session using session_exists_in_good_state(). Attempts = ").append(j).toString());
            }
            int session_exists_in_good_state = this.vault.session_exists_in_good_state(str6, str2, str3, s, intHolder);
            if (session_exists_in_good_state == 0) {
                session_exists = false;
            } else if (session_exists_in_good_state == 1) {
                session_exists = true;
            } else if (session_exists_in_good_state == 2) {
                session_exists = false;
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", new StringBuffer().append("In establishSecurityContext (SESSION_IN_INCOMPLETE_STATE), Client Creds before change: ").append(str6).toString());
                String createUID = SecurityUIDGenerator.createUID();
                CredentialsImpl credentialsImpl2 = (CredentialsImpl) credentialsImpl.copy();
                credentialsArr[0] = credentialsImpl2;
                credentialsImpl2.setUniqueID(new String(createUID));
                try {
                    this.current.set_credentials(CredentialType.SecInvocationCredentials, credentialsArr[0]);
                } catch (InvalidCredentialType e5) {
                    FFDCFilter.processException((Throwable) e5, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "652", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e5, 0, 0);
                } catch (InvalidCredential e6) {
                    FFDCFilter.processException((Throwable) e6, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "647", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e6, 0, 0);
                }
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", new StringBuffer().append("In establishSecurityContext (SESSION_IN_INCOMPLETE_STATE), Client Creds after change: ").append(createUID).toString());
            } else {
                session_exists = false;
            }
        }
        if (session_exists) {
            try {
                this.vault.get_session(intHolder.value, sessionEntryHolder);
                SessionEntry sessionEntry = sessionEntryHolder.value;
                if (sessionEntry.entry_state == AssociationStatus.SecAssocFailure) {
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", new StringBuffer().append("State of session entry ").append(sessionEntry).append(" is SecAssocFailure, returning empty connection key").toString());
                    }
                    if (!SecurityLogger.debugEntryEnabled) {
                        return 3;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                    return 3;
                }
                if (sessionEntry.entry_state == AssociationStatus.SecAssocContinue && SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", new StringBuffer().append("State of session entry ").append(sessionEntry).append(" is SecAssocContinue").toString());
                }
                try {
                    securityContext = (SecurityContext) this.vault.get_security_context(sessionEntry.session_id, "C");
                } catch (SessionDoesNotExist e7) {
                    FFDCFilter.processException((Throwable) e7, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "736", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e7, 0, 0);
                    if (!SecurityLogger.debugEntryEnabled) {
                        return 0;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                    return 0;
                }
            } catch (SessionDoesNotExist e8) {
                FFDCFilter.processException((Throwable) e8, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "676", (Object) this);
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Session was thought to exist but get_session failed.");
                }
                SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e8, 0, 0);
                if (!SecurityLogger.debugEntryEnabled) {
                    return 0;
                }
                SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                return 0;
            }
        } else {
            optionsDirectionPairArr[0] = new OptionsDirectionPair();
            optionsDirectionPairArr[0].options = s;
            optionsDirectionPairArr[0].direction = CommunicationDirection.SecDirectionBoth;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                new DataOutputStream(byteArrayOutputStream).writeBytes(str3);
                try {
                    AssociationStatus init_security_context = this.vault.init_security_context(credentialsArr, str2, object, null, optionsDirectionPairArr, str4, byteArrayOutputStream.toByteArray(), StringBytesConversion.getConvertedBytes(str5), null, securityContextHolder);
                    if (init_security_context != AssociationStatus.SecAssocFailure) {
                        if (init_security_context != AssociationStatus.SecAssocContinue) {
                            if (securityContextHolder.value instanceof SecurityContext) {
                                if (!SecurityLogger.debugEntryEnabled) {
                                    return 1;
                                }
                                SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                                return 1;
                            }
                            if (SecurityLogger.debugTraceEnabled) {
                                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Security Context not the correct instance.  Return OutcomeUnknown.");
                            }
                            if (!SecurityLogger.debugEntryEnabled) {
                                return 0;
                            }
                            SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                            return 0;
                        }
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "JSAS0456A: Trying again to form a secure association with the target.");
                        }
                        IDLEntity iDLEntity = null;
                        try {
                            iDLEntity = (Credentials) AccessController.doPrivileged(new PrivilegedExceptionAction(this) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.1
                                private final SecurityConnectionInterceptor this$0;

                                {
                                    this.this$0 = this;
                                }

                                @Override // java.security.PrivilegedExceptionAction
                                public Object run() throws InvalidCredentialType {
                                    Credentials credentials = this.this$0.current().get_credentials(CredentialType.SecInvocationCredentials, false, null);
                                    if (credentials == null) {
                                        credentials = this.this$0.current().get_credentials(CredentialType.SecOwnCredentials, false, null);
                                    }
                                    return credentials;
                                }
                            });
                            if (iDLEntity == null) {
                                SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.establishSecurityContext"});
                            }
                        } catch (PrivilegedActionException e9) {
                            FFDCFilter.processException(e9, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "972", this);
                            SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.establishSecurityContext", (InvalidCredentialType) e9.getException()});
                        } catch (Exception e10) {
                            FFDCFilter.processException(e10, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "978", this);
                            SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.establishSecurityContext", e10});
                        }
                        if (iDLEntity == null || !(iDLEntity instanceof CredentialsImpl) || !((CredentialsImpl) iDLEntity).isInvalidByRejection() || getSecurityConfig().authenticationRetryEnabled()) {
                            if (SecurityLogger.debugTraceEnabled) {
                                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Association Continue.  Return OutcomeRetry.");
                            }
                            if (!SecurityLogger.debugEntryEnabled) {
                                return 2;
                            }
                            SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                            return 2;
                        }
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Associated credentials have been rejected. No Retry is configured.");
                        }
                        try {
                            current().setSecurityContext((SecurityContext) null, SecurityProtocol.IBMString);
                        } catch (NullPointerException e11) {
                            FFDCFilter.processException(e11, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "966", this);
                            SecurityLogger.logError("security.JSAS0030E", new Object[]{"SecurityConnectionInterceptor.establishSecurityContext", e11});
                        } catch (Exception e12) {
                            FFDCFilter.processException(e12, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "972", this);
                            SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.establishSecurityContext", e12});
                        }
                        if (!SecurityLogger.debugEntryEnabled) {
                            return 3;
                        }
                        SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                        return 3;
                    }
                    SecurityLogger.logError("security.JSAS0040E", new Object[]{"SecurityConnectionInterceptor.establishSecurityContext"});
                } catch (DuplicateAssociationOption e13) {
                    FFDCFilter.processException((Throwable) e13, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "879", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e13, 0, 0);
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Duplicate Association Option.  Return OutcomeUnknown.");
                    }
                    if (!SecurityLogger.debugEntryEnabled) {
                        return 0;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                    return 0;
                } catch (InvalidAssociationOption e14) {
                    FFDCFilter.processException((Throwable) e14, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "859", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e14, 0, 0);
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Invalid association option.  Return OutcomeUnknown.");
                    }
                    if (!SecurityLogger.debugEntryEnabled) {
                        return 0;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                    return 0;
                } catch (InvalidCommDirection e15) {
                    FFDCFilter.processException((Throwable) e15, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "819", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e15, 0, 0);
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Invalid Comm Direction.  Return OutcomeUnknown.");
                    }
                    if (!SecurityLogger.debugEntryEnabled) {
                        return 0;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                    return 0;
                } catch (InvalidTargetName e16) {
                    FFDCFilter.processException((Throwable) e16, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "839", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e16, 0, 0);
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Invalid target name.  Return OutcomeUnknown.");
                    }
                    if (!SecurityLogger.debugEntryEnabled) {
                        return 0;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                    return 0;
                } catch (InvalidCredential e17) {
                    FFDCFilter.processException((Throwable) e17, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "799", (Object) this);
                    SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e17, 0, 0);
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishSecurityContext", "Invalid credential.  Return OutcomeUnknown.");
                    }
                    if (!SecurityLogger.debugEntryEnabled) {
                        return 0;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
                    return 0;
                }
            } catch (IOException e18) {
                FFDCFilter.processException(e18, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.establishSecurityContext", "780", this);
                SecurityLogger.logException("SecurityConnectionInterceptor.establishSecurityContext", e18, 0, 0);
                throw new INTERNAL();
            }
        }
        securityContextHolder.value = securityContext;
        if (!SecurityLogger.debugEntryEnabled) {
            return 1;
        }
        SecurityLogger.debugExit("SecurityConnectionInterceptor.establishSecurityContext");
        return 1;
    }

    protected short formCoalescedQOP(short s, short s2) {
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.formCoalescedQOP");
        }
        short s3 = s2;
        if ((s2 & 64) == 0 && getSecurityConfig().performClientAuthentication() && (s & 64) != 0) {
            s3 = (short) (s3 & 64);
        }
        if ((s2 & 32) == 0 && getSecurityConfig().performServerAuthentication() && (s & 32) != 0) {
            s3 = (short) (s3 & 32);
        }
        if ((s2 & 8) == 0 && getSecurityConfig().performMessageReplayDetection() && (s & 8) != 0) {
            s3 = (short) (s3 & 8);
        }
        if ((s2 & 16) == 0 && getSecurityConfig().performMessageOutOfSequenceDetection() && (s & 16) != 0) {
            s3 = (short) (s3 & 16);
        }
        if ((s2 & 2) == 0 && getSecurityConfig().performMessageIntegrity() && (s & 2) != 0) {
            s3 = (short) (s3 & 2);
        }
        if ((s2 & 4) == 0 && getSecurityConfig().performMessageConfidentiality() && (s & 4) != 0) {
            s3 = (short) (s3 & 4);
        }
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugExit("SecurityConnectionInterceptor.formCoalescedQOP");
        }
        return s3;
    }

    protected short formCSIv2CoalescedQOP(short s, short s2, CSIv2EffectivePerformPolicy cSIv2EffectivePerformPolicy) {
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.formCSIv2CoalescedQOP");
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.formCSIv2CoalescedQOP", new StringBuffer().append(" Input to formCSIv2CoalescedQOP: targetSupports: ").append((int) s).append(", targetRequires: ").append((int) s2).toString());
        }
        short s3 = 0;
        if (cSIv2EffectivePerformPolicy != null) {
            if (cSIv2EffectivePerformPolicy.performTLClientAuth()) {
                s3 = (short) (0 + 64);
            }
            if (cSIv2EffectivePerformPolicy.performTLServerAuth()) {
                s3 = (short) (s3 + 32);
            }
            if (cSIv2EffectivePerformPolicy.performMsgIntegrity()) {
                s3 = (short) (s3 + 2);
            }
            if (cSIv2EffectivePerformPolicy.performMsgConfidentiality()) {
                s3 = (short) (s3 + 4);
            }
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.formCSIv2CoalescedQOP", new StringBuffer().append(" Output from formCSIv2CoalescedQOP: targetSupports: ").append((int) s).append(" targetRequires: ").append((int) s2).append(" coalescedQOP: ").append((int) s3).toString());
        }
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugExit("SecurityConnectionInterceptor.formCSIv2CoalescedQOP");
        }
        return s3;
    }

    protected String formConnectionKey(String str, int i, String str2, short s) {
        Integer num = new Integer(i);
        Short sh = new Short(s);
        if (str2 == null) {
            str2 = RASFormatter.DEFAULT_SEPARATOR;
        }
        return str2.equals(VaultConstants.SSL_MECH_TYPE) ? new StringBuffer().append(str).append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append(num.toString()).append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append("IIOPSSL").append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append(sh.toString()).toString() : str2.equals(VaultConstants.DCE_MECH_TYPE) ? new StringBuffer().append(str).append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append(num.toString()).append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append("IIOPDCE").toString() : new StringBuffer().append(str).append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append(num.toString()).toString();
    }

