package com.ibm.rational.test.lt.recorder.proxy.internal.proxy.socks;

import com.ibm.rational.test.lt.recorder.proxy.IHttpConstants;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.IProxyOptions;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.ProxyMessages;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.Socket;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.StringTokenizer;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.DataLengthException;

/* loaded from: input_file:recorderHttp-remote.jar:com/ibm/rational/test/lt/recorder/proxy/internal/proxy/socks/SSLCheckClass.class */
public class SSLCheckClass {
    private String sslProtocol;
    private KeyStore ks;
    private String clientCertificatePath;
    private String clientCertificatePass;
    ClientSideReader csr;
    IProxyOptions options;
    public byte[] CONNECTBuffer;
    public int CONNECTread_bytes;
    SSLSocket sslServer = null;
    SSLSocket spySocket = null;
    SSLSocket HTTPServerSocket = null;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:recorderHttp-remote.jar:com/ibm/rational/test/lt/recorder/proxy/internal/proxy/socks/SSLCheckClass$SSLContextSet.class */
    public class SSLContextSet {
        SSLContext ctx;
        String ipValue;
        int portValue;
        KCertificateManager ksm;

        protected SSLContextSet() {
        }
    }

    public boolean makeSecureConnection() {
        long currentTime = this.csr.packetWriter.currentTime();
        if (!connectToSecureServer(this.csr.destServer, this.csr.serverPort)) {
            return false;
        }
        if (createSSLSpyServerSocket()) {
            int i = this.csr.iConnection;
            this.csr.iConnection = ClientSideReader.getNextConnection();
            this.csr.packetWriter.writeOpenSecureConnectionInfo(this.csr.bSecure, this.csr.iConnection, i, this.csr.destServer, this.csr.serverPort, this.csr.client, this.csr.httpServer, this.spySocket, this.sslServer, currentTime, this.csr.sslCipherSuite, this.csr.sslProtocol);
        }
        try {
            this.csr.to_client = this.spySocket.getOutputStream();
            this.csr.from_client = this.spySocket.getInputStream();
            this.csr.to_server = this.sslServer.getOutputStream();
            this.csr.from_server = this.sslServer.getInputStream();
            this.csr.httpServer = this.sslServer;
            this.csr.bSecure = true;
            this.csr.serverReader = new ServerSideReader(this.csr.client, this.csr.httpServer, this.csr.from_server, this.csr.to_client, this.csr.packetWriter, this.csr.iConnection, this.csr.bSecure, this.spySocket.getReceiveBufferSize());
            this.csr.serverReader.start();
            this.csr.PrintToServer = false;
            return this.csr.bSecure;
        } catch (IOException e) {
            this.csr.packetWriter.writeRecorderMessage(2, "exception in creating SSL Spy Socket: " + e);
            this.csr.proxy.getContext().getLog().logError(ProxyMessages.SOCKS_RECORDER_SSL_SPYSOCKET_EXCEPTION, e);
            return false;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:9:0x003a, code lost:
    
        if (r0 == null) goto L8;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean connectToSecureServer(java.lang.String r8, int r9) {
        /*
            Method dump skipped, instructions count: 654
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.rational.test.lt.recorder.proxy.internal.proxy.socks.SSLCheckClass.connectToSecureServer(java.lang.String, int):boolean");
    }

