package com.ibm.ws.sib.jfapchannel.framework.impl;

import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.util.PasswordUtil;
import com.ibm.ws.sib.jfapchannel.JFapChannelConstants;
import com.ibm.ws.sib.jfapchannel.XMLEndPoint;
import com.ibm.ws.sib.jfapchannel.framework.NetworkConnectionFactory;
import com.ibm.ws.sib.jfapchannel.framework.NetworkTransportFactory;
import com.ibm.ws.sib.mqfapchannel.impl.MQFapConstants;
import com.ibm.ws.sib.shell.util.ClassUtil;
import com.ibm.ws.sib.utils.PasswordSuppressingProperties;
import com.ibm.ws.sib.utils.ras.SibTr;
import com.ibm.ws.ssl.core.Constants;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.AccessController;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/jfapchannel/framework/impl/ThinClientTransportFactory.class */
public class ThinClientTransportFactory implements NetworkTransportFactory {
    private static final TraceComponent tc = SibTr.register(ThinClientTransportFactory.class, JFapChannelConstants.MSG_GROUP, JFapChannelConstants.MSG_BUNDLE);
    private static final String CLASS_NAME = ThinClientTransportFactory.class.getName();
    private final Map<String, NetworkConnectionFactory> networkConnectionFactories;
    private static final NetworkTransportFactory instance;
    private static final String IBMX509 = "IbmX509";

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v22, types: [javax.net.SocketFactory] */
    private ThinClientTransportFactory() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(this, tc, "<init>");
        }
        this.networkConnectionFactories = new HashMap();
        this.networkConnectionFactories.put("BootstrapBasicMessaging", new SocketNetworkConnectionFactory(SocketFactory.getDefault(), "BootstrapBasicMessaging", false, false));
        try {
            SSLSocketFactory createSSLSocketFactory = createSSLSocketFactory();
            if (createSSLSocketFactory == null) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    SibTr.debug(this, tc, "Using default SSL Socket factory");
                }
                createSSLSocketFactory = SSLSocketFactory.getDefault();
            }
            this.networkConnectionFactories.put("BootstrapSecureMessaging", new SocketNetworkConnectionFactory(createSSLSocketFactory, "BootstrapSecureMessaging", true, false));
        } catch (Exception e) {
            FFDCFilter.processException(e, CLASS_NAME + ".<init>", "132:1.11", this);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "Unable to initialise SSL", e);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(this, tc, "<init>");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final NetworkTransportFactory getInstance() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, MQFapConstants.JFAP_CHANNELFW_GETINSTANCE);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, MQFapConstants.JFAP_CHANNELFW_GETINSTANCE);
        }
        return instance;
    }

    @Override // com.ibm.ws.sib.jfapchannel.framework.NetworkTransportFactory
    public NetworkConnectionFactory getOutboundNetworkConnectionFactoryByName(String str) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(this, tc, "getOutboundNetworkConnectionFactoryByName", str);
        }
        NetworkConnectionFactory networkConnectionFactory = this.networkConnectionFactories.get(str);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(this, tc, "getOutboundNetworkConnectionFactoryByName", networkConnectionFactory);
        }
        return networkConnectionFactory;
    }

    @Override // com.ibm.ws.sib.jfapchannel.framework.NetworkTransportFactory
    public NetworkConnectionFactory getOutboundNetworkConnectionFactoryFromEndPoint(Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(this, tc, "getOutboundNetworkConnectionFactoryFromEndPoint", obj);
        }
        NetworkConnectionFactory networkConnectionFactory = null;
        XMLEndPoint.ChainTypeEnumeration type = ((XMLEndPoint) obj).getType();
        if (type == XMLEndPoint.ChainTypeEnumeration.TCP) {
            networkConnectionFactory = this.networkConnectionFactories.get("BootstrapBasicMessaging");
        } else if (type == XMLEndPoint.ChainTypeEnumeration.SSL) {
            networkConnectionFactory = this.networkConnectionFactories.get("BootstrapSecureMessaging");
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(this, tc, "getOutboundNetworkConnectionFactoryFromEndPoint", networkConnectionFactory);
        }
        return networkConnectionFactory;
    }