    /* JADX WARN: Type inference failed for: r55v1, types: [java.lang.Throwable, com.ibm.CSIv2Security.CSIv2RequirementsNotSatisfied, java.lang.Exception] */
    @Override // com.ibm.ws.orb.transport.DefaultConnectionInterceptor, com.ibm.ws.orb.transport.ConnectionInterceptor
    public boolean getConnectionKey(Profile profile, int i, String str, long j, ConnectionDataCarrier connectionDataCarrier, Object object) {
        boolean connectionKeyForMethodRequest;
        if (!ConfigURLProperties.isSecurityEnabled()) {
            return this.defaultConnInt.getConnectionKey(profile, i, str, j, connectionDataCarrier, object);
        }
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.getConnectionKey");
        }
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = "indirect";
        int i2 = 0;
        int i3 = 0;
        short s = 0;
        short s2 = 0;
        short s3 = 0;
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        CSIv2EffectivePerformPolicy cSIv2EffectivePerformPolicy = null;
        ClientDelegate clientDelegate = null;
        IOR ior = null;
        Object object2 = null;
        Boolean bool = (Boolean) AccessController.doPrivileged(new PrivilegedAction(this, profile) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.2
            private final Profile val$tempProfile;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$tempProfile = profile;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return SecurityConnectionInterceptor.getHostfromProfile(this.val$tempProfile) == null ? new Boolean(false) : new Boolean(true);
            }
        });
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", new StringBuffer().append("profile.getHost returns: ").append(bool.booleanValue()).toString());
        }
        if (!bool.booleanValue()) {
            SecurityLogger.logError("security.JSAS0469E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey"});
            if (!SecurityLogger.debugEntryEnabled) {
                return false;
            }
            SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
            return false;
        }
        try {
            clientDelegate = ((ObjectImpl) object)._get_delegate();
            if (clientDelegate != null) {
                ior = clientDelegate.locatedIOR();
                if (ior != null && !ior.isBootstrap()) {
                    object2 = this.orb.IORToObject(ior);
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Not bootstrap IOR. Attempt to get the effective target.");
                }
                if (object2 == null) {
                    object2 = object;
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Effective target is null, setting to default proxy.");
                }
                if (str != null) {
                    if (str.length() != 0) {
                        str6 = "direct";
                    }
                }
                str6 = "indirect";
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1360", this);
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Java runtime exception while trying to get delegate from proxy.");
            SecurityLogger.logException("SecurityConnectionInterceptor.getConnectionKey", e, 0, 0);
            str6 = "<undefined>";
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", object2 != null ? new StringBuffer().append("getConnectionKey invoked with proxy ").append(object2).append(" on ORB ").append(this.orb).append(", attempt = ").append(j).toString() : new StringBuffer().append("getConnectionKey invoked with proxy NULL on ORB ").append(this.orb).append(", attempt = ").append(j).toString());
            if (j > 1) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", new StringBuffer().append("This is another attempt for a connection with the target; attempts = ").append(j).toString());
            }
        }
        boolean z5 = false;
        try {
            CSIv2TaggedComponent[] cSIv2TaggedComponentList = CSIv2TaggedComponent.getCSIv2TaggedComponentList(profile, ior);
            boolean z6 = cSIv2TaggedComponentList != null;
            SSLCompoundTaggedComponent sSLCompoundTaggedComponent = SSLCompoundTaggedComponent.getSSLCompoundTaggedComponent(profile, ior);
            if (sSLCompoundTaggedComponent == null) {
                SSLTaggedComponent sSLTaggedComponent = SSLTaggedComponent.getSSLTaggedComponent(profile, ior);
                if (sSLTaggedComponent != null) {
                    s = sSLTaggedComponent.get_targetCoalescedSuppQOP();
                    s2 = sSLTaggedComponent.get_targetCoalescedReqQOP();
                    i3 = sSLTaggedComponent.get_SSLPort();
                    z2 = true;
                }
                DCETaggedComponent dCETaggedComponent = DCETaggedComponent.getDCETaggedComponent(profile, ior);
                if (dCETaggedComponent != null) {
                    s3 = dCETaggedComponent.get_targetCoalescedReqQOP();
                    str4 = dCETaggedComponent.getMechanismType().trim();
                    str2 = dCETaggedComponent.get_targetCompleteName();
                    str3 = RealmSecurityName.getRealm(dCETaggedComponent.get_targetCompleteName());
                    z = true;
                    i2 = dCETaggedComponent.get_tagID();
                }
            } else {
                z3 = true;
                s = sSLCompoundTaggedComponent.get_targetCoalescedSuppQOP();
                s2 = sSLCompoundTaggedComponent.get_targetCoalescedReqQOP();
                i3 = sSLCompoundTaggedComponent.get_SSLPort();
                s3 = sSLCompoundTaggedComponent.get_targetCoalescedReqQOP();
                str4 = sSLCompoundTaggedComponent.getMechanismType().trim();
                str2 = sSLCompoundTaggedComponent.get_targetCompleteName();
                str3 = RealmSecurityName.getRealm(sSLCompoundTaggedComponent.get_targetCompleteName());
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", new StringBuffer().append("SSL tag found is ").append(z2).append(", security tag found is ").append(z).append(", SSL compound tag found is ").append(z3).append(", CSIv2 tag found is ").append(z6).append(", Mechanism is ").append(str4).append(";").toString());
            }
            if (z6 || z3 || z2 || z) {
                if (this.secConfig.getProtocol().compareToIgnoreCase(SecurityProtocol.IBMString) == 0) {
                    z5 = false;
                    if (!z3) {
                        if (!z2 || !z) {
                            if (!z2) {
                                SecurityLogger.traceMessage("SecurityConnectionInterceptor.getConnectionKey", "JSAS0404W: SSL Security Tag not found in IOR.");
                            }
                            if (z) {
                                return false;
                            }
                            SecurityLogger.traceMessage("SecurityConnectionInterceptor.getConnectionKey", "JSAS0403W: DCE Security Tag not found in IOR.");
                            return false;
                        }
                        if (!z2 && !z) {
                            SecurityLogger.traceMessage("SecurityConnectionInterceptor.getConnectionKey", "JSAS0406W: SSL Security Compound Tag not found in IOR.");
                            return false;
                        }
                    }
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Found required security tag components and configuration specifies IBM protocol.");
                } else if (this.secConfig.getProtocol().compareToIgnoreCase(SecurityProtocol.CSIV2String) == 0) {
                    if (!z6) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "CSI tag component is not found but configuration specifies CSIv2 protocol.");
                        return false;
                    }
                    z5 = true;
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Found required CSI tag component and configuration specifies CSIv2 protocol.");
                } else {
                    if (this.secConfig.getProtocol().compareToIgnoreCase("both") != 0) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Unrecognised security protocol configuration.");
                        return false;
                    }
                    if (!z6 && !z3 && (!z2 || !z)) {
                        if (!z6) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "CSI tag component is not found but configuration specifies both protocol");
                        }
                        if (!z3) {
                            SecurityLogger.traceMessage("SecurityConnectionInterceptor.getConnectionKey", "JSAS0406W: SSL Security Compound Tag not found in IOR.");
                        }
                        if (!z2) {
                            SecurityLogger.traceMessage("SecurityConnectionInterceptor.getConnectionKey", "JSAS0404W: SSL Security Tag not found in IOR.");
                        }
                        if (!z) {
                            SecurityLogger.traceMessage("SecurityConnectionInterceptor.getConnectionKey", "JSAS0403W: DCE Security Tag not found in IOR.");
                        }
                    }
                    if (z6 || !(z3 || z2 || z)) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Found CSI tag component and configuration specifies both security protocols.");
                        z5 = true;
                    } else {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Found required security tag components and configuration specifies both security protocols.");
                        z5 = false;
                    }
                }
            }
            if (z5) {
                cSIv2EffectivePerformPolicy = CSIv2EffectivePerformPolicy.getInstance(cSIv2TaggedComponentList);
                if (cSIv2EffectivePerformPolicy == null) {
                    cSIv2EffectivePerformPolicy = CSIv2EffectivePerformPolicy.getInstance();
                    cSIv2EffectivePerformPolicy.getEffectivePolicy(cSIv2TaggedComponentList);
                }
                if (cSIv2EffectivePerformPolicy == null) {
                    SecurityLogger.traceMessage("SecurityConnectionInterceptor.getConnectionKey", "Cannot form CSIv2EffectivePerformPolicy. Connection refused.");
                    if (!SecurityLogger.debugEntryEnabled) {
                        return false;
                    }
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
                    return false;
                }
                current().setEffectivePolicy(cSIv2EffectivePerformPolicy);
                String targetSecurityName = cSIv2EffectivePerformPolicy.getTargetSecurityName();
                str2 = targetSecurityName;
                str3 = targetSecurityName;
                CSIv2TaggedComponentHolder cSIv2TaggedComponent = cSIv2EffectivePerformPolicy.getCSIv2TaggedComponent();
                if (cSIv2EffectivePerformPolicy.performSSLTLS() && cSIv2TaggedComponent != null) {
                    int i4 = cSIv2TaggedComponent.value.get_Transport_tagID();
                    if (i4 != 36) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", new StringBuffer().append("Unrecognized transport tag ID: ").append(i4).append(". Connection refused.").toString());
                        if (!SecurityLogger.debugEntryEnabled) {
                            return false;
                        }
                        SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
                        return false;
                    }
                    TLS_SEC_TRANSHolder tls_sec_trans = cSIv2TaggedComponent.value.getTLS_SEC_TRANS();
                    s = tls_sec_trans.value.target_supports;
                    s2 = tls_sec_trans.value.target_requires;
                    String str7 = cSIv2TaggedComponent.value.get_Transport_Address().value.host_name;
                    i3 = cSIv2TaggedComponent.value.get_Transport_Address().value.port;
                    z4 = true;
                    if ((s2 & 32) == 0 && (s & 32) != 0) {
                        s2 = (short) (s2 | 32);
                    }
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", new StringBuffer().append("CSIv2TransportFound is ").append(true).append(", sslTargetSupports is ").append((int) s).append(", sslTargetRequires is ").append((int) s2).append(", sslport  is          ").append(i3).append(", hostname is          ").append(str7).append(";").toString());
                    }
                }
            }
            if (str3 != null && !str3.equals("")) {
                current().setTargetSecurityRealm(str3);
            }
            if (str.length() == 0) {
                connectionKeyForMethodRequest = getConnectionKeyForLocateRequest(profile, connectionDataCarrier, object2, clientDelegate, str6, z2 || z3 || z4, i3, s, s2, str, z4, cSIv2EffectivePerformPolicy);
            } else if ((profile.getPort() == 0 || !ORB.isSpecialMethod(str) || cSIv2EffectivePerformPolicy == null || cSIv2EffectivePerformPolicy.claimClientAuthenticationRequired() || str.equals("_non_existent")) && ((profile.getPort() == 0 || !isSpecialNamingMethod(str, object2)) && !isSpecialSSLRequiredNamingMethod(str, object2))) {
                connectionKeyForMethodRequest = getConnectionKeyForMethodRequest(profile, connectionDataCarrier, object2, clientDelegate, str6, z2, z, z3, i3, s, s2, s3, str, str2, str4, z4, cSIv2EffectivePerformPolicy);
            } else {
                connectionKeyForMethodRequest = getConnectionKeyForSpecialRequest(profile, connectionDataCarrier, object2, clientDelegate, str6, z2 || z3 || z4, i3, s, s2, str, z4, cSIv2EffectivePerformPolicy);
            }
            if (z6 && connectionKeyForMethodRequest && z5) {
                if (!SecurityLogger.debugEntryEnabled) {
                    return true;
                }
                SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
                return true;
            }
            if (z6 && !connectionKeyForMethodRequest) {
                SecurityLogger.traceMessage("SecurityConnectionInterceptor.getConnectionKey", "Cannot form valid connection key. Connection refused.");
                if (!SecurityLogger.debugEntryEnabled) {
                    return false;
                }
                SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
                return false;
            }
            if (connectionDataCarrier.getConnectionData() != null) {
                str5 = connectionDataCarrier.getConnectionData().getConnectionKey();
            }
            if (connectionKeyForMethodRequest && j > 1) {
                IDLEntity iDLEntity = null;
                try {
                    iDLEntity = (Credentials) AccessController.doPrivileged(new PrivilegedExceptionAction(this) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.3
                        private final SecurityConnectionInterceptor this$0;

