package com.ibm.ws.security.util;

import com.ibm.disthub2.impl.client.SessionConfig;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URL;
import java.util.Properties;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/jmslibs/sibc.jndi.jar:com/ibm/ws/security/util/SASPropFile.class
 */
/* loaded from: input_file:lib/jmslibs/sibc.jms.jar:com/ibm/ws/security/util/SASPropFile.class */
public class SASPropFile {
    public static final String LOCALOS = "LOCALOS";
    public static final String SERVER_ID_SUFFIX = ".server.id";
    public static final String SERVER_PWD_SUFFIX = ".server.pwd";
    public static final String LOCALOS_USERID = "LOCALOS.server.id";
    public static final String LOCALOS_PASSWORD = "LOCALOS.server.pwd";
    public static final String LOCALOS_SERVER_ID = "LOCALOS.server.id";
    public static final String LOCALOS_SERVER_PWD = "LOCALOS.server.pwd";
    public static final String RMI_OUTBOUND_LOGIN_ENABLED = "com.ibm.CSI.rmiOutboundLoginEnabled";
    public static final String RMI_OUTBOUND_PROPAGATION_ENABLED = "com.ibm.CSI.rmiOutboundPropagationEnabled";
    public static final String RMI_INBOUND_PROPAGATION_ENABLED = "com.ibm.CSI.rmiInboundPropagationEnabled";
    public static final String WEB_INBOUND_PROPAGATION_ENABLED = "com.ibm.ws.security.webInboundPropagationEnabled";
    public static final String SSO_INTEROP_MODE = "com.ibm.ws.security.ssoInteropModeEnabled";
    public static final String CELL_NODE_SERVER = "com.ibm.CSI.CellNodeServer";
    public static final String RMI_INBOUND_LOGIN_CONFIG = "com.ibm.CSI.rmiInboundLoginConfig";
    public static final String RMI_OUTBOUND_LOGIN_CONFIG = "com.ibm.CSI.rmiOutboundLoginConfig";
    public static final String WEB_INBOUND_LOGIN_CONFIG = "com.ibm.ws.security.webInboundLoginConfig";
    public static final String DEFAULT_LOGIN_CONFIG = "com.ibm.ws.security.defaultLoginConfig";
    public static final String SUPPORTED_TARGET_REALMS = "com.ibm.CSI.supportedTargetRealms";
    public static final String AUTHENTICATION_TOKEN_FACTORY = "com.ibm.wsspi.security.token.authenticationTokenFactory";
    public static final String AUTHORIZATION_TOKEN_FACTORY = "com.ibm.wsspi.security.token.authorizationTokenFactory";
    public static final String DEFAULT_TOKEN_FACTORY = "com.ibm.wsspi.security.token.defaultTokenFactory";
    public static final String PROPAGATION_TOKEN_FACTORY = "com.ibm.wsspi.security.token.propagationTokenFactory";
    public static final String SINGLESIGNON_TOKEN_FACTORY = "com.ibm.wsspi.security.token.singleSignonTokenFactory";
    public static final String CSI_PROTOCOL = "com.ibm.CSI.protocol";
    public static final String REQUEST_TIMEOUT = "com.ibm.CORBA.requestTimeout";
    public static final String SSL_PREFIX = "com.ibm.ssl.";
    public static final String KEY_FILE_PASSWORD = "com.ibm.ssl.keyStorePassword";
    public static final String TRUST_FILE_PASSWORD = "com.ibm.ssl.trustStorePassword";
    public static final String CSI_PERFORM_STATEFUL = "com.ibm.CSI.performStateful";
    public static final String CSI_PERFORM_CLIENT_AUTH_REQ = "com.ibm.CSI.performClientAuthenticationRequired";
    public static final String CSI_PERFORM_CLIENT_AUTH_SUP = "com.ibm.CSI.performClientAuthenticationSupported";
    public static final String CSI_PERFORM_TLC_CLIENT_AUTH_REQ = "com.ibm.CSI.performTLClientAuthenticationRequired";
    public static final String CSI_PERFORM_TLC_CLIENT_AUTH_SUP = "com.ibm.CSI.performTLClientAuthenticationSupported";
    public static final String CSI_PERFORM_TRANSPORT_REQ = "com.ibm.CSI.performTransportAssocSSLTLSRequired";
    public static final String CSI_PERFORM_TRANSPORT_SUP = "com.ibm.CSI.performTransportAssocSSLTLSSupported";
    public static final String CSI_PERFORM_MESSAGE_INT_REQ = "com.ibm.CSI.performMessageIntegrityRequired";
    public static final String CSI_PERFORM_MESSAGE_INT_SUP = "com.ibm.CSI.performMessageIntegritySupported";
    public static final String CSI_PERFORM_MESSAGE_CON_REQ = "com.ibm.CSI.performMessageConfidentialityRequired";
    public static final String CSI_PERFORM_MESSAGE_CON_SUP = "com.ibm.CSI.performMessageConfidentialitySupported";
    public static final String SSL_ORB_CLIENT_QOP = "com.ibm.CORBA.standardPerformQOPModels";
    public static final String SSL_KEY_FILE_PASSWORD = "com.ibm.ssl.keyStorePassword";
    public static final String SSL_TRUST_FILE_PASSWORD = "com.ibm.ssl.trustStorePassword";
