package com.ibm.rational.test.lt.recorder.proxy.internal.proxy.nio;

import com.ibm.rational.test.lt.recorder.proxy.IHttpConstants;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.IProxy;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.alpn.Http1ClientProvider;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.alpn.IClientProvider;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.alpn.JavaBaseSupportedALPNClientProvider;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.ssl.SSLContextFactory;
import com.ibm.rational.test.lt.recorder.proxy.internal.proxy.ssl.X509Util;
import com.ibm.rational.test.lt.recorder.proxy.util.SSLUtil;
import com.ibm.rational.test.lt.recorder.proxy.util.Tracer;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:recorderHttp-remote.jar:com/ibm/rational/test/lt/recorder/proxy/internal/proxy/nio/NioSSLClientEngine.class */
public class NioSSLClientEngine extends NioAbstractSSLEngine {
    private static final String USER_DEFINED_ADDED_CIPHER_KEY = "rpt.recording.sslClient.ciphers";
    private IProxy.SSLContextInfo sslContextInfo;
    private IClientProvider alpnClientProvider;

    public NioSSLClientEngine(IProxy iProxy, String str, String str2, int i, List<String> list, boolean z) throws Exception {
        super(iProxy, str, str2, i, z);
        this.clientMode = true;
        this.sslEngine.setUseClientMode(this.clientMode);
        enforceEnabledProtocols();
        addUserDefinedCipherSuites(USER_DEFINED_ADDED_CIPHER_KEY);
        if (!iProxy.hasHttp2Enabled()) {
            this.alpnClientProvider = new Http1ClientProvider(this.sslEngine, list);
            return;
        }
        Tracer.trace(1, "HTTP/2 support enabled");
        try {
            this.alpnClientProvider = new JavaBaseSupportedALPNClientProvider(this.sslEngine, list);
        } catch (NoSuchMethodError e) {
            iProxy.logOnce("HTTP/2 is not available with this Java version. Using HTTP/1.1", e);
            this.alpnClientProvider = new Http1ClientProvider(this.sslEngine, list);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [com.ibm.rational.test.lt.recorder.proxy.internal.proxy.IProxy] */
    /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v7 */
    @Override // com.ibm.rational.test.lt.recorder.proxy.internal.proxy.nio.NioAbstractSSLEngine
    protected void initSSLContext(String str, int i) throws Exception {
        ?? r0 = this.proxy;
        synchronized (r0) {
            this.sslContextInfo = this.proxy.getCachedSSLContextInfo(str, i);
            if (this.sslContextInfo == null) {
                this.sslContextInfo = new IProxy.SSLContextInfo();
                IProxy.SSLContextInfo sSLContextInfo = this.sslContextInfo;
                SSLContext createSSLContext = createSSLContext();
                this.sslContext = createSSLContext;
                sSLContextInfo.sslContext = createSSLContext;
                this.sslContext.init(this.proxyOptions.getClientKeyManagers(str, i), new TrustManager[]{X509Util.createX509TrustManager(new X509TrustManager() { // from class: com.ibm.rational.test.lt.recorder.proxy.internal.proxy.nio.NioSSLClientEngine.1
                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                        if (NioSSLClientEngine.this.sslContextInfo.certificateChain == null) {
                            NioSSLClientEngine.this.sslContextInfo.authType = str2;
                            try {
                                NioSSLClientEngine.this.sslContextInfo.certificateChain = SSLUtil.toByteArray(x509CertificateArr);
                            } catch (IOException e) {
                                NioSSLClientEngine.this.proxy.getContext().getLog().logError(e);
                            }
                        }
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                    }
                })}, null);
                this.proxy.addSSLContextInfoToCache(str, i, this.sslContextInfo);
            } else {
                this.sslContext = this.sslContextInfo.sslContext;
            }
            r0 = r0;
        }
    }

    private SSLContext createSSLContext() throws NoSuchAlgorithmException {
        String property = System.getProperty("rpt.recording.sslClient.protocols");
        if (property == null) {
            return SSLContextFactory.createSSLContext(this.proxyOptions.acceptSSLV3(), this.proxyOptions.acceptTLSV10(), this.proxyOptions.acceptTLSV11(), this.proxyOptions.acceptTLSV12());
        }
        Tracer.trace(0, "Forced sslClient Protocol: " + property);
        return SSLContext.getInstance(property);
    }

    public byte[] getServerCertificateChain() {
        return this.sslContextInfo.certificateChain;
    }

    public String getServerAuthType() {
        return this.sslContextInfo.authType;
    }

    @Override // com.ibm.rational.test.lt.recorder.proxy.internal.proxy.nio.NioAbstractSSLEngine
    protected void onHandshakeComplete() {
        if (debug) {
            StringBuilder sb = new StringBuilder("session id: ");
            sb.append(" [");
            sb.append(NioService.toString(this.sslEngine.getSession().getId(), true));
            sb.append(IHttpConstants.RIGHTSQUAREBRACKET);
            Enumeration<byte[]> ids = this.sslContext.getClientSessionContext().getIds();
            StringBuilder sb2 = new StringBuilder("all session ids:");
            while (ids.hasMoreElements()) {
                byte[] nextElement = ids.nextElement();
                sb2.append(" [");
                sb2.append(NioService.toString(nextElement, true));
                sb2.append(IHttpConstants.RIGHTSQUAREBRACKET);
            }
            Tracer.trace(0, "onServer HandshakeComplete: selected protocol: " + this.alpnClientProvider.getSelectedProtocol() + IHttpConstants.SPACE + this.sslEngine.getSession().getPeerHost() + IHttpConstants.SPACE + this.sslEngine.getSession().getPeerPort() + IHttpConstants.SPACE + ((Object) sb) + IHttpConstants.SPACE + ((Object) sb2) + IHttpConstants.SPACE + this.sslContext.getClientSessionContext().getSessionCacheSize() + IHttpConstants.SPACE + this.sslContext.getClientSessionContext().getSessionTimeout());
        }
    }

    public String getSelectedProtocol() {
        return this.alpnClientProvider.getSelectedProtocol();
    }
}
