package com.ibm.ctg.client;

import com.ibm.ctgsslight.SSLContext;
import com.ibm.ctgsslight.SSLException;
import com.ibm.ctgsslight.SSLSocket;
import com.ibm.eNetwork.ECL.vt.VTCharSet;
import com.ibm.eNetwork.HODUtil.services.admin.NSMConstants;
import com.ibm.sslight.SSLightKeyRing;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.net.UnknownHostException;

/* loaded from: input_file:habeansnlv2.jar:com/ibm/ctg/client/GSLightSocket.class */
public class GSLightSocket implements iSSLSocket {
    public static final String CLASS_VERSION = "@(#) java/client/GSLightSocket.java, client_java, c502, c502-20040301a 1.12 02/05/28 16:13:00";
    private static final String COPYRIGHT_NOTICE = "(c) Copyright IBM Corporation 2002.";
    private static final int KEYSTORE_TAMPER_MSG = 88;
    private SSLSocket internalSSLSocket;
    private SSLContext aContext;

    /* JADX INFO: Access modifiers changed from: package-private */
    public GSLightSocket(SSLSocket sSLSocket) {
        this.internalSSLSocket = sSLSocket;
        this.aContext = sSLSocket.getContext();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public GSLightSocket(String str, int i, boolean z, String str2, String str3) throws IOException, UnknownHostException {
        try {
            getKeyStore(str2, str3);
            this.aContext.allowStepUpCryptography();
            try {
                this.internalSSLSocket = new SSLSocket(str, i, this.aContext, false, (Object) null);
            } catch (SSLException e) {
                T.ex(this, e);
                throw new IOException(getSSLMessage(e));
            }
        } catch (SSLException e2) {
            T.ex(this, e2);
            if (T.bDebug) {
                T.ln(this, new StringBuffer().append("SSLException error=").append(getSSLMessage(e2)).toString());
            }
            throw new IOException(ClientMessages.getMessage(null, 88));
        } catch (ClassNotFoundException e3) {
            T.ex(this, e3);
            throw new IOException(ClientMessages.getMessage(null, 88));
        } catch (IllegalAccessException e4) {
            T.ex(this, e4);
            throw new IOException(ClientMessages.getMessage(null, 88));
        } catch (InstantiationException e5) {
            T.ex(this, e5);
            throw new IOException(ClientMessages.getMessage(null, 88));
        }
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public Socket getSocket() {
        return this.internalSSLSocket;
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public String[] getEnabledCipherSuites() {
        return this.aContext.getEnabledCipherSuites();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public void setEnabledCipherSuites(String str) throws IOException {
        this.aContext.setEnabledCipherSuites(str);
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public void setNeedClientAuth(boolean z) {
        this.aContext.clientAuthentication = z;
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public boolean getNeedClientAuth() {
        return this.aContext.clientAuthentication;
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public InputStream getInputStream() throws IOException {
        return this.internalSSLSocket.getInputStream();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public OutputStream getOutputStream() throws IOException {
        return this.internalSSLSocket.getOutputStream();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public String toString() {
        return this.internalSSLSocket.toString();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public void close() throws IOException {
        this.internalSSLSocket.close();
    }

    @Override // com.ibm.ctg.client.iSSLSocket
    public Object getPeerCertificateChain() {
        return this.internalSSLSocket.getPeerCertificateChain();
    }

    private void getKeyStore(String str, String str2) throws ClassNotFoundException, InstantiationException, IllegalAccessException, SSLException {
        this.aContext = new SSLContext();
        T.in(this, "getKeyStore", str, "** Password **");
        if (!this.aContext.importKeyRings(((SSLightKeyRing) Class.forName(str).newInstance()).getKeyRingData(), str2)) {
            throw new SSLException();
        }
        T.out(this, "getKeyStore");
    }