    private static final String stateful_sessions = "# Does this client support stateful sessions?";
    private static final String basicAuth_client_auth = "# Does this client support/require BasicAuth (userid/password) client authentication?";
    private static final String ssl_client_auth = "# Does this client support/require SSL client authentication?";
    private static final String ssl_connection = "# Does this client support/require SSL connections?";
    private static final String cipher_40bit = "# Does this client support/require 40-bit cipher suites when using SSL?";
    private static final String cipher_128bit = "# Does this client support/require 128-bit cipher suites when using SSL?";
    private static final String rmiiop_user_id = "# RMI/IIOP user identity";
    public static final String SECURITY_ENABLED_PROPERTY = "com.ibm.CORBA.securityEnabled";
    public static final String AUTHENTICATION_TARGET_PROPERTY = "com.ibm.CORBA.authenticationTarget";
    public static final String PRINCIPAL_NAME_PROPERTY = "com.ibm.CORBA.principalName";
    public static final String LOGIN_USERID = "com.ibm.CORBA.loginUserid";
    public static final String LOGIN_PASSWORD = "com.ibm.CORBA.loginPassword";
    public static final String SECURITY_CACHE_TIMEOUT_PROPERTY = "com.ibm.CORBA.securityCacheTimeout";
    public static final String SERVER_SECURITY_ENABLED_PROPERTY = "com.ibm.CORBA.serverSecurityEnabled";
    public static final String[] propNames = {SECURITY_ENABLED_PROPERTY, AUTHENTICATION_TARGET_PROPERTY, PRINCIPAL_NAME_PROPERTY, LOGIN_USERID, LOGIN_PASSWORD, SECURITY_CACHE_TIMEOUT_PROPERTY, SERVER_SECURITY_ENABLED_PROPERTY};
    public static final String AUTHENTICATION_RETRY_ENABLED = "com.ibm.CORBA.authenticationRetryEnabled";
    public static final String AUTHENTICATION_RETRY_COUNT = "com.ibm.CORBA.authenticationRetryCount";
    public static final String VALIDATE_BASIC_AUTH = "com.ibm.CORBA.validateBasicAuth";
    public static final String SECURITY_SERVER_HOST = "com.ibm.CORBA.securityServerHost";
    public static final String SECURITY_SERVER_PORT = "com.ibm.CORBA.securityServerPort";
    public static final String SAS_LOGIN_TIMEOUT = "com.ibm.CORBA.loginTimeout";
    public static final String SAS_LOGIN_SOURCE = "com.ibm.CORBA.loginSource";
    public static final String[] AuthPropNames = {AUTHENTICATION_TARGET_PROPERTY, AUTHENTICATION_RETRY_ENABLED, AUTHENTICATION_RETRY_COUNT, VALIDATE_BASIC_AUTH, SECURITY_SERVER_HOST, SECURITY_SERVER_PORT, SAS_LOGIN_TIMEOUT, SAS_LOGIN_SOURCE};
    public static final String[] loginPropNames = {LOGIN_USERID, LOGIN_PASSWORD, PRINCIPAL_NAME_PROPERTY};
    public static final String PROTOCOL = "com.ibm.ssl.protocol";
    public static final String SSL_TYPE = "com.ibm.ssl.sslType";
    public static final String KEY_MANAGER = "com.ibm.ssl.keyManager";
    public static final String KEY_STORE_TYPE = "com.ibm.ssl.keyStoreType";
    public static final String KEY_STORE_PROVIDER = "com.ibm.ssl.keyStoreProvider";
    public static final String KEY_FILE_NAME = "com.ibm.ssl.keyStore";
    public static final String TRUST_MANAGER = "com.ibm.ssl.trustManager";
    public static final String TRUST_STORE_TYPE = "com.ibm.ssl.trustStoreType";
    public static final String TRUST_STORE_PROVIDER = "com.ibm.ssl.trustStoreProvider";
    public static final String TRUST_FILE_NAME = "com.ibm.ssl.trustStore";
    public static final String ENABLED_CIPHER_SUITES = "com.ibm.ssl.enabledCipherSuites";
    public static final String CLIENT_AUTH = "com.ibm.ssl.clientAuthentication";
    public static final String SECURITY_LEVEL = "com.ibm.ssl.securityLevel";
    public static final String TOKEN_TYPE = "com.ibm.ssl.tokenType";
    public static final String TOKEN_LIBRARY_FILE = "com.ibm.ssl.tokenLibraryFile";
    public static final String TOKEN_PASSWORD = "com.ibm.ssl.tokenPassword";
    public static final String CONTEXT_PROVIDER = "com.ibm.ssl.contextProvider";
    public static final String CLIENT_KEY_ALIAS = "com.ibm.ssl.keyStoreClientAlias";
    public static final String SERVER_KEY_ALIAS = "com.ibm.ssl.keyStoreServerAlias";
    public static final String[] SSL_PROP_NAMES = {PROTOCOL, SSL_TYPE, KEY_MANAGER, KEY_STORE_TYPE, KEY_STORE_PROVIDER, KEY_FILE_NAME, "com.ibm.ssl.keyStorePassword", TRUST_MANAGER, TRUST_STORE_TYPE, TRUST_STORE_PROVIDER, TRUST_FILE_NAME, "com.ibm.ssl.trustStorePassword", ENABLED_CIPHER_SUITES, CLIENT_AUTH, SECURITY_LEVEL, TOKEN_TYPE, TOKEN_LIBRARY_FILE, TOKEN_PASSWORD, CONTEXT_PROVIDER, CLIENT_KEY_ALIAS, SERVER_KEY_ALIAS};
