package com.ibm.terminal.tester.gui.dialog;

import com.ibm.log.cmd.LogCmdServer;
import com.ibm.terminal.tester.common.properties.TerminalPreferences;
import com.ibm.terminal.tester.common.service.FteUtils;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.io.FileUtils;

/* loaded from: input_file:TerminalTester.jar:com/ibm/terminal/tester/gui/dialog/CertificateHandler.class */
public class CertificateHandler {
    private static final int SOCKET_TIMEOUT = 20000;
    private HostInformation hostInformation;
    private boolean debug;
    private static boolean isIBMJava;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:TerminalTester.jar:com/ibm/terminal/tester/gui/dialog/CertificateHandler$CustomTrustManager.class */
    public static class CustomTrustManager implements X509TrustManager {
        private final X509TrustManager trustManager;
        private X509Certificate[] certificateChain;

        CustomTrustManager(X509TrustManager x509TrustManager) {
            this.trustManager = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.certificateChain = x509CertificateArr;
            this.trustManager.checkServerTrusted(x509CertificateArr, str);
        }
    }

    static {
        isIBMJava = System.getProperty("java.vendor").indexOf("IBM") >= 0;
    }

    private CertificateHandler(HostInformation hostInformation) {
        this.hostInformation = null;
        this.debug = System.getProperty("ftedebug") != null;
        this.hostInformation = hostInformation;
    }

    public static CertificateHandler getInstance(HostInformation hostInformation) {
        return new CertificateHandler(hostInformation);
    }

    public List<HostCertificate> getCertificates() {
        return getCertificates(this.hostInformation);
    }

    /* JADX WARN: Finally extract failed */
    private List<HostCertificate> getCertificates(HostInformation hostInformation) {
        X509Certificate[] x509CertificateArr;
        ArrayList arrayList = new ArrayList(5);
        ArrayList arrayList2 = new ArrayList(5);
        if (this.debug) {
            System.setProperty("javax.net.debug", LogCmdServer.LOG_CMD_SAVE_OPT_ALL);
        }
        try {
            KeyStore keyStore = getKeyStore(this.hostInformation.getStoreType());
            if (keyStore != null && this.debug) {
                System.out.println("Keystore:" + keyStore.getType() + " Provider: " + keyStore.getProvider());
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, TerminalPreferences.getCertificatePassword(hostInformation.getStoreType()).toCharArray());
            SSLContext sSLContext = SSLContext.getInstance(isIBMJava ? "SSL_TLSv2" : "TLS");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            if (this.debug) {
                System.out.println("TrustManagerFactory: " + trustManagerFactory.getAlgorithm() + "," + trustManagerFactory.getProvider() + " Protocol " + sSLContext.getProtocol());
            }
            trustManagerFactory.init(keyStore);
            CustomTrustManager customTrustManager = new CustomTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
            sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{customTrustManager}, null);
            SSLParameters supportedSSLParameters = sSLContext.getSupportedSSLParameters();
            if (this.debug) {
                String[] protocols = supportedSSLParameters.getProtocols();
                System.out.println("Supported Protocol--");
                for (String str : protocols) {
                    System.out.println(str);
                }
            }
            SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(hostInformation.getServer(), hostInformation.getPort());
            sSLSocket.setSoTimeout(SOCKET_TIMEOUT);
            if (this.debug) {
                System.out.println("Starting handshake...");
            }
            try {
                try {
                    sSLSocket.startHandshake();
                    sSLSocket.close();
                    if (this.debug) {
                        System.out.println("No errors, certificate is already trusted");
                    }
                    if (!sSLSocket.isClosed()) {
                        sSLSocket.close();
                    }
                } catch (Throwable th) {
                    if (!sSLSocket.isClosed()) {
                        sSLSocket.close();
                    }
                    throw th;
                }
            } catch (IOException e) {
                if (this.debug) {
                    System.out.println("IO Exception, in handshake");
                }
                if (this.debug) {
                    e.printStackTrace();
                }
                if (!sSLSocket.isClosed()) {
                    sSLSocket.close();
                }
            }
            x509CertificateArr = customTrustManager.certificateChain;
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        if (x509CertificateArr == null) {
            if (this.debug) {
                System.out.println("Could not obtain server certificate chain");
            }
            return arrayList;
        }
        if (this.debug) {
            System.out.println("Server sent " + x509CertificateArr.length + " certificate(s):");
        }
        MessageDigest.getInstance("SHA1");
        MessageDigest.getInstance("MD5");
        for (X509Certificate x509Certificate : x509CertificateArr) {
            arrayList2.add(new HostCertificate(x509Certificate));
        }
        return arrayList2;
    }