                        {
                            this.this$0 = this;
                        }

                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws InvalidCredentialType {
                            Credentials credentials = this.this$0.current().get_credentials(CredentialType.SecInvocationCredentials, false, null);
                            if (credentials == null) {
                                credentials = this.this$0.current().get_credentials(CredentialType.SecOwnCredentials, false, null);
                            }
                            return credentials;
                        }
                    });
                } catch (NullPointerException e2) {
                    FFDCFilter.processException(e2, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1902", this);
                    SecurityLogger.logError("security.JSAS0030E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e2});
                } catch (PrivilegedActionException e3) {
                    FFDCFilter.processException(e3, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1896", this);
                    SecurityLogger.logError("security.JSAS0030E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", (InvalidCredentialType) e3.getException()});
                } catch (Exception e4) {
                    FFDCFilter.processException(e4, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1908", this);
                    SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e4});
                }
                if (iDLEntity == null || !(iDLEntity instanceof CredentialsImpl)) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Cannot get any valid Credentials");
                } else {
                    CredentialsImpl credentialsImpl = (CredentialsImpl) iDLEntity;
                    if (str.length() != 0) {
                        if ((s3 & 16384) == 0) {
                            if (credentialsImpl.isInvalidByRejection() && !getSecurityConfig().authenticationRetryEnabled()) {
                                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Existing credential has been rejected. No Retry is configured");
                                try {
                                    current().setSecurityContext((SecurityContext) null, SecurityProtocol.IBMString);
                                } catch (NullPointerException e5) {
                                    FFDCFilter.processException(e5, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1822", this);
                                    SecurityLogger.logError("security.JSAS0030E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e5});
                                } catch (Exception e6) {
                                    FFDCFilter.processException(e6, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1829", this);
                                    SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e6});
                                }
                                if (!SecurityLogger.debugEntryEnabled) {
                                    return true;
                                }
                                SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
                                return true;
                            }
                        } else if ((((!isSpecialNamingMethod(str, object2) || profile.getPort() == 0) && !isSpecialSSLRequiredNamingMethod(str, object2) && (!ORB.isSpecialMethod(str) || profile.getPort() == 0 || (cSIv2EffectivePerformPolicy != null && cSIv2EffectivePerformPolicy.claimClientAuthenticationRequired()))) || str.equals("_non_existent")) && credentialsImpl.isInvalidByRejection() && !getSecurityConfig().authenticationRetryEnabled()) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Existing credential has been rejected. No Retry is configured");
                            try {
                                current().setSecurityContext((SecurityContext) null, SecurityProtocol.IBMString);
                            } catch (NullPointerException e7) {
                                FFDCFilter.processException(e7, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1861", this);
                                SecurityLogger.logError("security.JSAS0030E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e7});
                            } catch (Exception e8) {
                                FFDCFilter.processException(e8, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1867", this);
                                SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e8});
                            }
                            if (!SecurityLogger.debugEntryEnabled) {
                                return true;
                            }
                            SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
                            return true;
                        }
                    }
                }
            }
            if (!connectionKeyForMethodRequest || z5) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "No connection key could be formed -- invalidating the connection attempt.");
                }
                if (!SecurityLogger.debugEntryEnabled) {
                    return false;
                }
                SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
                return false;
            }
            if ((s3 & 16384) != 0) {
                if (str == null || str.length() <= 0 || (((isSpecialNamingMethod(str, object2) && profile.getPort() != 0) || isSpecialSSLRequiredNamingMethod(str, object2) || (ORB.isSpecialMethod(str) && profile.getPort() != 0 && (cSIv2EffectivePerformPolicy == null || !cSIv2EffectivePerformPolicy.claimClientAuthenticationRequired()))) && !str.equals("_non_existent"))) {
                    try {
                        current().setSecurityContext((SecurityContext) null, SecurityProtocol.IBMString);
                    } catch (NullPointerException e9) {
                        FFDCFilter.processException(e9, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1921", this);
                        SecurityLogger.logError("security.JSAS0030E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e9});
                    } catch (Exception e10) {
                        FFDCFilter.processException(e10, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1927", this);
                        SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e10});
                    }
                } else {
                    getSecureAssociation(profile, connectionDataCarrier, object, clientDelegate, str6, z2, z, z3, str2, str4, i2, str, str5, j);
                }
            } else if (str == null || str.length() <= 0 || (((profile.getPort() != 0 && isSpecialNamingMethod(str, object2)) || isSpecialSSLRequiredNamingMethod(str, object2) || (profile.getPort() != 0 && ORB.isSpecialMethod(str) && (cSIv2EffectivePerformPolicy == null || !cSIv2EffectivePerformPolicy.claimClientAuthenticationRequired()))) && !str.equals("_non_existent"))) {
                try {
                    current().setSecurityContext((SecurityContext) null, SecurityProtocol.IBMString);
                } catch (NullPointerException e11) {
                    FFDCFilter.processException(e11, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1959", this);
                    SecurityLogger.logError("security.JSAS0030E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e11});
                } catch (Exception e12) {
                    FFDCFilter.processException(e12, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1965", this);
                    SecurityLogger.logError("security.JSAS0439E", new Object[]{"SecurityConnectionInterceptor.getConnectionKey", e12});
                }
            } else {
                getSecureAssociation(profile, connectionDataCarrier, object, clientDelegate, str6, z2, z, z3, str2, str4, i2, str, str5, j);
            }
            if (!SecurityLogger.debugEntryEnabled) {
                return true;
            }
            SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
            return true;
        } catch (CSIv2RequirementsNotSatisfied e13) {
            FFDCFilter.processException((Throwable) e13, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1760", this);
            if (SecurityLogger.traceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "CSIv2RequirementsNotSatisfied Exception caught in getConnectionKey.");
                SecurityLogger.logException("SecurityConnectionInterceptor.getConnectionKey", e13, 0, 0);
            }
            if (SecurityLogger.debugEntryEnabled) {
                SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
            }
            throw new INITIALIZE(e13.debugMessage, SecurityMinorCodes.SECURITY_CONFIG_ERROR, CompletionStatus.COMPLETED_NO);
        } catch (Exception e14) {
            FFDCFilter.processException(e14, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getConnectionKey", "1764", this);
            if (SecurityLogger.traceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKey", "Java runtime exception in getConnectionKey.");
                SecurityLogger.logException("SecurityConnectionInterceptor.getConnectionKey", e14, 0, 0);
            }
            if (SecurityLogger.debugEntryEnabled) {
                SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKey");
            }
            if (e14.getMessage() == null || e14.getMessage().equals("")) {
                throw new INTERNAL(e14.getMessage(), SecurityMinorCodes.JAVA_EXCEPTION, CompletionStatus.COMPLETED_NO);
            }
            throw new INTERNAL("Java runtime exception in getConnectionKey.", SecurityMinorCodes.JAVA_EXCEPTION, CompletionStatus.COMPLETED_NO);
        }
    }

    public boolean getConnectionKeyForLocateRequest(Profile profile, ConnectionDataCarrier connectionDataCarrier, Object object, Delegate delegate, String str, boolean z, int i, short s, short s2, String str2, boolean z2, CSIv2EffectivePerformPolicy cSIv2EffectivePerformPolicy) {
        String createSimpleKey;
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest");
        }
        if (SecurityLogger.debugTraceEnabled) {
            if (object == null) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest", "Forming connection key for locate request. No proxy available.");
            } else if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest", new StringBuffer().append("Forming connection key for locate request on ").append(object.getClass().getName()).append(" -- ").append(str).toString());
            }
        }
        if (z && (cSIv2EffectivePerformPolicy == null || cSIv2EffectivePerformPolicy.performSSLTLS())) {
            String hostfromProfile = getHostfromProfile(profile);
            int i2 = i & 65535;
            short formCoalescedQOP = (!z2 || cSIv2EffectivePerformPolicy == null) ? formCoalescedQOP(s, s2) : formCSIv2CoalescedQOP(s, s2, cSIv2EffectivePerformPolicy);
            String str3 = VaultConstants.SSL_MECH_TYPE;
            createSimpleKey = formConnectionKey(hostfromProfile, i2, str3, formCoalescedQOP);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest", "Setting SSL ExtendedSSLConnectionData object.");
            }
            connectionDataCarrier.setConnectionData(new ExtendedSSLConnectionData(createSimpleKey, 1, formCoalescedQOP, 0, null, getSecurityConfig()));
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest", new StringBuffer().append("SSL key set, mechanism is ").append(str3).toString());
            }
        } else {
            createSimpleKey = createSimpleKey(getHostfromProfile(profile), profile.getPort());
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest", "Setting TCPIP ConnectionDataImpl object.");
            }
            connectionDataCarrier.setConnectionData(new ConnectionDataImpl(createSimpleKey, 2));
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest", new StringBuffer().append("TCP Connection, connection type is ").append(2).toString());
            }
        }
        if (SecurityLogger.debugTraceEnabled) {
            if (object != null) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest", new StringBuffer().append("Returning connection key - ").append(createSimpleKey).append(" for locate request on ").append(object.getClass().getName()).toString());
            } else {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest", new StringBuffer().append("Returning connection key - ").append(createSimpleKey).append(" for locate request.").toString());
            }
        }
        if (!SecurityLogger.debugEntryEnabled) {
            return true;
        }
        SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKeyForLocateRequest");
        return true;
    }