    public static final String TOKEN_SLOT = "com.ibm.ssl.tokenSlot";
    public static final String[] SSL_PROPERTY_NAMES = {PROTOCOL, TRUST_FILE_NAME, TRUST_STORE_TYPE, "com.ibm.ssl.trustStorePassword", KEY_FILE_NAME, KEY_STORE_TYPE, "com.ibm.ssl.keyStorePassword", TOKEN_TYPE, TOKEN_SLOT, TOKEN_LIBRARY_FILE, TOKEN_PASSWORD, CLIENT_KEY_ALIAS, SERVER_KEY_ALIAS};
    public static final String SSL_KEYRING_PASSWORD = "com.ibm.CORBA.SSLKeyRingPassword";
    public static final String SSL_CLIENT_KEYRING_PASSWORD = "com.ibm.CORBA.SSLClientKeyRingPassword";
    public static final String SSL_SERVER_KEYRING_PASSWORD = "com.ibm.CORBA.SSLServerKeyRingPassword";
    public static final String[] sasPasswordNames = {LOGIN_PASSWORD, "LOCALOS.server.pwd", "LOCALOS.server.pwd", SSL_KEYRING_PASSWORD, SSL_CLIENT_KEYRING_PASSWORD, SSL_SERVER_KEYRING_PASSWORD, "com.ibm.ssl.keyStorePassword", "com.ibm.ssl.trustStorePassword", TOKEN_PASSWORD};
    private static final String line_separator = System.getProperty("line.separator");
    private static final String section_1a = new StringBuffer().append("###############################################################################").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#                             SAS Properties File").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#  This file contains properties that are used by the Secure Association").append(line_separator).append("#  Services (SAS) component of the WebSphere Application Server product.").append(line_separator).append("#  SAS executes on WebSphere java servers and client systems with java").append(line_separator).append("#  applications that access WebSphere servers.").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#  ** SAS/CSIv2 Trace Instructions **").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#  Note:  To enable logging of trace on the application client, add the ").append(line_separator).append("#  following property to the startup script: -DtraceSettingsFile=filename.").append(line_separator).append("#  Do not specify filename as a fully qualified path and filename, just").append(line_separator).append("#  specify the filename.  The file must exist in the classpath to be loaded.").append(line_separator).append("#  A sample file is provided in <was_root>/properties/TraceSettings.properties.").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#  There are two related functions provided by this file:").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#    1.traceFileName property").append(line_separator).append("#      This should be set to the fully qualified name of a file to which you want").append(line_separator).append("#\t\toutput written. For example, traceFileName=c:\\MyTraceFile.log. This").append(line_separator).append("#\t\tproperty must be specified, otherwise no visible output is generated.").append(line_separator).append("#    2.Trace string").append(line_separator).append("#\t\tTo enable SAS/CSIv2 trace, specify the trace string: SASRas=all=enabled").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#  If you only want to trace specific classes, you can specify a trace filter by").append(line_separator).append("#  adding the property com.ibm.CORBA.securityTraceFilter=<comma-separated class names>").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#  Example:  com.ibm.CORBA.securityTraceFilter=SecurityConnectionInterceptor, CSIClientRI, SessionManager").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#  ** Encoding Passwords in this File **").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#  The PropFilePasswordEncoder utility may be used to encode passwords in a").append(line_separator).append("#  properties file. To edit an encoded password, replace the whole password").append(line_separator).append("#  string (including the encoding tag {...}) with the new password and then").append(line_separator).append("#  encode the password with the PropFilePasswordEncoder utility. Refer to").append(line_separator).append("#  product documentation for additional information.").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("###############################################################################").append(line_separator).toString();
