package com.ibm.xtools.oslc.integration.oauth.internal.jaf;

import com.ibm.xtools.oslc.integration.oauth.ICertificateValidator;
import com.ibm.xtools.oslc.integration.oauth.JfsX509TrustManager;
import com.ibm.xtools.oslc.integration.oauth.LogHelper;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.params.HttpParams;

/* loaded from: input_file:com/ibm/xtools/oslc/integration/oauth/internal/jaf/SslSocketFactory.class */
public class SslSocketFactory extends SSLSocketFactory {
    protected static final TrustManager NAIVE_TRUST_MANAGER = new NaiveTrustManager();
    private static final List<String> DEFAULT_ALGORITHMS = Arrays.asList("SSL_TLS", "TLS", "SSL");
    private HttpParams params;

    public SslSocketFactory(HttpParams httpParams) {
        this(httpParams, (List<String>) null);
        this.params = httpParams;
    }

    public SslSocketFactory(KeyManager[] keyManagerArr, ICertificateValidator iCertificateValidator) {
        super(createSSLContext(DEFAULT_ALGORITHMS, new JfsX509TrustManager(iCertificateValidator), keyManagerArr), new CertificateHostNameVerifier(new BrowserCompatHostnameVerifier(), iCertificateValidator));
    }

    public SslSocketFactory(HttpParams httpParams, List<String> list) {
        super(createSSLContext(getSSLProtocols(list), (httpParams == null || SslParams.isSslNaive(httpParams)) ? NAIVE_TRUST_MANAGER : null, (KeyManager[]) null), (X509HostnameVerifier) null);
    }

    public SslSocketFactory(HttpParams httpParams, boolean z, List<String> list) {
        super(createSSLContext(getSSLProtocols(list), (httpParams == null || SslParams.isSslNaive(httpParams)) ? NAIVE_TRUST_MANAGER : null, (KeyManager[]) null), z ? SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER : null);
    }

    private static List<String> getSSLProtocols(List<String> list) {
        if (list != null) {
            return list;
        }
        String property = System.getProperty("com.ibm.team.repository.transport.client.protocol");
        return property != null ? Arrays.asList(property) : DEFAULT_ALGORITHMS;
    }

    private static SSLContext createSSLContext(List<String> list, TrustManager trustManager, KeyManager[] keyManagerArr) {
        boolean isDebugging = LogHelper.isDebugging();
        if (isDebugging) {
            LogHelper.info("SSL Algorithm Priority: " + list);
        }
        for (String str : list) {
            SSLContext createSSLContext = createSSLContext(str, trustManager, keyManagerArr);
            if (createSSLContext != null) {
                return createSSLContext;
            }
            if (isDebugging) {
                LogHelper.info(MessageFormat.format("Failed to create {0} context", str));
            }
        }
        if (isDebugging) {
            LogHelper.info("No acceptable encryption algorithm found");
        }
        throw new RuntimeException("No acceptable encryption algorithm found");
    }

    private static SSLContext createSSLContext(String str, TrustManager trustManager, KeyManager[] keyManagerArr) {
        boolean isDebugging = LogHelper.isDebugging();
        if (isDebugging) {
            LogHelper.info(MessageFormat.format("Creating {0} context", str));
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance(str);
            sSLContext.init(keyManagerArr, trustManager == null ? null : new TrustManager[]{trustManager}, null);
            sSLContext.getSocketFactory().createSocket().close();
            return sSLContext;
        } catch (Throwable th) {
            if (!isDebugging) {
                return null;
            }
            LogHelper.error(th);
            return null;
        }
    }

    public HttpParams getParams() {
        return this.params;
    }
}