    public boolean getConnectionKeyForMethodRequest(Profile profile, ConnectionDataCarrier connectionDataCarrier, Object object, Delegate delegate, String str, boolean z, boolean z2, boolean z3, int i, short s, short s2, short s3, String str2, String str3, String str4, boolean z4, CSIv2EffectivePerformPolicy cSIv2EffectivePerformPolicy) {
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.getConnectionKeyForMethodRequest");
        }
        Credentials[] credentialsArr = new Credentials[1];
        if (SecurityLogger.debugTraceEnabled) {
            if (object != null) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForMethodRequest", new StringBuffer().append("Forming connection key for method - ").append(str2).append(" on ").append(object.getClass().getName()).append(" -- ").append(str).toString());
            } else {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForMethodRequest", new StringBuffer().append("Forming connection key for method - ").append(str2).append(". No proxy available.").toString());
            }
        }
        String establishConnectionInfo = establishConnectionInfo(profile, connectionDataCarrier, z, z2, z3, i, s, s2, s3, new StringBuffer().append(getHostfromProfile(profile)).append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append(profile.getPort()).toString(), z4, cSIv2EffectivePerformPolicy);
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForMethodRequest", object != null ? new StringBuffer().append("Returning connection key - ").append(establishConnectionInfo).append(" for ").append(str2).append(" request on ").append(object.getClass().getName()).toString() : new StringBuffer().append("Returning connection key - ").append(establishConnectionInfo).append(" for ").append(str2).append(" request.").toString());
        }
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKeyForMethodRequest");
        }
        return establishConnectionInfo != null;
    }

    public boolean getConnectionKeyForSpecialRequest(Profile profile, ConnectionDataCarrier connectionDataCarrier, Object object, Delegate delegate, String str, boolean z, int i, short s, short s2, String str2, boolean z2, CSIv2EffectivePerformPolicy cSIv2EffectivePerformPolicy) {
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.getConnectionKeyForSpecialRequest");
        }
        String str3 = null;
        if (SecurityLogger.debugTraceEnabled) {
            if (object == null) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForSpecialRequest", new StringBuffer().append("Forming connection key for ").append(str2).append(" request. No proxy available.").toString());
            } else if (delegate != null) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForSpecialRequest", new StringBuffer().append("Forming connection key for ").append(str2).append(" request on ").append(object.getClass().getName()).append(" -- ").append(str).toString());
            }
        }
        if (this.secConfig.getProtocol().compareToIgnoreCase(SecurityProtocol.CSIV2String) == 0 && ((profile.getPort() == 0 && isSpecialNamingMethod(str2, object)) || isSpecialSSLRequiredNamingMethod(str2, object))) {
            String hostfromProfile = getHostfromProfile(profile);
            int i2 = i & 65535;
            short formCoalescedQOP = (!z2 || cSIv2EffectivePerformPolicy == null) ? formCoalescedQOP(s, s2) : formCSIv2CoalescedQOP(s, s2, cSIv2EffectivePerformPolicy);
            str3 = formConnectionKey(hostfromProfile, i2, VaultConstants.SSL_MECH_TYPE, formCoalescedQOP);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForSpecialRequest", "Setting SSL ExtendedSSLConnectionData object for special naming method for CSIv2.");
            }
            connectionDataCarrier.setConnectionData(new ExtendedSSLConnectionData(str3, 1, formCoalescedQOP, 0, null, getSecurityConfig()));
        }
        if (str3 == null) {
            if (!z || (isSpecialNamingMethod(str2, object) && profile.getPort() != 0)) {
                str3 = createSimpleKey(getHostfromProfile(profile), profile.getPort());
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForSpecialRequest", "Setting TCPIP ConnectionDataImpl object.");
                }
                connectionDataCarrier.setConnectionData(new ConnectionDataImpl(str3, 2));
            } else {
                String hostfromProfile2 = getHostfromProfile(profile);
                int i3 = i & 65535;
                short formCoalescedQOP2 = (!z2 || cSIv2EffectivePerformPolicy == null) ? formCoalescedQOP(s, s2) : formCSIv2CoalescedQOP(s, s2, cSIv2EffectivePerformPolicy);
                str3 = formConnectionKey(hostfromProfile2, i3, VaultConstants.SSL_MECH_TYPE, formCoalescedQOP2);
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForSpecialRequest", "Setting SSL ExtendedSSLConnectionData object.");
                }
                connectionDataCarrier.setConnectionData(new ExtendedSSLConnectionData(str3, 1, formCoalescedQOP2, 0, null, getSecurityConfig()));
            }
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getConnectionKeyForSpecialRequest", object != null ? new StringBuffer().append("Returning connection key - ").append(str3).append(" for ").append(str2).append(" on ").append(object.getClass().getName()).toString() : new StringBuffer().append("Returning connection key - ").append(str3).append(" for ").append(str2).toString());
        }
        if (!SecurityLogger.debugEntryEnabled) {
            return true;
        }
        SecurityLogger.debugExit("SecurityConnectionInterceptor.getConnectionKeyForSpecialRequest");
        return true;
    }

    /* JADX WARN: Code restructure failed: missing block: B:140:0x046c, code lost:
    
        if (r12.refresh() == false) goto L141;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private org.omg.SecurityLevel2.Credentials getCredentials(java.lang.String r8, java.lang.String r9) {
        /*
            Method dump skipped, instructions count: 1194
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getCredentials(java.lang.String, java.lang.String):org.omg.SecurityLevel2.Credentials");
    }

    public SSLServerConnectionData getSASRegisteredSSLServerConnectionDataObject() {
        return this.sasServerSSLConnData;
    }

    public SSLServerConnectionData getCSIRegisteredSSLServerConnectionDataObject() {
        return this.csiServerSSLConnData;
    }

    public SSLServerConnectionData getCSIClientCertRegisteredSSLServerConnectionDataObject() {
        return this.csiClientCertServerSSLConnData;
    }

    public ServerConnectionData getRegisteredTCPServerConnectionDataObject() {
        return this.serverTCPConnData;
    }

    public boolean getSecureAssociation(Profile profile, ConnectionDataCarrier connectionDataCarrier, Object object, Delegate delegate, String str, boolean z, boolean z2, boolean z3, String str2, String str3, int i, String str4, String str5, long j) {
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.getSecureAssociation");
        }
        short s = 0;
        Credentials[] credentialsArr = new Credentials[1];
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSecureAssociation", "Getting a secure association.");
        }
        String stringBuffer = new StringBuffer().append(getHostfromProfile(profile)).append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append(profile.getPort()).toString();
        if (z3 || z || z2) {
            boolean z4 = true;
            int i2 = 0;
            SecurityContextHolder securityContextHolder = new SecurityContextHolder();
            if (connectionDataCarrier.getConnectionData() instanceof ExtendedSSLConnectionData) {
                s = ((ExtendedSSLConnectionData) connectionDataCarrier.getConnectionData()).getPerformQOP();
            }
            while (z4) {
                i2++;
                int establishSecurityContext = establishSecurityContext(securityContextHolder, object, str4, s, str2, stringBuffer, str3, str5, j);
                if (securityContextHolder != null && securityContextHolder.value != null) {
                    setSecCntxtServiceID(securityContextHolder, z, z2, z3, i);
                }
                switch (establishSecurityContext) {
                    case 0:
                        if (securityContextHolder.value != null && (connectionDataCarrier.getConnectionData() instanceof ExtendedSSLConnectionData)) {
                            if (SecurityLogger.debugTraceEnabled) {
                                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSecureAssociation", new StringBuffer().append("Setting security context on connection data object using session handle: ").append(((SecurityContextImpl) securityContextHolder.value)._sessionHandle).toString());
                            }
                            current().setSecurityContext((SecurityContext) securityContextHolder.value, SecurityProtocol.IBMString);
                            ((ExtendedSSLConnectionData) connectionDataCarrier.getConnectionData()).setSecurityContext((SecurityContext) securityContextHolder.value);
                        }
                        if (!SecurityLogger.debugEntryEnabled) {
                            return false;
                        }
                        SecurityLogger.debugExit("SecurityConnectionInterceptor.getSecureAssociation");
                        return false;
                    case 1:
                        z4 = false;
                        break;
                    case 2:
                        if (i2 <= 10) {
                            z4 = true;
                            break;
                        } else {
                            if (securityContextHolder.value != null && (connectionDataCarrier.getConnectionData() instanceof ExtendedSSLConnectionData)) {
                                if (SecurityLogger.debugTraceEnabled) {
                                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSecureAssociation", new StringBuffer().append("Setting security context on connection data object using session handle: ").append(((SecurityContextImpl) securityContextHolder.value)._sessionHandle).toString());
                                }
                                current().setSecurityContext((SecurityContext) securityContextHolder.value, SecurityProtocol.IBMString);
                                ((ExtendedSSLConnectionData) connectionDataCarrier.getConnectionData()).setSecurityContext((SecurityContext) securityContextHolder.value);
                            }
                            if (!SecurityLogger.debugEntryEnabled) {
                                return false;
                            }
                            SecurityLogger.debugExit("SecurityConnectionInterceptor.getSecureAssociation");
                            return false;
                        }
                    case 3:
                        z4 = false;
                        break;
                }
            }
            if (securityContextHolder.value != null && (connectionDataCarrier.getConnectionData() instanceof ExtendedSSLConnectionData)) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSecureAssociation", new StringBuffer().append("Setting security context on connection data object (").append(connectionDataCarrier.getConnectionData()).append("), session handle: ").append(((SecurityContextImpl) securityContextHolder.value)._sessionHandle).toString());
                }
                current().setSecurityContext((SecurityContext) securityContextHolder.value, SecurityProtocol.IBMString);
                ((ExtendedSSLConnectionData) connectionDataCarrier.getConnectionData()).setSecurityContext((SecurityContext) securityContextHolder.value);
            }
            if (SecurityLogger.debugTraceEnabled && securityContextHolder.value != null) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSecureAssociation", new StringBuffer().append("Getting security context on connection data object (").append(connectionDataCarrier.getConnectionData()).append("), session handle: ").append(((SecurityContextImpl) securityContextHolder.value)._sessionHandle).toString());
            }
        }
        if (!SecurityLogger.debugEntryEnabled) {
            return true;
        }
        SecurityLogger.debugExit("SecurityConnectionInterceptor.getSecureAssociation");
        return true;
    }