    private static final String section_1c = new StringBuffer().append("#  - miscellaneous properties (e.g. customer defined)").append(line_separator).toString();
    private static final String clientSecEnable = new StringBuffer().append("------------------------------------------------------------------------------").append(line_separator).append("# Client Security Enablement").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("# - security enabled status  ( false, true [default] )").append(line_separator).append("#------------------------------------------------------------------------------").toString();
    private static final String rmiiop_auth_proc = new StringBuffer().append("------------------------------------------------------------------------------").append(line_separator).append("# RMI/IIOP Authentication Protocol (sas, csiv2, both [default])").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("# Specify \"both\" when communicating with 5.0x and previous release servers.").append(line_separator).append("# Specify \"csiv2\" when communicating with only 5.0x servers.").append(line_separator).append("# Specify \"sas\" when communicating with only previous release servers").append(line_separator).append("#------------------------------------------------------------------------------").toString();
    private static final String CSIv2_Config = new StringBuffer().append("------------------------------------------------------------------------------").append(line_separator).append("# CSIv2 Configuration (see InfoCenter for more information on these properties).").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("# This is where you enable SSL client certificate authentication.  Must also").append(line_separator).append("# specify a valid SSL keyStore below with a personal certificate in it.").append(line_separator).append("#------------------------------------------------------------------------------").toString();
    private static final String note_both__ba_ssl = new StringBuffer().append("# Note: You can perform BasicAuth (uid/pw) and SSL client authentication (certificate)").append(line_separator).append("# simultaneously, however, the BasicAuth identity will always take precedence at the server.").toString();
    private static final String note_ssl = new StringBuffer().append("# Note: This property is only valid when SSL connections are supported or required.").append(line_separator).toString();
    private static final String sec_auth = new StringBuffer().append("------------------------------------------------------------------------------").append(line_separator).append("# Authentication Configuration").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("# - authenticationTarget       (BasicAuth [default], this is the only supported selection").append(line_separator).append("#                               on a pure client for this release.  This is for message").append(line_separator).append("#                               layer authentication only, SSL client certificate authentication").append(line_separator).append("#                               is configured below under CSIv2 configuration.)").append(line_separator).append("# - authenticationRetryEnabled (enables authentication retries if login fails when").append(line_separator).append("#                               loginSource=prompt or stdin)").append(line_separator).append("# - authenticationRetryCount   (the number of times to retry)").append(line_separator).append("# - source                     (prompt [default], properties, keyfile, stdin, none)").append(line_separator).append("# - timeout                    (prompt timeout, specified in seconds, 0 min to 600 max [default 300])").append(line_separator).append("# - validateBasicAuth          (determines if immediate authentication after uid/pw login,").append(line_separator).append("#                               or wait for method request to send uid/pw to server,").append(line_separator).append("#                               setting this to false gives the previous release behavior.)").append(line_separator).append("# - securityServerHost         (when validateBasicAuth=true, this property might need to be set").append(line_separator).append("#                               in order for security code to lookup SecurityServer.  