    public SSLCheckClass(ClientSideReader clientSideReader) throws InvalidKeyException, DataLengthException, SecurityException, SignatureException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, CertificateException, InvalidKeySpecException, IOException, CryptoException {
        this.sslProtocol = "";
        this.csr = null;
        this.options = clientSideReader.getProxy().getProxyOptions();
        this.ks = this.options.getServerCertificate(clientSideReader.destServer, clientSideReader.destPort);
        this.clientCertificatePath = this.options.getClientCertificatePath(clientSideReader.destServer, clientSideReader.destPort);
        this.clientCertificatePass = this.options.getClientCertificatePass(clientSideReader.destServer, clientSideReader.destPort);
        String supportedSSLProtocols = this.options.getSupportedSSLProtocols();
        if (supportedSSLProtocols == null) {
            this.sslProtocol = "SSLv3";
        } else if (supportedSSLProtocols.indexOf("TLSv1") >= 0) {
            this.sslProtocol = "SSL_TLS";
        } else if (supportedSSLProtocols.indexOf("SSLv3") >= 0) {
            this.sslProtocol = "SSLv3";
        } else {
            this.sslProtocol = "Unknown SSL Encryption";
        }
        this.csr = clientSideReader;
    }

    public boolean createSSLSpyServerSocket() {
        try {
            SSLContext sSLContext = SSLContext.getInstance(this.sslProtocol);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("IbmX509");
            keyManagerFactory.init(this.ks, "changeit".toCharArray());
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            this.spySocket = (SSLSocket) sSLContext.getSocketFactory().createSocket((Socket) this.csr.client, "localhost", this.csr.client.getLocalPort(), true);
            this.spySocket.setUseClientMode(false);
            return true;
        } catch (Exception e) {
            this.csr.packetWriter.writeRecorderMessage(2, "exception in creating SSL Spy Socket: " + e);
            this.csr.proxy.getContext().getLog().logError(ProxyMessages.SOCKS_RECORDER_SSL_SPYSOCKET_EXCEPTION, e);
            return false;
        }
    }

    public String makeSecureConnectionHTTP(byte[] bArr, int i, String str, int i2, boolean z) {
        String sendConnectToProxyServer;
        if (i > 0) {
            if (!z) {
                sendConnectToProxyServer = sendConnectToProxyServer(bArr, i);
            } else {
                if (!connectToProxyServerSSL(str, i2)) {
                    return "Failed_to_Connect";
                }
                try {
                    this.csr.to_server = this.csr.httpSSLServer.getOutputStream();
                    this.csr.from_server = this.csr.httpSSLServer.getInputStream();
                } catch (Exception e) {
                    this.csr.packetWriter.writeRecorderMessage(2, "exception in ClientSideReader : " + e + " Connection: " + this.csr.iConnection);
                    this.csr.proxy.getContext().getLog().logError(ProxyMessages.SOCKS_RECORDER_CLIENTSIDE_READER_EXCEPTION, e);
                }
                sendConnectToProxyServer = sendConnectToProxyServer(bArr, i);
            }
            if (!sendConnectToProxyServer.equals("SSL_Good")) {
                return sendConnectToProxyServer;
            }
            long currentTime = this.csr.packetWriter.currentTime();
            if (!convertHTTPServerConnectionToSSL(this.csr.destServer, this.csr.destPort, this.sslProtocol)) {
                return "Failed_to_Connect";
            }
            if (createSSLSpyServerSocket()) {
                this.csr.packetWriter.writeOpenConnectionInfo(this.csr.bSecure, this.csr.iConnection, str, i2, this.csr.client, this.csr.httpServer, null, null, this.csr.creationTime);
                int i3 = this.csr.iConnection;
                this.csr.iConnection = ClientSideReader.getNextConnection();
                this.csr.packetWriter.writeOpenSecureConnectionInfo(this.csr.bSecure, this.csr.iConnection, i3, str, i2, this.csr.client, this.csr.httpServer, this.spySocket, this.sslServer, currentTime, this.csr.sslCipherSuite, this.csr.sslProtocol);
            }
            try {
                this.csr.to_client = this.spySocket.getOutputStream();
                this.csr.from_client = this.spySocket.getInputStream();
                this.csr.httpServer = this.HTTPServerSocket;
                this.csr.to_server = this.HTTPServerSocket.getOutputStream();
                this.csr.from_server = this.HTTPServerSocket.getInputStream();
                this.csr.bSecure = true;
                this.csr.secureConnectionOK = true;
                this.csr.serverReader = new ServerSideReader(this.csr.client, this.csr.httpServer, this.csr.from_server, this.csr.to_client, this.csr.packetWriter, this.csr.iConnection, this.csr.bSecure, this.spySocket.getReceiveBufferSize());
                this.csr.serverReader.start();
            } catch (IOException e2) {
                this.csr.packetWriter.writeRecorderMessage(2, "exception in creating SSL Spy Socket: " + e2);
                this.csr.proxy.getContext().getLog().logError(ProxyMessages.SOCKS_RECORDER_SSL_SPYSOCKET_EXCEPTION, e2);
                return "Failed_to_Connect";
            }
        }
        this.csr.PrintToServer = false;
        return this.csr.bSecure ? "SSL_Good" : "Failed_to_Connect";
    }