    @Override // com.ibm.ws.orb.transport.DefaultConnectionInterceptor, com.ibm.ws.orb.transport.ConnectionInterceptor
    public ServerConnectionData[] getServerConnectionData(ORB orb) {
        String str;
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.getServerConnectionData");
        }
        try {
            str = orb.getLocalHost();
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getServerConnectionData", "2949", this);
            str = null;
            SecurityLogger.logError("security.JSAS0445E", new Object[]{"SecurityConnectionInterceptor.getServerConnectionData", e});
        }
        if (str == null || str.length() == 0) {
            str = "localHost";
        }
        if (!ConfigURLProperties.isSecurityEnabled()) {
            return this.defaultConnInt.getServerConnectionData(orb);
        }
        int i = 0;
        try {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Getting TCPIP ConnectionObject.");
            }
            getTcpConnectionObject(str);
            if ((this.secConfig.getProtocol().compareToIgnoreCase(SecurityProtocol.IBMString) == 0 || this.secConfig.getProtocol().compareToIgnoreCase("both") == 0) && getSecurityConfig().SSLTypeIClientAssociationEnabled()) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Getting SAS SSL ConnectionObject.");
                }
                getSASSSLConnectionObject(str);
            }
            if (this.secConfig.getProtocol().compareToIgnoreCase(SecurityProtocol.CSIV2String) == 0 || this.secConfig.getProtocol().compareToIgnoreCase("both") == 0) {
                if (this.secConfig.getCSIv2ClaimTransportAssocSSLTLSRequired()) {
                    if (this.secConfig.getCSIv2ClaimTLClientAuthenticationRequired()) {
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Getting CSIv2 SSL (w/ClientCert) ConnectionObject.");
                        }
                        getCSIClientCertSSLConnectionObject(str);
                    } else if (this.secConfig.getCSIv2ClaimTLClientAuthenticationSupported()) {
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Getting CSIv2 SSL (w/ and w/o ClientCert) ConnectionObjects.");
                        }
                        getCSISSLConnectionObject(str);
                        getCSIClientCertSSLConnectionObject(str);
                    } else {
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Getting CSIv2 SSL (w/o ClientCert) ConnectionObjects.");
                        }
                        getCSISSLConnectionObject(str);
                    }
                    if (this.secConfig.getProtocol().compareToIgnoreCase(SecurityProtocol.CSIV2String) == 0) {
                        ((ServerConnectionDataImpl) this.serverTCPConnData).setAddToServerProfile(false);
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", new StringBuffer().append("The TCP/IP port in the IOR profile will be 0.  The value of AddToServerProfile is ").append(this.serverTCPConnData.getAddToServerProfile()).toString());
                        }
                    }
                } else if (this.secConfig.getCSIv2ClaimTransportAssocSSLTLSSupported()) {
                    if (this.secConfig.getCSIv2ClaimTLClientAuthenticationRequired()) {
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Getting CSIv2 SSL (w/ClientCert) ConnectionObject.");
                        }
                        getCSIClientCertSSLConnectionObject(str);
                    } else if (this.secConfig.getCSIv2ClaimTLClientAuthenticationSupported()) {
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Getting CSIv2 SSL (w/ and w/o ClientCert) ConnectionObjects.");
                        }
                        getCSISSLConnectionObject(str);
                        getCSIClientCertSSLConnectionObject(str);
                    } else {
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Getting CSIv2 SSL (w/o ClientCert) ConnectionObjects.");
                        }
                        getCSISSLConnectionObject(str);
                    }
                }
            }
            if (this.serverTCPConnData != null) {
                i = 0 + 1;
            }
            if (this.sasServerSSLConnData != null) {
                i++;
            }
            if (this.csiServerSSLConnData != null) {
                i++;
            }
            if (this.csiClientCertServerSSLConnData != null) {
                i++;
            }
            ServerConnectionData[] serverConnectionDataArr = new ServerConnectionData[i];
            int i2 = i;
            if (this.serverTCPConnData != null) {
                int i3 = i;
                i--;
                serverConnectionDataArr[i2 - i3] = this.serverTCPConnData;
            }
            if (this.sasServerSSLConnData != null) {
                int i4 = i;
                i--;
                serverConnectionDataArr[i2 - i4] = this.sasServerSSLConnData;
            }
            if (this.csiServerSSLConnData != null) {
                int i5 = i;
                i--;
                serverConnectionDataArr[i2 - i5] = this.csiServerSSLConnData;
            }
            if (this.csiClientCertServerSSLConnData != null) {
                int i6 = i;
                int i7 = i - 1;
                serverConnectionDataArr[i2 - i6] = this.csiClientCertServerSSLConnData;
            }
            if (SecurityLogger.debugEntryEnabled) {
                SecurityLogger.debugExit("SecurityConnectionInterceptor.getServerConnectionData");
            }
            return serverConnectionDataArr;
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.getServerConnectionData", "3131", this);
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.getServerConnectionData", "Java runtime exception while trying to get_credentials from current.");
            SecurityLogger.logException("SecurityConnectionInterceptor.getServerConnectionData", e2, 0, 0);
            if (!SecurityLogger.debugEntryEnabled) {
                return null;
            }
            SecurityLogger.debugExit("SecurityConnectionInterceptor.getServerConnectionData");
            return null;
        }
    }

    @Override // com.ibm.ws.orb.transport.DefaultConnectionInterceptor, com.ibm.ws.orb.transport.ConnectionInterceptor
    public void notifyBrokenConnection(ConnectionInformation connectionInformation) {
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.notifyBrokenConnection");
        }
        String connectionKey = ((ConnectionData) connectionInformation.getConnectionData()).getConnectionKey();
        String remoteHost = connectionInformation.getRemoteHost();
        int remotePort = connectionInformation.getRemotePort();
        long connectionCreationTime = connectionInformation.getConnectionCreationTime();
        if (this.vault != null && this.secConfig.NotifyBrokenConnectionEnabled()) {
            if (remoteHost == null || remotePort == -1) {
                if (SecurityLogger.debugTraceEnabled && connectionKey != null) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.notifyBrokenConnection", new StringBuffer().append("A client connection is broken:  ").append(connectionKey).toString());
                }
                this.vault.deleteSessionsForConnection(connectionKey);
            } else {
                ServerConnectionKey serverConnectionKey = new ServerConnectionKey(connectionCreationTime, remoteHost, remotePort);
                if (SecurityLogger.debugTraceEnabled && serverConnectionKey != null) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.notifyBrokenConnection", new StringBuffer().append("A server connection is broken: ").append(serverConnectionKey.get_server_connection_hash()).toString());
                }
                this.vault.deleteSessionsForConnection(serverConnectionKey);
            }
        }
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugExit("SecurityConnectionInterceptor.notifyBrokenConnection");
        }
    }

    private void setSecCntxtServiceID(SecurityContextHolder securityContextHolder, boolean z, boolean z2, boolean z3, int i) {
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.setSecCntxtServiceID");
        }
        if (!(securityContextHolder.value instanceof SecurityContextImpl)) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.setSecCntxtServiceID", "Unexpected type of SecurityContext object encountered.");
            }
            if (SecurityLogger.debugEntryEnabled) {
                SecurityLogger.debugExit("SecurityConnectionInterceptor.setSecCntxtServiceID");
            }
            throw new INTERNAL();
        }
        if (z3) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.setSecCntxtServiceID", "Setting new OMG SSL security service context id with respect to new SSL compound tag.");
            }
            ((SecurityContextImpl) securityContextHolder.value).setSecServiceID(SecConstants.SSL_SEC_CTX_OMG);
            ((SecurityContextImpl) securityContextHolder.value).setTargetSecSSLTagID(SecConstants.SSL_COMPOUND_TAG);
            ((SecurityContextImpl) securityContextHolder.value).setTargetSecTagID(0);
        } else {
            if (!z || !z2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.setSecCntxtServiceID", "Unexpected security tag. No service context id will be set.");
                }
                if (SecurityLogger.debugEntryEnabled) {
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.setSecCntxtServiceID");
                    return;
                }
                return;
            }
            if (i == 1229081862) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.setSecCntxtServiceID", "Setting new OMG SSL security service context id with respect to new OMG security tag.");
                }
                ((SecurityContextImpl) securityContextHolder.value).setSecServiceID(SecConstants.SSL_SEC_CTX_OMG);
            } else {
                if (i != 777) {
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SecurityConnectionInterceptor.setSecCntxtServiceID", "Unexpected security tag. No service context id will be set.");
                    }
                    if (SecurityLogger.debugEntryEnabled) {
                        SecurityLogger.debugExit("SecurityConnectionInterceptor.setSecCntxtServiceID");
                        return;
                    }
                    return;
                }
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.setSecCntxtServiceID", "Setting old SSL security service context id with respect to old security tag.");
                }
                ((SecurityContextImpl) securityContextHolder.value).setSecServiceID(SecConstants.SSL_SEC_CTX);
            }
            ((SecurityContextImpl) securityContextHolder.value).setTargetSecSSLTagID(20);
            ((SecurityContextImpl) securityContextHolder.value).setTargetSecTagID(i);
        }
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugExit("SecurityConnectionInterceptor.setSecCntxtServiceID");
        }
    }

    public static boolean isSpecialNamingMethod(String str, Object object) {
        if (object == null) {
            return false;
        }
        String name = object.getClass().getName();
        if (str.equals("getProperties") && name.equals("com.ibm.WsnBootstrap._WsnNameServiceStub")) {
            return true;
        }
        if (str.equals("getProperties") && name.equals("com.ibm.ws.naming.bootstrap.WsnNameServiceImpl")) {
            return true;
        }
        if (str.equals("get") && name.equals("com.ibm.org.omg.CORBA._ObjectStub")) {
            return true;
        }
        return str.equals("get") && name.equals("com.ibm.rmi.corba.CORBAObjectImpl");
    }

    public static boolean isSpecialSSLRequiredNamingMethod(String str, Object object) {
        if (object == null) {
            return false;
        }
        String name = object.getClass().getName();
        if (name.equals("com.ibm.ws.security.server._SecurityServer_Stub")) {
            return true;
        }
        return (name.equals("com.ibm.websphere.security._UserRegistry_Stub") && !str.equals("createCredential")) || name.equals("com.ibm.ws.security.server._SecurityServerImpl_Tie") || name.equals("com.ibm.ws.security.registry._UserRegistryImpl_Tie");
    }

    public String createSimpleKey(String str, int i) {
        String stringBuffer = new StringBuffer().append(str).append(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR).append(i).toString();
        if (current().getFirstHost().equals("") && current().getFirstPort().equals("")) {
            current().setFirstHost(str);
            current().setFirstPort(Integer.toString(i));
            current().setAllHosts(stringBuffer);
            current().setAllPorts(Integer.toString(i));
        } else if (current().getAllHosts().indexOf(stringBuffer) == -1) {
            current().setAllHosts(new StringBuffer().append(current().getAllHosts()).append("|").append(stringBuffer).toString());
            current().setAllPorts(new StringBuffer().append(current().getAllPorts()).append("|").append(Integer.toString(i)).toString());
        }
        return stringBuffer;
    }