Needs to be set to").append(line_separator).append("#                               any running WebSphere server host in the cell you are authenticating to.").append(line_separator).append("# - securityServerPort         (when validateBasicAuth=true, this property might need to be set").append(line_separator).append("#                               in order for security code to lookup SecurityServer.  Needs to be set to").append(line_separator).append("#                               the bootstrap port of the host chosen above.").append(line_separator).append("# - loginUserid                (must be set if login source is \"properties\" )").append(line_separator).append("# - loginPassword              (must be set if login source is \"properties\" )").append(line_separator).append("# - principalName              (format: \"realm/userid\", only needed in cases where realm").append(line_separator).append("#                               is required. Typically the realm is already provided by the").append(line_separator).append("#                               server via the IOR and this property is not necessary).").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#------------------------------------------------------------------------------").toString();
    private static final String ssl_op = new StringBuffer().append("------------------------------------------------------------------------------").append(line_separator).append("# SSL Configuration").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("# - protocol  ( SSL [default], SSLv2, SSLv3, TLS, TLSv1 )").append(line_separator).append("# - keystore type  ( JKS [default], JCEK, PKCS12 )").append(line_separator).append("# - trustStoreType                              (JKS [default], JCEK, PKCS12)").append(line_separator).append("# - keyStore and trustStore                     (fully qualified path to file)").append(line_separator).append("# - keyStoreClientAlias                         (string specifying ssl certificate alias to use from keyStore)").append(line_separator).append("# - keyStorePassword and trustStorePassword").append(line_separator).append("# - cipher suites                               (refer to InfoCenter for valid ciphers)").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#    Note: The com.ibm.ssl.enabledCipherSuites property defines the cipher").append(line_separator).append("#          suites used for the SSL session. If this property is defined, it").append(line_separator).append("#          overrides the default cipher suites defined for the specified QOP.").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#------------------------------------------------------------------------------").toString();
    private static final String perform_qop = new StringBuffer().append("------------------------------------------------------------------------------").append(line_separator).append("# Quality of Protection for the IBM protocol").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#- perform  ( high [default], medium, low )").append(line_separator).append("#------------------------------------------------------------------------------").toString();
    private static final String request_timeout = new StringBuffer().append("------------------------------------------------------------------------------").append(line_separator).append("# CORBA Request Timeout (used when getting NO_RESPONSE exceptions, typically").append(line_separator).append("#                        during high-stress loads.  Specify on all processes").append(line_separator).append("#                        involved in the communications.)").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#- timeout  ( specified in seconds [default 180], 0 implies no timeout )").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#    com.ibm.CORBA.requestTimeout=180").append(line_separator).append("#------------------------------------------------------------------------------").toString();
    private static final String misc = new StringBuffer().append("------------------------------------------------------------------------------").append(line_separator).append("#Miscellaneous").append(line_separator).append("#------------------------------------------------------------------------------").toString();