    private SSLSocketFactory createSSLSocketFactory() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, NoSuchProviderException, UnrecoverableKeyException, KeyManagementException {
        FileInputStream fileInputStream;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(this, tc, "createSSLSocketFactory");
        }
        SSLSocketFactory sSLSocketFactory = null;
        Properties loadSSLProperties = loadSSLProperties();
        if (loadSSLProperties != null) {
            String property = loadSSLProperties.getProperty(JFapChannelConstants.RUNTIMEINFO_JSSE_PROVIDER);
            if (property == null) {
                property = Constants.IBMJSSE2;
            }
            final String str = property;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "JSSE Provider = " + str);
            }
            if (Security.getProvider(str) == null) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    SibTr.debug(this, tc, "Security provider is not installed - installed now");
                }
                AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.sib.jfapchannel.framework.impl.ThinClientTransportFactory.1
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        try {
                            Security.addProvider((Provider) ClassUtil.loadClass(str).newInstance());
                            return null;
                        } catch (Exception e) {
                            FFDCFilter.processException((Throwable) e, ThinClientTransportFactory.CLASS_NAME + ".createSSLSocketFactory", "240:1.11", new Object[]{str, this});
                            if (!TraceComponent.isAnyTracingEnabled() || !ThinClientTransportFactory.tc.isDebugEnabled()) {
                                return null;
                            }
                            SibTr.debug(this, ThinClientTransportFactory.tc, "Unable to add requested provider", e);
                            return null;
                        }
                    }
                });
            }
            String property2 = loadSSLProperties.getProperty("com.ibm.ssl.keyStoreType");
            if (property2 == null) {
                property2 = safelyGetSystemProperty(Constants.SYSTEM_SSLPROP_KEY_STORE_TYPE);
            }
            if (property2 == null) {
                property2 = "JKS";
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "Key Store Type", property2);
            }
            String property3 = loadSSLProperties.getProperty("com.ibm.ssl.trustStoreType");
            if (property3 == null) {
                property3 = safelyGetSystemProperty(Constants.SYSTEM_SSLPROP_TRUST_STORE_TYPE);
            }
            if (property3 == null) {
                property3 = "JKS";
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "Trust Store Type", property3);
            }
            String property4 = loadSSLProperties.getProperty("com.ibm.ssl.keyStore");
            if (property4 == null) {
                property4 = safelyGetSystemProperty(Constants.SYSTEM_SSLPROP_KEY_STORE);
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "Key Store File Name", property4);
            }
            String property5 = loadSSLProperties.getProperty("com.ibm.ssl.trustStore");
            if (property5 == null) {
                property5 = safelyGetSystemProperty(Constants.SYSTEM_SSLPROP_TRUST_STORE);
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "Trust Store File Name", property5);
            }
            String property6 = loadSSLProperties.getProperty("com.ibm.ssl.keyManager");
            if (property6 == null) {
                property6 = safelyGetSystemProperty(Constants.SYSTEM_SSLPROP_KEY_STORE_PROVIDER);
            }
            if (property6 == null) {
                property6 = IBMX509;
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "Key Store Manager", property6);
            }
            String property7 = loadSSLProperties.getProperty("com.ibm.ssl.trustManager");
            if (property7 == null) {
                property7 = safelyGetSystemProperty(Constants.SYSTEM_SSLPROP_TRUST_STORE_PROVIDER);
            }
            if (property7 == null) {
                property7 = IBMX509;
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "Trust Store Manager", property7);
            }
            String property8 = loadSSLProperties.getProperty("com.ibm.ssl.protocol");
            if (property8 == null) {
                property8 = "SSL";
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "SSL Context Protocol", property8);
            }
            String property9 = loadSSLProperties.getProperty("com.ibm.ssl.contextProvider");
            if (property9 == null) {
                property9 = "IBMJSSE2";
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "SSL Context Provider", property9);
            }
            String property10 = loadSSLProperties.getProperty("com.ibm.ssl.keyStorePassword");
            if (property10 == null) {
                property10 = safelyGetSystemProperty(Constants.SYSTEM_SSLPROP_KEY_STORE_PASSWORD);
            }
            String str2 = null;
            if (property10 != null) {
                try {
                    str2 = PasswordUtil.decode(property10);
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        SibTr.debug(this, tc, "Key Store Password was decoded successfully");
                    }
                } catch (Exception e) {
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        SibTr.debug(this, tc, "Key Store Password cannot be decoded (possibly because it is in plain text) - THIS IS NOT NECESSERILY AN ERROR", e);
                    }
                    str2 = property10;
                }
            }
            String property11 = loadSSLProperties.getProperty("com.ibm.ssl.trustStorePassword");
            if (property11 == null) {
                property11 = safelyGetSystemProperty(Constants.SYSTEM_SSLPROP_TRUST_STORE_PASSWORD);
            }
            String str3 = null;
            if (property11 != null) {
                try {
                    str3 = PasswordUtil.decode(property11);
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        SibTr.debug(this, tc, "Trust Store Password was decoded successfully");
                    }
                } catch (Exception e2) {
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        SibTr.debug(this, tc, "Trust Store Password cannot be decoded (possibly because it is in plain text) - THIS IS NOT NECESSERILY AN ERROR", e2);
                    }
                    str3 = property11;
                }
            }
            KeyManagerFactory keyManagerFactory = null;
            TrustManager[] trustManagerArr = null;
            if (property4 != null && str2 != null) {
                KeyStore keyStore = KeyStore.getInstance(property2);
                fileInputStream = new FileInputStream(property4);
                try {
                    keyStore.load(fileInputStream, str2.toCharArray());
                    quietlyCloseInputStream(fileInputStream);
                    keyManagerFactory = KeyManagerFactory.getInstance(property6, property9);
                    keyManagerFactory.init(keyStore, str2.toCharArray());
                } finally {
                }
            } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "The KeyStore & KeyManagerFactory can not be created because a required property value is null");
            }
            if (property5 != null && str3 != null) {
                KeyStore keyStore2 = KeyStore.getInstance(property3);
                fileInputStream = new FileInputStream(property5);
                try {
                    keyStore2.load(fileInputStream, str3.toCharArray());
                    quietlyCloseInputStream(fileInputStream);
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(property7, property9);
                    trustManagerFactory.init(keyStore2);
                    trustManagerArr = trustManagerFactory.getTrustManagers();
                } finally {
                }
            } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "The Trustmanager can not be created because a required value is null");
            }
            if (keyManagerFactory != null && trustManagerArr != null) {
                SSLContext sSLContext = SSLContext.getInstance(property8, property9);
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerArr, null);
                sSLSocketFactory = sSLContext.getSocketFactory();
            } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "The SSLSocketFactory can not be created because a required value is null");
            }
        } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            SibTr.debug(this, tc, "No IBM SSL properties returned");
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(this, tc, "createSSLSocketFactory", sSLSocketFactory);
        }
        return sSLSocketFactory;
    }