    public VaultImpl getVault() {
        if (this.vault == null) {
            this.vault = VaultImpl.getInstance();
        }
        return this.vault;
    }

    public SecurityConfiguration getSecurityConfig() {
        if (this.vault == null) {
            this.vault = VaultImpl.getInstance();
        }
        if (this.secConfig == null) {
            VaultImpl vaultImpl = this.vault;
            this.secConfig = VaultImpl.getSecurityConfiguration();
        }
        return this.secConfig;
    }

    public boolean getTcpConnectionObject(String str) {
        ServerConnectionDataImpl serverConnectionDataImpl = new ServerConnectionDataImpl();
        serverConnectionDataImpl.setServerPort(this.orb.getListenerPort());
        serverConnectionDataImpl.setConnectionKey(formConnectionKey(str, this.orb.getListenerPort(), RASFormatter.DEFAULT_SEPARATOR, (short) 0));
        serverConnectionDataImpl.setConnectionType(2L);
        this.serverTCPConnData = serverConnectionDataImpl;
        if (!SecurityLogger.debugTraceEnabled) {
            return true;
        }
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getTcpConnectionObject", "Requesting to create a TCPIP server connection with:");
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getTcpConnectionObject", new StringBuffer().append("  Connection key: ").append(serverConnectionDataImpl.getConnectionKey()).append(", Connection type: ").append(serverConnectionDataImpl.getConnectionType()).append(", Server port: ").append(serverConnectionDataImpl.getServerPort()).toString());
        return true;
    }

    public boolean getSASSSLConnectionObject(String str) {
        SecurityConfiguration securityConfig = getSecurityConfig();
        SSLServerConnectionDataImpl sSLServerConnectionDataImpl = new SSLServerConnectionDataImpl();
        short s = 0;
        if (getSecurityConfig().claimClientAuthenticationRequired()) {
            s = (short) (0 | 64);
        }
        if (getSecurityConfig().claimServerAuthenticationRequired()) {
            s = (short) (s | 32);
        }
        if (getSecurityConfig().claimMessageReplayDetectionRequired()) {
            s = (short) (s | 8);
        }
        if (getSecurityConfig().claimMessageOutOfSequenceDetectionRequired()) {
            s = (short) (s | 16);
        }
        if (getSecurityConfig().claimMessageIntegrityRequired()) {
            s = (short) (s | 2);
        }
        if (getSecurityConfig().claimMessageConfidentialityRequired()) {
            s = (short) (s | 4);
        }
        short s2 = 0;
        if (getSecurityConfig().claimClientAuthenticationSupported()) {
            s2 = (short) (0 | 64);
        }
        if (getSecurityConfig().claimServerAuthenticationSupported()) {
            s2 = (short) (s2 | 32);
        }
        if (getSecurityConfig().claimMessageReplayDetectionSupported()) {
            s2 = (short) (s2 | 8);
        }
        if (getSecurityConfig().claimMessageOutOfSequenceDetectionSupported()) {
            s2 = (short) (s2 | 16);
        }
        if (getSecurityConfig().claimMessageIntegritySupported()) {
            s2 = (short) (s2 | 2);
        }
        if (getSecurityConfig().claimMessageConfidentialitySupported()) {
            s2 = (short) (s2 | 4);
        }
        String str2 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.6
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getSASInboundSSLConfig().getSSLKeyPassword();
            }
        });
        String str3 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.7
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getSASInboundSSLConfig().getSSLTrustPassword();
            }
        });
        String str4 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.8
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getSASInboundSSLConfig().getHardwareTokenPassword();
            }
        });
        sSLServerConnectionDataImpl.setConnectionKey(formConnectionKey(str, getSecurityConfig().getSSLPort(), VaultConstants.SSL_MECH_TYPE, s2));
        sSLServerConnectionDataImpl.setConnectionType(1L);
        sSLServerConnectionDataImpl.setServerPort(getSecurityConfig().getSSLPort());
        sSLServerConnectionDataImpl.setProtocolName(getSecurityConfig().getSASInboundSSLConfig().getSSLProtocol());
        sSLServerConnectionDataImpl.setKeyManagerName(getSecurityConfig().getSASInboundSSLConfig().getSSLKeyManager());
        sSLServerConnectionDataImpl.setTrustManagerName(getSecurityConfig().getSASInboundSSLConfig().getSSLTrustManager());
        sSLServerConnectionDataImpl.setKeyStoreType(getSecurityConfig().getSASInboundSSLConfig().getSSLKeyStoreType());
        sSLServerConnectionDataImpl.setKeyStoreProvider(getSecurityConfig().getSASInboundSSLConfig().getSSLKeyStoreProvider());
        sSLServerConnectionDataImpl.setTrustStoreType(getSecurityConfig().getSASInboundSSLConfig().getSSLTrustStoreType());
        sSLServerConnectionDataImpl.setTrustStoreProvider(getSecurityConfig().getSASInboundSSLConfig().getSSLTrustStoreProvider());
        sSLServerConnectionDataImpl.setKeyRingName(getSecurityConfig().getSASInboundSSLConfig().getSSLKeyFile());
        sSLServerConnectionDataImpl.setKeyRingPassword(str2);
        sSLServerConnectionDataImpl.setTrustFileName(getSecurityConfig().getSASInboundSSLConfig().getSSLTrustFile());
        sSLServerConnectionDataImpl.setTrustFilePassword(str3);
        sSLServerConnectionDataImpl.setContextProvider(getSecurityConfig().getSASInboundSSLConfig().getSSLContextProvider());
        sSLServerConnectionDataImpl.setClientAuthenticationFlag(getSecurityConfig().getIIOPSSLClientAuthentication());
        sSLServerConnectionDataImpl.setCiphersToBeEnabled(getSecurityConfig().getSASInboundSSLConfig().getSSLEnabledCiphers());
        sSLServerConnectionDataImpl.setHardwareTokenLibraryFile(getSecurityConfig().getSASInboundSSLConfig().getHardwareTokenLibraryFile());
        sSLServerConnectionDataImpl.setHardwareTokenPassword(str4);
        sSLServerConnectionDataImpl.setHardwareTokenType(getSecurityConfig().getSASInboundSSLConfig().getHardwareTokenType());
        sSLServerConnectionDataImpl.setHardwareTokenSlot(getSecurityConfig().getSASInboundSSLConfig().getHardwareTokenSlot());
        sSLServerConnectionDataImpl.setSessionTimeout(getSecurityConfig().getSSLV3SessionTimeout());
        sSLServerConnectionDataImpl.setTargetRequiresQOP(s);
        sSLServerConnectionDataImpl.setTargetSupportsQOP(s2);
        sSLServerConnectionDataImpl.setMessageLoggingEnabled(getSecurityConfig().SSLMessageLoggingEnabled());
        sSLServerConnectionDataImpl.setServerAlias(getSecurityConfig().getSASInboundSSLConfig().getKeyStoreServerAlias());
        sSLServerConnectionDataImpl.setClientAlias(getSecurityConfig().getSASInboundSSLConfig().getKeyStoreClientAlias());
        sSLServerConnectionDataImpl.setUseFIPS(getSecurityConfig().getSASInboundSSLConfig().getUseFIPS());
        this.sasServerSSLConnData = sSLServerConnectionDataImpl;
        if (!SecurityLogger.debugTraceEnabled) {
            return true;
        }
        String str5 = sSLServerConnectionDataImpl.getUseFIPS() ? "true" : "false";
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", "Requesting to create an SSL server connection with:");
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", new StringBuffer().append("  Protocol Name: ").append(sSLServerConnectionDataImpl.getProtocolName()).append(", FIPS Enabled: ").append(str5).append(", Key Manager Name: ").append(sSLServerConnectionDataImpl.getKeyManagerName()).append(", Trust Manager Name: ").append(sSLServerConnectionDataImpl.getTrustManagerName()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", new StringBuffer().append("  Key Store Type: ").append(sSLServerConnectionDataImpl.getKeyStoreType()).append(", Key Store Provider: ").append(sSLServerConnectionDataImpl.getKeyStoreProvider()).append(", Trust Store Type: ").append(sSLServerConnectionDataImpl.getTrustStoreType()).append(", Trust Store Provider: ").append(sSLServerConnectionDataImpl.getTrustStoreProvider()).append(", JSSE Provider: ").append(sSLServerConnectionDataImpl.getContextProvider()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", new StringBuffer().append("  Key File: ").append(sSLServerConnectionDataImpl.getKeyRingName()).append("  Key File Server Alias: ").append(sSLServerConnectionDataImpl.getServerAlias()).append(", Key File Password: ").append(SecurityConfiguration.mask(str2)).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", new StringBuffer().append("  Trust File: ").append(sSLServerConnectionDataImpl.getTrustFileName()).append(", Trust File Password: ").append(SecurityConfiguration.mask(str3)).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", new StringBuffer().append("  Client Authentication Flag: ").append(sSLServerConnectionDataImpl.getClientAuthenticationFlag()).append(", Ciphers To Be Enabled: ").append(sSLServerConnectionDataImpl.getCiphersToBeEnabled()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", new StringBuffer().append("  Hardware Token Type: ").append(sSLServerConnectionDataImpl.getHardwareTokenType()).append(", Hardware Token Slot: ").append(sSLServerConnectionDataImpl.getHardwareTokenSlot()).append(", Hardware Token Password: ").append(SecurityConfiguration.mask(str4)).append(", Hardware Token Library File: ").append(sSLServerConnectionDataImpl.getHardwareTokenLibraryFile()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", new StringBuffer().append("  Connection key: ").append(sSLServerConnectionDataImpl.getConnectionKey()).append(", Connection type: ").append(sSLServerConnectionDataImpl.getConnectionType()).append(", Server port: ").append(sSLServerConnectionDataImpl.getServerPort()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getSASSSLConnectionObject", new StringBuffer().append("  Target requires QOP: ").append((int) sSLServerConnectionDataImpl.getTargetRequiresQOP()).append(", Target supports QOP: ").append((int) sSLServerConnectionDataImpl.getTargetSupportsQOP()).toString());
        return true;
    }