    private static final String section_4 = new StringBuffer().append(line_separator).append("###############################################################################").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("#                           Miscellaneous Properties").append(line_separator).append(SessionConfig.SUBTOPIC_MATCHMANY).append(line_separator).append("###############################################################################").append(line_separator).toString();

    public static void decodeFilePasswords(URL url) throws IOException, com.ibm.ISecurityUtilityImpl.InvalidPasswordDecodingException {
        if (url == null) {
            throw new IOException();
        }
        Properties loadProperties = loadProperties(url);
        if (loadProperties == null) {
            throw new IOException();
        }
        if (decodePropPasswords(loadProperties)) {
            saveConfig(loadProperties, url);
        }
    }

    public static boolean decodePropPasswords(Properties properties) throws com.ibm.ISecurityUtilityImpl.InvalidPasswordDecodingException {
        if (properties == null) {
            throw new com.ibm.ISecurityUtilityImpl.InvalidPasswordDecodingException();
        }
        boolean z = false;
        for (int i = 0; i < sasPasswordNames.length; i++) {
            String property = properties.getProperty(sasPasswordNames[i]);
            if (property != null) {
                String trim = property.trim();
                if (trim.length() <= 0) {
                    continue;
                } else {
                    String passwordDecode = com.ibm.ISecurityUtilityImpl.PasswordUtil.passwordDecode(trim);
                    if (passwordDecode == null) {
                        throw new com.ibm.ISecurityUtilityImpl.InvalidPasswordDecodingException();
                    }
                    if (!passwordDecode.equals(trim)) {
                        z = true;
                        properties.put(sasPasswordNames[i], passwordDecode);
                    }
                }
            }
        }
        return z;
    }

    public static void encodeFilePasswords(URL url, URL url2) throws IOException, com.ibm.ISecurityUtilityImpl.InvalidPasswordEncodingException {
        if (url == null || url2 == null) {
            throw new IOException();
        }
        Properties loadProperties = loadProperties(url);
        Properties loadProperties2 = loadProperties(url2);
        if (loadProperties == null || loadProperties2 == null) {
            throw new IOException();
        }
        boolean z = false;
        boolean z2 = false;
        for (int i = 0; i < sasPasswordNames.length; i++) {
            String str = null;
            String str2 = null;
            String str3 = null;
            if (loadProperties != null) {
                str = loadProperties.getProperty(sasPasswordNames[i]);
                if (str != null) {
                    str = str.trim();
                    if (str.length() > 0) {
                        str3 = str;
                    }
                }
            }
            if (loadProperties2 != null) {
                str2 = loadProperties2.getProperty(sasPasswordNames[i]);
                if (str2 != null) {
                    str2 = str2.trim();
                    if (str2.length() > 0) {
                        str3 = str2;
                    }
                }
            }
            if (str3 != null) {
                String passwordEncode = com.ibm.ISecurityUtilityImpl.PasswordUtil.passwordEncode(str3);
                if (passwordEncode == null) {
                    throw new com.ibm.ISecurityUtilityImpl.InvalidPasswordEncodingException();
                }
                if (passwordEncode.equals(str3)) {
                    if (str != null && !str.equals(str3)) {
                        z = true;
                        loadProperties.put(sasPasswordNames[i], str3);
                    }
                    if (str2 != null && !str2.equals(str3)) {
                        z2 = true;
                        loadProperties2.put(sasPasswordNames[i], str3);
                    }
                } else {
                    if (loadProperties != null) {
                        z = true;
                        loadProperties.put(sasPasswordNames[i], passwordEncode);
                    }
                    if (loadProperties2 != null) {
                        z2 = true;
                        loadProperties2.put(sasPasswordNames[i], passwordEncode);