    private Properties loadSSLProperties() throws IOException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(this, tc, "loadSSLProperties");
        }
        try {
            Properties properties = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction<Properties>() { // from class: com.ibm.ws.sib.jfapchannel.framework.impl.ThinClientTransportFactory.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Properties run() throws IOException {
                    Properties properties2 = null;
                    String property = System.getProperty(JFapChannelConstants.SYSTEM_SIB_CLIENT_SSL_PROPERTIES);
                    if (property != null) {
                        if (TraceComponent.isAnyTracingEnabled() && ThinClientTransportFactory.tc.isDebugEnabled()) {
                            SibTr.debug(this, ThinClientTransportFactory.tc, "Trying system property=" + property);
                        }
                        FileInputStream fileInputStream = new FileInputStream(property);
                        try {
                            properties2 = new PasswordSuppressingProperties();
                            properties2.load(fileInputStream);
                            ThinClientTransportFactory.quietlyCloseInputStream(fileInputStream);
                        } catch (Throwable th) {
                            ThinClientTransportFactory.quietlyCloseInputStream(fileInputStream);
                            throw th;
                        }
                    } else {
                        URL resourceFromClassPathOrBundle = ClassUtil.getResourceFromClassPathOrBundle(JFapChannelConstants.CLIENT_SSL_PROPERTIES_FILE);
                        if (resourceFromClassPathOrBundle != null) {
                            if (TraceComponent.isAnyTracingEnabled() && ThinClientTransportFactory.tc.isDebugEnabled()) {
                                SibTr.debug(this, ThinClientTransportFactory.tc, "Located the properties file");
                            }
                            properties2 = new PasswordSuppressingProperties();
                            properties2.load(resourceFromClassPathOrBundle.openStream());
                        }
                    }
                    return properties2;
                }
            });
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                SibTr.exit(tc, "loadSSLProperties", "rc=" + (properties == null ? "null" : "not null"));
            }
            return properties;
        } catch (PrivilegedActionException e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(this, tc, "Unable to load properties file", e);
            }
            throw ((IOException) e.getException());
        }
    }

    private static String safelyGetSystemProperty(final String str) {
        String str2 = null;
        try {
            str2 = (String) AccessController.doPrivileged(new PrivilegedExceptionAction<String>() { // from class: com.ibm.ws.sib.jfapchannel.framework.impl.ThinClientTransportFactory.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public String run() throws Exception {
                    return System.getProperty(str);
                }
            });
        } catch (Exception e) {
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void quietlyCloseInputStream(InputStream inputStream) {
        if (inputStream != null) {
            try {
                inputStream.close();
            } catch (IOException e) {
            }
        }
    }

    static {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            SibTr.debug(tc, "@(#) SIB/ws/code/sib.jfapchannel.client.thin.impl/src/com/ibm/ws/sib/jfapchannel/framework/impl/ThinClientTransportFactory.java, SIB.comms, WASX.SIB, ww1616.03 1.11");
        }
        instance = new ThinClientTransportFactory();
    }
}