    public boolean getCSISSLConnectionObject(String str) {
        SecurityConfiguration securityConfig = getSecurityConfig();
        SSLServerConnectionDataImpl sSLServerConnectionDataImpl = new SSLServerConnectionDataImpl();
        short s = (short) (0 | 32);
        if (getSecurityConfig().getCSIv2ClaimMessageIntegrityRequired()) {
            s = (short) (s | 2);
        }
        if (getSecurityConfig().getCSIv2ClaimMessageConfidentialityRequired()) {
            s = (short) (s | 4);
        }
        short s2 = (short) (0 | 32);
        if (getSecurityConfig().getCSIv2ClaimMessageIntegritySupported()) {
            s2 = (short) (s2 | 2);
        }
        if (getSecurityConfig().getCSIv2ClaimMessageConfidentialitySupported()) {
            s2 = (short) (s2 | 4);
        }
        String str2 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.9
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getCSIInboundSSLConfig().getSSLKeyPassword();
            }
        });
        String str3 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.10
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getCSIInboundSSLConfig().getSSLTrustPassword();
            }
        });
        String str4 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.11
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getCSIInboundSSLConfig().getHardwareTokenPassword();
            }
        });
        sSLServerConnectionDataImpl.setConnectionKey(formConnectionKey(str, getSecurityConfig().getCSISSLPort(), VaultConstants.SSL_MECH_TYPE, s2));
        sSLServerConnectionDataImpl.setConnectionType(1L);
        sSLServerConnectionDataImpl.setServerPort(getSecurityConfig().getCSISSLPort());
        sSLServerConnectionDataImpl.setProtocolName(getSecurityConfig().getCSIInboundSSLConfig().getSSLProtocol());
        sSLServerConnectionDataImpl.setKeyManagerName(getSecurityConfig().getCSIInboundSSLConfig().getSSLKeyManager());
        sSLServerConnectionDataImpl.setTrustManagerName(getSecurityConfig().getCSIInboundSSLConfig().getSSLTrustManager());
        sSLServerConnectionDataImpl.setKeyStoreType(getSecurityConfig().getCSIInboundSSLConfig().getSSLKeyStoreType());
        sSLServerConnectionDataImpl.setKeyStoreProvider(getSecurityConfig().getCSIInboundSSLConfig().getSSLKeyStoreProvider());
        sSLServerConnectionDataImpl.setTrustStoreType(getSecurityConfig().getCSIInboundSSLConfig().getSSLTrustStoreType());
        sSLServerConnectionDataImpl.setTrustStoreProvider(getSecurityConfig().getCSIInboundSSLConfig().getSSLTrustStoreProvider());
        sSLServerConnectionDataImpl.setKeyRingName(getSecurityConfig().getCSIInboundSSLConfig().getSSLKeyFile());
        sSLServerConnectionDataImpl.setKeyRingPassword(str2);
        sSLServerConnectionDataImpl.setTrustFileName(getSecurityConfig().getCSIInboundSSLConfig().getSSLTrustFile());
        sSLServerConnectionDataImpl.setTrustFilePassword(str3);
        sSLServerConnectionDataImpl.setContextProvider(getSecurityConfig().getCSIInboundSSLConfig().getSSLContextProvider());
        sSLServerConnectionDataImpl.setClientAuthenticationFlag(false);
        sSLServerConnectionDataImpl.setCiphersToBeEnabled(getSecurityConfig().getCSIInboundSSLConfig().getSSLEnabledCiphers());
        sSLServerConnectionDataImpl.setHardwareTokenLibraryFile(getSecurityConfig().getCSIInboundSSLConfig().getHardwareTokenLibraryFile());
        sSLServerConnectionDataImpl.setHardwareTokenPassword(str4);
        sSLServerConnectionDataImpl.setHardwareTokenType(getSecurityConfig().getCSIInboundSSLConfig().getHardwareTokenType());
        sSLServerConnectionDataImpl.setHardwareTokenSlot(getSecurityConfig().getCSIInboundSSLConfig().getHardwareTokenSlot());
        sSLServerConnectionDataImpl.setSessionTimeout(getSecurityConfig().getSSLV3SessionTimeout());
        sSLServerConnectionDataImpl.setTargetRequiresQOP(s);
        sSLServerConnectionDataImpl.setTargetSupportsQOP(s2);
        sSLServerConnectionDataImpl.setMessageLoggingEnabled(getSecurityConfig().SSLMessageLoggingEnabled());
        sSLServerConnectionDataImpl.setServerAlias(getSecurityConfig().getCSIInboundSSLConfig().getKeyStoreServerAlias());
        sSLServerConnectionDataImpl.setClientAlias(getSecurityConfig().getCSIInboundSSLConfig().getKeyStoreClientAlias());
        sSLServerConnectionDataImpl.setUseFIPS(getSecurityConfig().getCSIInboundSSLConfig().getUseFIPS());
        this.csiServerSSLConnData = sSLServerConnectionDataImpl;
        if (!SecurityLogger.debugTraceEnabled) {
            return true;
        }
        String str5 = sSLServerConnectionDataImpl.getUseFIPS() ? "true" : "false";
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", "Requesting to create an SSL server connection with:");
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", new StringBuffer().append("  Protocol Name: ").append(sSLServerConnectionDataImpl.getProtocolName()).append(", FIPS Enabled: ").append(str5).append(", Key Manager Name: ").append(sSLServerConnectionDataImpl.getKeyManagerName()).append(", Trust Manager Name: ").append(sSLServerConnectionDataImpl.getTrustManagerName()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", new StringBuffer().append("  Key Store Type: ").append(sSLServerConnectionDataImpl.getKeyStoreType()).append(", Key Store Provider: ").append(sSLServerConnectionDataImpl.getKeyStoreProvider()).append(", Trust Store Type: ").append(sSLServerConnectionDataImpl.getTrustStoreType()).append(", Trust Store Provider: ").append(sSLServerConnectionDataImpl.getTrustStoreProvider()).append(", JSSE Provider: ").append(sSLServerConnectionDataImpl.getContextProvider()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", new StringBuffer().append("  Key File: ").append(sSLServerConnectionDataImpl.getKeyRingName()).append("  Key File Server Alias: ").append(sSLServerConnectionDataImpl.getServerAlias()).append(", Key File Password: ").append(SecurityConfiguration.mask(str2)).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", new StringBuffer().append("  Trust File: ").append(sSLServerConnectionDataImpl.getTrustFileName()).append(", Trust File Password: ").append(SecurityConfiguration.mask(str3)).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", new StringBuffer().append("  Client Authentication Flag: ").append(sSLServerConnectionDataImpl.getClientAuthenticationFlag()).append(", Ciphers To Be Enabled: ").append(sSLServerConnectionDataImpl.getCiphersToBeEnabled()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", new StringBuffer().append("  Hardware Token Type: ").append(sSLServerConnectionDataImpl.getHardwareTokenType()).append("  Hardware Token Slot: ").append(sSLServerConnectionDataImpl.getHardwareTokenSlot()).append(", Hardware Token Password: ").append(SecurityConfiguration.mask(str4)).append(", Hardware Token Library File: ").append(sSLServerConnectionDataImpl.getHardwareTokenLibraryFile()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", new StringBuffer().append("  Connection key: ").append(sSLServerConnectionDataImpl.getConnectionKey()).append(", Connection type: ").append(sSLServerConnectionDataImpl.getConnectionType()).append(", Server port: ").append(sSLServerConnectionDataImpl.getServerPort()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSISSLConnectionObject", new StringBuffer().append("  Target requires QOP: ").append((int) sSLServerConnectionDataImpl.getTargetRequiresQOP()).append(", Target supports QOP: ").append((int) sSLServerConnectionDataImpl.getTargetSupportsQOP()).toString());
        return true;
    }

    public boolean getCSIClientCertSSLConnectionObject(String str) {
        SecurityConfiguration securityConfig = getSecurityConfig();
        SSLServerConnectionDataImpl sSLServerConnectionDataImpl = new SSLServerConnectionDataImpl();
        short s = (short) (((short) (0 | 32)) | 64);
        if (getSecurityConfig().getCSIv2ClaimMessageIntegrityRequired()) {
            s = (short) (s | 2);
        }
        if (getSecurityConfig().getCSIv2ClaimMessageConfidentialityRequired()) {
            s = (short) (s | 4);
        }
        short s2 = (short) (((short) (0 | 32)) | 64);
        if (getSecurityConfig().getCSIv2ClaimMessageIntegritySupported()) {
            s2 = (short) (s2 | 2);
        }
        if (getSecurityConfig().getCSIv2ClaimMessageConfidentialitySupported()) {
            s2 = (short) (s2 | 4);
        }
        String str2 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.12
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getCSIInboundSSLConfig().getSSLKeyPassword();
            }
        });
        String str3 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.13
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getCSIInboundSSLConfig().getSSLTrustPassword();
            }
        });
        String str4 = (String) AccessController.doPrivileged(new PrivilegedAction(this, securityConfig) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.14
            private final SecurityConfiguration val$sCfg_doPriv;
            private final SecurityConnectionInterceptor this$0;