                    }
                }
            }
        }
        if (z) {
            saveConfig(loadProperties, url);
        }
        if (z2) {
            saveConfig(loadProperties2, url2);
        }
    }

    public static void encodeFilePasswords(URL url) throws IOException, com.ibm.ISecurityUtilityImpl.InvalidPasswordEncodingException {
        if (url == null) {
            throw new IOException();
        }
        Properties loadProperties = loadProperties(url);
        if (loadProperties == null) {
            throw new IOException();
        }
        if (encodePropPasswords(loadProperties)) {
            saveConfig(loadProperties, url);
        }
    }

    public static boolean encodePropPasswords(Properties properties) throws com.ibm.ISecurityUtilityImpl.InvalidPasswordEncodingException {
        if (properties == null) {
            throw new com.ibm.ISecurityUtilityImpl.InvalidPasswordEncodingException();
        }
        boolean z = false;
        for (int i = 0; i < sasPasswordNames.length; i++) {
            String property = properties.getProperty(sasPasswordNames[i]);
            if (property != null) {
                String trim = property.trim();
                if (trim.length() <= 0) {
                    continue;
                } else {
                    String passwordEncode = com.ibm.ISecurityUtilityImpl.PasswordUtil.passwordEncode(trim);
                    if (passwordEncode == null) {
                        throw new com.ibm.ISecurityUtilityImpl.InvalidPasswordEncodingException();
                    }
                    if (!passwordEncode.equals(trim)) {
                        z = true;
                        properties.put(sasPasswordNames[i], passwordEncode);
                    }
                }
            }
        }
        return z;
    }

    public static void saveConfig(Properties properties, FileOutputStream fileOutputStream) throws IOException {
        if (properties == null || fileOutputStream == null) {
            throw new IOException();
        }
        saveConfig(properties, (OutputStream) fileOutputStream);
    }

    public static void saveConfig(Properties properties, URL url) throws IOException {
        if (properties == null || url == null) {
            throw new IOException();
        }
        OutputStream fileOutputStream = url.getProtocol().equals("file") ? new FileOutputStream(url.getFile()) : url.openConnection().getOutputStream();
        if (fileOutputStream == null) {
            throw new IOException();
        }
        saveConfig(properties, fileOutputStream);
        fileOutputStream.close();
    }

    private static void copyProperty(Object obj, Properties properties, Properties properties2) throws IOException {
        if (obj == null || properties == null || properties2 == null) {
            throw new IOException();
        }
        Object remove = properties.remove(obj);
        if (remove == null) {
            properties2.remove(obj);
        } else {
            properties2.put(obj, remove);
        }
    }

    private static Properties loadProperties(URL url) throws IOException {
        if (url == null) {
            throw new IOException();
        }
        Properties properties = new Properties();
        InputStream openStream = url.openStream();
        if (properties == null || openStream == null) {
            throw new IOException();
        }
        try {
            properties.load(openStream);
            if (openStream != null) {
                openStream.close();
            }
            return properties;
        } catch (Throwable th) {
            if (openStream != null) {
                openStream.close();
            }
            throw th;
        }
    }

    private static void saveConfig(Properties properties, OutputStream outputStream) throws IOException {
        if (properties == null || outputStream == null) {
            throw new IOException();
        }
        String property = properties.getProperty(AUTHENTICATION_TARGET_PROPERTY);
        if (property == null || property.equalsIgnoreCase("BasicAuth")) {
        }
        Properties properties2 = new Properties();
        copyProperty(SECURITY_ENABLED_PROPERTY, properties, properties2);
        Properties properties3 = new Properties();
        copyProperty(CSI_PROTOCOL, properties, properties3);