    private static String getSSLMessage(SSLException sSLException) {
        switch (sSLException.getError()) {
            case 0:
                return "PEERCONNECTIONTERMINATION";
            case 1:
                return "MESSAGEFORMAT";
            case 2:
                return "CONNECTIONESTABLISHMENT";
            case 3:
                return "PEERCERTIFICATE";
            case 4:
                return "TRUSTPOLICY";
            case 5:
                return "CERTIFICATE";
            case 6:
                return "TIMEREXPIRED";
            case 7:
                return "INTERFACEERROR";
            case 8:
                return "INTERNALPROCESSINGERROR";
            case 10:
                return "UNEXPECTEDMESSAGE";
            case 20:
                return "BADRECORDMAC";
            case 30:
                return "DECOMPRESSIONFAILURE";
            case 40:
                return "HANDSHAKEFAILURE";
            case 41:
                return "NOCERTIFCATE";
            case 42:
                return "BADCERTIFICATE";
            case 43:
                return "UNSUPPORTEDCERTIFICATE";
            case 44:
                return "CERTIFICATEREVOKED";
            case 45:
                return "CERTIFICATEEXPIRED";
            case 46:
                return "CERTIFICATEUNKNOWN";
            case 47:
                return "ILLEGALPARAMETER";
            case 1001:
                return "AFTERCERTIFICATEVALIDITYPERIOD";
            case 1002:
                return "APPLICATIONREJECTED";
            case NSMConstants.NSM_RECEIVE_DATA_FAILURE_RC /* 1003 */:
                return "BEFORECERTIFICATEVALIDITYPERIOD";
            case 1004:
                return "CIPHERSUITEANDCERTIFICATEPUBLICKEYALGINCOMPATIBLE";
            case 1005:
                return "CLIENTAUTHENTICATIONINVALIDWITHANONYMOUSSERVER";
            case 1006:
                return "CONNECTTIMER";
            case 1007:
                return "COULDNOTSATISFYREQUESTEDCIPHERSUITE";
            case 1008:
                return "COULDNOTVALIDATESIGNATURE";
            case 1009:
                return "EXCEPTIONOCCURRED";
            case 1010:
                return "IMPROPERX509FORMAT";
            case VTCharSet.CSET_ID_NRC_GERMAN /* 1011 */:
                return "INCOMPATIBLELENGTHS";
            case VTCharSet.CSET_ID_NRC_ITALIAN /* 1012 */:
                return "INVALIDPARAMETER";
            case 1013:
                return "ISSUERSUBJECTNOTEQUALTOSUBJECTISSUER";
            case 1014:
                return "LENGTHTOOLONG";
            case 1015:
                return "LENGTHTOOSHORT";
            case 1016:
                return "NOCIPHERSUITESPECIFIED";
            case 1017:
                return "PEERCERTIFICATECHAINNOTTRUSTED";
            case 1018:
                return "PROTOCOLVIOLATION";
            case 1019:
                return "REESTABLISHEDSESSIONCIPHERSUITEWRONG";
            case VTCharSet.CSET_ID_NRC_FRENCH_CAN /* 1020 */:
                return "SERVERREQUESTNOTCONSISTENTWITHSELECTEDCIPHERSUITE";
            case VTCharSet.CSET_ID_NRC_SWISS /* 1021 */:
                return "SIGNATUREFORMATINCORRECT";
            case 1022:
                return "SIGNATURELENGTHINCORRECT";
            case VTCharSet.CSET_ID_NRC_SPANISH /* 1023 */:
                return "SIGNATUREPROBLEMONSERVERKEYEXCHANGE";
            case 1024:
                return "SUBJECTNOTSIGNEDBYISSUER";
            case 1025:
                return "UNSUPPORTEDCIPHERSUITE";
            case 1026:
                return "UNSUPPORTEDCOMPRESSIONMETHOD";
            case 1027:
                return "UNSUPPORTEDPUBLICKEYALG";
            case 1028:
                return "UNSUPPORTEDSIGNINGALG";
            case 1029:
                return "UNSUPPORTEDVALUE";
            case 1030:
                return "UNSUPPORTEDVERSION";
            case 1031:
                return "VERIFICATIONOFNEGOTIATEDCIPHERALGORITHMSFAILED";
            case 1032:
                return "SERVERREJECTEDSTEPUP";
            default:
                return new StringBuffer().append("SSLExceptionxception : ").append(sSLException.getError()).toString();
        }
    }
}