            {
                this.this$0 = this;
                this.val$sCfg_doPriv = securityConfig;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$sCfg_doPriv.getCSIInboundSSLConfig().getHardwareTokenPassword();
            }
        });
        sSLServerConnectionDataImpl.setConnectionKey(formConnectionKey(str, getSecurityConfig().getCSIClientCertSSLPort(), VaultConstants.SSL_MECH_TYPE, s2));
        sSLServerConnectionDataImpl.setConnectionType(1L);
        sSLServerConnectionDataImpl.setServerPort(getSecurityConfig().getCSIClientCertSSLPort());
        sSLServerConnectionDataImpl.setProtocolName(getSecurityConfig().getCSIInboundSSLConfig().getSSLProtocol());
        sSLServerConnectionDataImpl.setKeyManagerName(getSecurityConfig().getCSIInboundSSLConfig().getSSLKeyManager());
        sSLServerConnectionDataImpl.setTrustManagerName(getSecurityConfig().getCSIInboundSSLConfig().getSSLTrustManager());
        sSLServerConnectionDataImpl.setKeyStoreType(getSecurityConfig().getCSIInboundSSLConfig().getSSLKeyStoreType());
        sSLServerConnectionDataImpl.setKeyStoreProvider(getSecurityConfig().getCSIInboundSSLConfig().getSSLKeyStoreProvider());
        sSLServerConnectionDataImpl.setTrustStoreType(getSecurityConfig().getCSIInboundSSLConfig().getSSLTrustStoreType());
        sSLServerConnectionDataImpl.setTrustStoreProvider(getSecurityConfig().getCSIInboundSSLConfig().getSSLTrustStoreProvider());
        sSLServerConnectionDataImpl.setKeyRingName(getSecurityConfig().getCSIInboundSSLConfig().getSSLKeyFile());
        sSLServerConnectionDataImpl.setKeyRingPassword(str2);
        sSLServerConnectionDataImpl.setTrustFileName(getSecurityConfig().getCSIInboundSSLConfig().getSSLTrustFile());
        sSLServerConnectionDataImpl.setTrustFilePassword(str3);
        sSLServerConnectionDataImpl.setContextProvider(getSecurityConfig().getCSIInboundSSLConfig().getSSLContextProvider());
        sSLServerConnectionDataImpl.setClientAuthenticationFlag(true);
        sSLServerConnectionDataImpl.setCiphersToBeEnabled(getSecurityConfig().getCSIInboundSSLConfig().getSSLEnabledCiphers());
        sSLServerConnectionDataImpl.setHardwareTokenLibraryFile(getSecurityConfig().getCSIInboundSSLConfig().getHardwareTokenLibraryFile());
        sSLServerConnectionDataImpl.setHardwareTokenPassword(str4);
        sSLServerConnectionDataImpl.setHardwareTokenType(getSecurityConfig().getCSIInboundSSLConfig().getHardwareTokenType());
        sSLServerConnectionDataImpl.setHardwareTokenSlot(getSecurityConfig().getCSIInboundSSLConfig().getHardwareTokenSlot());
        sSLServerConnectionDataImpl.setSessionTimeout(getSecurityConfig().getSSLV3SessionTimeout());
        sSLServerConnectionDataImpl.setTargetRequiresQOP(s);
        sSLServerConnectionDataImpl.setTargetSupportsQOP(s2);
        sSLServerConnectionDataImpl.setMessageLoggingEnabled(getSecurityConfig().SSLMessageLoggingEnabled());
        sSLServerConnectionDataImpl.setServerAlias(getSecurityConfig().getCSIInboundSSLConfig().getKeyStoreServerAlias());
        sSLServerConnectionDataImpl.setClientAlias(getSecurityConfig().getCSIInboundSSLConfig().getKeyStoreClientAlias());
        sSLServerConnectionDataImpl.setUseFIPS(getSecurityConfig().getCSIInboundSSLConfig().getUseFIPS());
        this.csiClientCertServerSSLConnData = sSLServerConnectionDataImpl;
        if (!SecurityLogger.debugTraceEnabled) {
            return true;
        }
        String str5 = sSLServerConnectionDataImpl.getUseFIPS() ? "true" : "false";
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", "Requesting to create an SSL server connection including EstablishTrustInClient with:");
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", new StringBuffer().append("  Protocol Name: ").append(sSLServerConnectionDataImpl.getProtocolName()).append(", FIPS Enabled: ").append(str5).append(", Key Manager Name: ").append(sSLServerConnectionDataImpl.getKeyManagerName()).append(", Trust Manager Name: ").append(sSLServerConnectionDataImpl.getTrustManagerName()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", new StringBuffer().append("  Key Store Type: ").append(sSLServerConnectionDataImpl.getKeyStoreType()).append(", Key Store Provider: ").append(sSLServerConnectionDataImpl.getKeyStoreProvider()).append(", Trust Store Type: ").append(sSLServerConnectionDataImpl.getTrustStoreType()).append(", Trust Store Provider: ").append(sSLServerConnectionDataImpl.getTrustStoreProvider()).append(", JSSE Provider: ").append(sSLServerConnectionDataImpl.getContextProvider()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", new StringBuffer().append("  Key File: ").append(sSLServerConnectionDataImpl.getKeyRingName()).append("  Key File Server Alias: ").append(sSLServerConnectionDataImpl.getServerAlias()).append(", Key File Password: ").append(SecurityConfiguration.mask(str2)).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", new StringBuffer().append("  Trust File: ").append(sSLServerConnectionDataImpl.getTrustFileName()).append(", Trust File Password: ").append(SecurityConfiguration.mask(str3)).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", new StringBuffer().append("  Client Authentication Flag: ").append(sSLServerConnectionDataImpl.getClientAuthenticationFlag()).append(", Ciphers To Be Enabled: ").append(sSLServerConnectionDataImpl.getCiphersToBeEnabled()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", new StringBuffer().append("  Hardware Token Type: ").append(sSLServerConnectionDataImpl.getHardwareTokenType()).append("  Hardware Token Slot: ").append(sSLServerConnectionDataImpl.getHardwareTokenSlot()).append(", Hardware Token Password: ").append(SecurityConfiguration.mask(str4)).append(", Hardware Token Library File: ").append(sSLServerConnectionDataImpl.getHardwareTokenLibraryFile()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", new StringBuffer().append("  Connection key: ").append(sSLServerConnectionDataImpl.getConnectionKey()).append(", Connection type: ").append(sSLServerConnectionDataImpl.getConnectionType()).append(", Server port: ").append(sSLServerConnectionDataImpl.getServerPort()).toString());
        SecurityLogger.debugMessage("SecurityConnectionInterceptor.getCSIClientCertSSLConnectionObject", new StringBuffer().append("  Target requires QOP: ").append((int) sSLServerConnectionDataImpl.getTargetRequiresQOP()).append(", Target supports QOP: ").append((int) sSLServerConnectionDataImpl.getTargetSupportsQOP()).toString());
        return true;
    }

    public String establishConnectionInfo(Profile profile, ConnectionDataCarrier connectionDataCarrier, boolean z, boolean z2, boolean z3, int i, short s, short s2, short s3, String str, boolean z4, CSIv2EffectivePerformPolicy cSIv2EffectivePerformPolicy) {
        int i2;
        int i3;
        short formCoalescedQOP;
        String str2;
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugEntry("SecurityConnectionInterceptor.establishConnectionInfo");
        }
        boolean z5 = false;
        boolean z6 = false;
        if (this.secConfig.getProtocol().compareToIgnoreCase(SecurityProtocol.IBMString) == 0 || (this.secConfig.getProtocol().compareToIgnoreCase("both") == 0 && cSIv2EffectivePerformPolicy == null)) {
            z6 = false;
            z5 = getSecurityConfig().SSLTypeIServerAssociationEnabled();
        } else if (this.secConfig.getProtocol().compareToIgnoreCase(SecurityProtocol.CSIV2String) == 0 || (this.secConfig.getProtocol().compareToIgnoreCase("both") == 0 && cSIv2EffectivePerformPolicy != null)) {
            z5 = false;
            if (!this.secConfig.getCSIv2PerformTransportAssocSSLTLSSupported() && !this.secConfig.getCSIv2PerformTransportAssocSSLTLSRequired() && profile.getPort() != 0) {
                z6 = false;
            } else {
                if (!this.secConfig.getCSIv2PerformTransportAssocSSLTLSSupported() && !this.secConfig.getCSIv2PerformTransportAssocSSLTLSRequired() && profile.getPort() == 0) {
                    throw new BAD_PARAM("SSL is not supported or required in client configuration, however, no TCP/IP port specified in IOR profile.");
                }
                if (this.secConfig.getCSIv2PerformTransportAssocSSLTLSSupported() && !this.secConfig.getCSIv2PerformTransportAssocSSLTLSRequired() && z4) {
                    z6 = true;
                } else if (this.secConfig.getCSIv2PerformTransportAssocSSLTLSSupported() && !this.secConfig.getCSIv2PerformTransportAssocSSLTLSRequired() && !z4) {
                    z6 = false;
                } else if (this.secConfig.getCSIv2PerformTransportAssocSSLTLSRequired() && z4) {
                    z6 = true;
                } else if (this.secConfig.getCSIv2PerformTransportAssocSSLTLSRequired() && !z4) {
                    throw new BAD_PARAM("Required TLS not found.");
                }
            }
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishConnectionInfo", new StringBuffer().append("SSLTypeIServerAssociation is ").append(z5).append(",SSLType2ServerAssociation is ").append(z6).append(", sslCmpdTagFound is ").append(z3).append(", securityTagFound is ").append(z2).append(", sslTagFound is ").append(z).append(";").append(", CSIv2TransportFound is ").append(z4).append(";").toString());
        }
        if (!z5 && !z6) {
            String createSimpleKey = createSimpleKey(getHostfromProfile(profile), profile.getPort());
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishConnectionInfo", "Setting TCPIP ConnectionDataImpl object.");
            }
            connectionDataCarrier.setConnectionData(new ConnectionDataImpl(createSimpleKey, 2));
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishConnectionInfo", new StringBuffer().append("TypeI SSL and DCE not enabled, returning connection key - ").append(createSimpleKey).toString());
            }
            if (SecurityLogger.debugEntryEnabled) {
                SecurityLogger.debugExit("SecurityConnectionInterceptor.establishConnectionInfo");
            }
            return createSimpleKey;
        }
        if (z3 || ((z2 && z) || z4)) {
            i2 = i & 65535;
            i3 = 1;
            formCoalescedQOP = (!z4 || cSIv2EffectivePerformPolicy == null) ? formCoalescedQOP(s, s2) : formCSIv2CoalescedQOP(s, s2, cSIv2EffectivePerformPolicy);
            str2 = VaultConstants.SSL_MECH_TYPE;
        } else {
            if (z2 || !z) {
                String createSimpleKey2 = createSimpleKey(getHostfromProfile(profile), profile.getPort());
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishConnectionInfo", "Setting TCPIP ConnectionDataImpl object.");
                }
                connectionDataCarrier.setConnectionData(new ConnectionDataImpl(createSimpleKey2, 2));
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishConnectionInfo", new StringBuffer().append("TypeI SSL enabled, DCE not enabled, no security tags found in IOR, returning connection key - ").append(createSimpleKey2).toString());
                }
                if (SecurityLogger.debugEntryEnabled) {
                    SecurityLogger.debugExit("SecurityConnectionInterceptor.establishConnectionInfo");
                }
                return createSimpleKey2;
            }
            i2 = i & 65535;
            i3 = 1;
            formCoalescedQOP = formCoalescedQOP(s, s2);
            str2 = VaultConstants.SSL_MECH_TYPE;
        }
        int lastIndexOf = str.lastIndexOf(TagletManager.SIMPLE_TAGLET_OPT_SEPERATOR);
        String formConnectionKey = formConnectionKey(lastIndexOf >= 0 ? str.substring(0, lastIndexOf) : str, i2, str2, formCoalescedQOP);
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SecurityConnectionInterceptor.establishConnectionInfo", "Setting SSL ExtendedSSLConnectionData object.");
        }
        connectionDataCarrier.setConnectionData(new ExtendedSSLConnectionData(formConnectionKey, i3, formCoalescedQOP, 0, null, getSecurityConfig()));
        if (SecurityLogger.debugEntryEnabled) {
            SecurityLogger.debugExit("SecurityConnectionInterceptor.establishConnectionInfo");
        }
        return formConnectionKey;
    }

    @Override // com.ibm.ws.orb.transport.DefaultConnectionInterceptor, com.ibm.ws.orb.transport.ConnectionInterceptor
    public SSLConnectionData getSSLConfigurationParameters(String str, long j, short s, int i) {
        VaultImpl.getInstance();
        return new ExtendedSSLConnectionData(str, j, s, i, VaultImpl.getSecurityConfiguration());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getHostfromProfile(Profile profile) {
        String str;
        try {
            str = profile.getHostIPAddress();
            if (str != null) {
                if (str.trim().length() == 0) {
                    str = null;
                }
            }
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityConnectionInterceptor.current", "4329");
            if (SecurityLogger.traceEnabled) {
                SecurityLogger.traceMessage("SecurityConnectionInterceptor.getHostfromProfile", "Could not resolve host, ignore if HTTP Tunneling is enabled");
                SecurityLogger.traceException("SecurityConnectionInterceptor.getHostfromProfile", th, 0, 0);
            }
            str = null;
        }
        if (str == null) {
            str = profile.getHost();
        }
        return str;
    }
}