    String sendConnectToProxyServer(byte[] bArr, int i) {
        String str = "Failed_to_Connect";
        if (i > 0) {
            try {
                this.CONNECTBuffer = new byte[this.csr.httpServer.getReceiveBufferSize()];
                this.csr.to_server.write(bArr, 0, i);
                this.csr.to_server.flush();
                this.CONNECTread_bytes = this.csr.from_server.read(this.CONNECTBuffer);
                if (this.CONNECTread_bytes > 0) {
                    int status = getStatus(new String(this.CONNECTBuffer, 0, this.CONNECTread_bytes));
                    if (status == 200) {
                        this.csr.to_client.write(this.CONNECTBuffer, 0, this.CONNECTread_bytes);
                        this.csr.to_client.flush();
                        str = "SSL_Good";
                    } else if (status == 407) {
                        str = "Got_407";
                    } else if (status == 2407) {
                        str = "Got_2407";
                    }
                }
            } catch (IOException e) {
                this.csr.packetWriter.writeRecorderMessage(2, "exception in makeSecureConnection(): " + e);
                this.csr.proxy.getContext().getLog().logError(ProxyMessages.SOCKS_RECORDER_SSL_SPYSOCKET_EXCEPTION, e);
                return "Failed_to_Connect";
            }
        }
        return str;
    }

    /* JADX WARN: Code restructure failed: missing block: B:4:0x0036, code lost:
    
        if (r0 == null) goto L6;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    boolean convertHTTPServerConnectionToSSL(java.lang.String r8, int r9, java.lang.String r10) {
        /*
            Method dump skipped, instructions count: 580
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.rational.test.lt.recorder.proxy.internal.proxy.socks.SSLCheckClass.convertHTTPServerConnectionToSSL(java.lang.String, int, java.lang.String):boolean");
    }

    private boolean connectToProxyServerSSL(String str, int i) {
        boolean z = false;
        try {
            Socket socket = new Socket(Proxy.NO_PROXY);
            socket.connect(new InetSocketAddress(str, i));
            this.csr.httpSSLServer = socket;
            if (this.csr.httpSSLServer != null) {
                z = true;
                this.csr.httpServer = this.csr.httpSSLServer;
            } else {
                z = false;
                this.csr.packetWriter.writeRecorderMessage(2, "Error connecting to Server:" + str + " Port: " + i);
            }
        } catch (IOException e) {
            this.csr.packetWriter.writeRecorderMessage(2, "Error Connecting to Proxy Server:" + str + IHttpConstants.COLON + i + e);
        }
        return z;
    }

    private int getStatus(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, IHttpConstants.EOL_MARKER);
        StringTokenizer stringTokenizer2 = new StringTokenizer(stringTokenizer.nextToken(), IHttpConstants.SPACE);
        stringTokenizer2.nextToken();
        int intValue = new Integer(stringTokenizer2.nextToken()).intValue();
        if (intValue == 407) {
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (nextToken.startsWith("Proxy-Authenticate") && nextToken.indexOf(" TlRMTVNTUA") > 0) {
                    return 2407;
                }
            }
        }
        return intValue;
    }
}