        Properties properties4 = new Properties();
        for (int i = 0; i < AuthPropNames.length; i++) {
            copyProperty(AuthPropNames[i], properties, properties4);
        }
        Properties properties5 = new Properties();
        for (int i2 = 0; i2 < loginPropNames.length; i2++) {
            copyProperty(loginPropNames[i2], properties, properties5);
        }
        Properties properties6 = new Properties();
        copyProperty(CSI_PERFORM_STATEFUL, properties, properties6);
        Properties properties7 = new Properties();
        copyProperty(CSI_PERFORM_CLIENT_AUTH_REQ, properties, properties7);
        copyProperty(CSI_PERFORM_CLIENT_AUTH_SUP, properties, properties7);
        Properties properties8 = new Properties();
        copyProperty(CSI_PERFORM_TLC_CLIENT_AUTH_REQ, properties, properties8);
        copyProperty(CSI_PERFORM_TLC_CLIENT_AUTH_SUP, properties, properties8);
        Properties properties9 = new Properties();
        copyProperty(CSI_PERFORM_TRANSPORT_REQ, properties, properties9);
        copyProperty(CSI_PERFORM_TRANSPORT_SUP, properties, properties9);
        Properties properties10 = new Properties();
        copyProperty(CSI_PERFORM_MESSAGE_INT_REQ, properties, properties10);
        copyProperty(CSI_PERFORM_MESSAGE_INT_SUP, properties, properties10);
        Properties properties11 = new Properties();
        copyProperty(CSI_PERFORM_MESSAGE_CON_REQ, properties, properties11);
        copyProperty(CSI_PERFORM_MESSAGE_CON_SUP, properties, properties11);
        Properties properties12 = new Properties();
        for (int i3 = 0; i3 < SSL_PROPERTY_NAMES.length; i3++) {
            copyProperty(SSL_PROPERTY_NAMES[i3], properties, properties12);
        }
        Properties properties13 = new Properties();
        copyProperty(SSL_ORB_CLIENT_QOP, properties, properties13);
        Properties properties14 = new Properties();
        copyProperty(REQUEST_TIMEOUT, properties, properties14);
        outputStream.write(section_1a.getBytes());
        if (!properties.isEmpty()) {
            outputStream.write(section_1c.getBytes());
        }
        if (!properties2.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties2.store(outputStream, clientSecEnable);
        }
        if (!properties3.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties3.store(outputStream, rmiiop_auth_proc);
        }
        if (!properties4.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties4.store(outputStream, sec_auth);
        }
        if (!properties5.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties5.store(outputStream, rmiiop_user_id);
        }
        if (!properties6.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties6.store(outputStream, new StringBuffer().append(CSIv2_Config).append(line_separator).append(stateful_sessions).toString());
        }
        if (!properties7.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties7.store(outputStream, basicAuth_client_auth);
        }
        if (!properties8.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties8.store(outputStream, ssl_client_auth);
        }
        outputStream.write(line_separator.getBytes());
        outputStream.write(note_both__ba_ssl.getBytes());
        outputStream.write(line_separator.getBytes());
        if (!properties9.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties9.store(outputStream, ssl_connection);
        }
        if (!properties10.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties10.store(outputStream, cipher_40bit);
        }
        outputStream.write(note_ssl.getBytes());
        if (!properties11.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties11.store(outputStream, cipher_128bit);
        }
        outputStream.write(note_ssl.getBytes());
        if (!properties12.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties12.store(outputStream, ssl_op);
        }
        if (!properties13.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties13.store(outputStream, perform_qop);
        }
        if (!properties14.isEmpty()) {
            outputStream.write(line_separator.getBytes());
            properties14.store(outputStream, request_timeout);
        }
        if (properties.isEmpty()) {
            return;
        }
        outputStream.write(section_4.getBytes());
        outputStream.write(line_separator.getBytes());
        properties.store(outputStream, misc);
    }
}