    private KeyStore getKeyStore(String str) {
        KeyStore keyStore = null;
        String certificatePassword = TerminalPreferences.getCertificatePassword(str);
        String certificateFilePath = TerminalPreferences.getCertificateFilePath(str);
        File file = new File(certificateFilePath);
        if (!file.exists()) {
            if (this.debug) {
                System.out.println("File: " + certificateFilePath + " Does not exist, will copy it now.");
            }
            copyKeyStoreToUserDir(str);
        }
        if (file.exists()) {
            if (this.debug) {
                System.out.println("Will use file: " + certificateFilePath + " with type : " + str);
            }
            try {
                FileInputStream fileInputStream = new FileInputStream(file);
                keyStore = KeyStore.getInstance(str);
                keyStore.load(fileInputStream, certificatePassword.toCharArray());
                fileInputStream.close();
            } catch (Exception e) {
                if (this.debug) {
                    System.out.println("Issue loading the key store: " + e.getCause());
                }
                e.printStackTrace();
            }
        }
        return keyStore;
    }

    private boolean copyKeyStoreToUserDir(String str) {
        String fTEUserPreferencesDirecory = TerminalPreferences.getFTEUserPreferencesDirecory();
        String keyStoreName = getKeyStoreName(str);
        String eclipseDir = FteUtils.getEclipseDir();
        if (eclipseDir != null && !eclipseDir.isEmpty() && keyStoreName != null) {
            String str2 = String.valueOf(eclipseDir) + File.separator + "fte" + File.separator + "keystore" + File.separator + keyStoreName;
            if (this.debug) {
                System.out.println("Copy file from : " + str2);
            }
            if (new File(str2).exists()) {
                if (this.debug) {
                    System.out.println("original keystore file found, will copy to user dir ");
                }
                copyFileToDirectory(str2, fTEUserPreferencesDirecory);
            } else if (this.debug) {
                System.out.println("original keystore file not found in the install");
            }
        }
        return new File(fTEUserPreferencesDirecory).exists();
    }

    private void copyFileToDirectory(String str, String str2) {
        if (str == null || str2 == null) {
            return;
        }
        try {
            FileUtils.copyFileToDirectory(new File(str), new File(str2));
        } catch (IOException e) {
            if (this.debug) {
                e.printStackTrace();
            }
        }
    }

    private String getKeyStoreName(String str) {
        if (KeystoreConstants.KEYSTORE_TYPE_PKCS12.equalsIgnoreCase(str)) {
            return KeystoreConstants.PKCS12_KEYSTORE_FILE;
        }
        if (KeystoreConstants.KEYSTORE_TYPE_JKS.equalsIgnoreCase(str)) {
            return KeystoreConstants.JKS_KEYSTORE_FILE;
        }
        return null;
    }

    public boolean saveCertificate(KeyStoreData keyStoreData) {
        return saveCertificate(keyStoreData.getHostCertificate(), keyStoreData.getAlias(), this.hostInformation.getStoreType());
    }

    private boolean saveCertificate(HostCertificate hostCertificate, String str, String str2) {
        KeyStore keyStore = getKeyStore(str2);
        if (keyStore == null) {
            if (!this.debug) {
                return false;
            }
            System.out.println("got null keystore , can't proceed further");
            return false;
        }
        boolean z = true;
        try {
            keyStore.setCertificateEntry(str, hostCertificate.getCertificate());
            String certificateFilePath = TerminalPreferences.getCertificateFilePath(str2);
            String certificatePassword = TerminalPreferences.getCertificatePassword(str2);
            if (new File(certificateFilePath).exists()) {
                if (this.debug) {
                    System.out.println("Saving certificate to :" + certificateFilePath + " Type: " + str2 + " Alias " + str);
                }
                FileOutputStream fileOutputStream = new FileOutputStream(certificateFilePath);
                keyStore.store(fileOutputStream, certificatePassword.toCharArray());
                fileOutputStream.close();
            } else {
                if (this.debug) {
                    System.out.println("File: " + certificateFilePath + " Not found. Certificate can't be saved.");
                }
                z = false;
            }
        } catch (Exception e) {
            z = false;
            if (this.debug) {
                e.printStackTrace();
            }
        }
        return z;
    }
}
