package com.ibm.ws.ssl.provider;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.ssl.JSSEProvider;
import com.ibm.ws.ssl.JSSEProviderFactory;
import com.ibm.ws.ssl.config.CertificateManager;
import com.ibm.ws.ssl.config.KeyManagerData;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.ssl.config.SSLConfig;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.ssl.config.ThreadManager;
import com.ibm.ws.ssl.config.TrustManagerData;
import com.ibm.ws.ssl.config.WSKeyStore;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.ssl.core.KeyManagerHolder;
import com.ibm.ws.ssl.core.TraceNLSHelper;
import com.ibm.ws.ssl.core.TrustManagerHolder;
import com.ibm.ws.ssl.core.WSPKCSInKeyStore;
import com.ibm.ws.ssl.core.WSPKCSInKeyStoreList;
import com.ibm.ws.ssl.core.WSX509KeyManager;
import com.ibm.ws.ssl.core.WSX509TrustManager;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.ws.webservices.WSConstants;
import com.ibm.wsspi.ssl.KeyManagerExtendedInfo;
import com.ibm.wsspi.ssl.TrustManagerExtendedInfo;
import java.net.URLStreamHandler;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.SecureRandom;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:lib/com.ibm.ws.webservices.thinclient_6.1.0.jar:com/ibm/ws/ssl/provider/AbstractJSSEProvider.class */
public abstract class AbstractJSSEProvider implements JSSEProvider {
    private static final TraceComponent tc;
    private static final WSPKCSInKeyStoreList pkcsStoreList;
    private static HashMap sslContextCacheJAVAX;
    private static HashMap sslContextCacheJSSE2;
    private static boolean handlersInitialized;
    private static String SSL_SOCKET_FACTORY_NAME;
    private static String SSL_SERVER_SOCKET_FACTORY_NAME;
    private static String URL_HANDLER_PROP;
    private static final String PKGNAME_DELIMITER = "|";
    private static final PrivilegedAction getCtxClassLoader;
    static Class class$com$ibm$ws$ssl$provider$AbstractJSSEProvider;
    static Class class$java$lang$String;

    public AbstractJSSEProvider() {
        if (JSSEProviderFactory.isFipsEnabled()) {
            try {
                JSSEProviderFactory.initializeFips();
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception caught initializing FIPS.", new Object[]{e});
                }
            }
        }
    }

    public void initializeHandlers(String str) {
        if (str == null) {
            str = WSConstants.IBMJSSE2_HTTPS_TRANSPORT;
        }
        registerPackage(str);
        if (handlersInitialized) {
            return;
        }
        addHandlers(str);
    }

    public String getDefaultSSLSocketFactoryClass(String str) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("getDefaultSSLSocketFactoryClass: ").append(str).toString());
        }
        return str;
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public abstract String getSSLProtocolPackageHandler();

    @Override // com.ibm.ws.ssl.JSSEProvider
    public String[] getCiphersForSecurityLevel(boolean z, String str) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getCiphersForSecurityLevel: ", new Object[]{new Boolean(z), str});
        }
        return SSLConfigManager.getInstance().adjustSupportedCiphersToSecurityLevel(z ? ((SSLSocketFactory) SSLSocketFactory.getDefault()).getSupportedCipherSuites() : ((SSLServerSocketFactory) SSLServerSocketFactory.getDefault()).getSupportedCipherSuites(), str);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public SSLContext getSSLContext(Map map, SSLConfig sSLConfig) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLContext", new Object[]{map});
        }
        SSLContext sSLContext = (SSLContext) sslContextCacheJAVAX.get(sSLConfig);
        if (sSLContext != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLContext -> (from cache)");
            }
            return sSLContext;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SSLContext cache miss, generating new SSLContext.");
        }
        SSLContext sSLContextInstance = getSSLContextInstance(sSLConfig);
        TrustManagerHolder trustManagerHolder = new TrustManagerHolder();
        KeyManagerHolder keyManagerHolder = new KeyManagerHolder();
        getKeyTrustManagers(map, sSLConfig, keyManagerHolder, trustManagerHolder);
        TrustManager[] trustManagers = trustManagerHolder.getTrustManagers();
        KeyManager[] keyManagers = keyManagerHolder.getKeyManagers();
        if (keyManagers == null || trustManagers == null) {
            throw new SSLException("Null trust or key managers.");
        }
        sSLContextInstance.init(keyManagers, trustManagers, null);
        if (sslContextCacheJAVAX.size() > 100) {
            sslContextCacheJAVAX.clear();
        }
        sslContextCacheJAVAX.put(sSLConfig, sSLContextInstance);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("SSLContext cache size: ").append(sslContextCacheJAVAX.size()).toString());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSSLContext -> (new)");
        }
        return sSLContextInstance;
    }

    public com.ibm.jsse2.SSLContext getSSLContext_JSSE2(Map map, SSLConfig sSLConfig) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLContext_JSSE2", new Object[]{map});
        }
        com.ibm.jsse2.SSLContext sSLContext = (com.ibm.jsse2.SSLContext) sslContextCacheJSSE2.get(sSLConfig);
        if (sSLContext != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLContext_JSSE2 -> (from cache)");
            }
            return sSLContext;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SSLContextJAVAX cache miss, generating new SSLContext.");
        }
        com.ibm.jsse2.SSLContext sSLContextInstanceJSSE2 = getSSLContextInstanceJSSE2(sSLConfig);
        TrustManagerHolder trustManagerHolder = new TrustManagerHolder();
        KeyManagerHolder keyManagerHolder = new KeyManagerHolder();
        getKeyTrustManagers(map, sSLConfig, keyManagerHolder, trustManagerHolder);
        TrustManager[] trustManagers = trustManagerHolder.getTrustManagers();
        KeyManager[] keyManagers = keyManagerHolder.getKeyManagers();
        if (keyManagers == null || trustManagers == null) {
            throw new SSLException("Null trust or key managers.");
        }
        sSLContextInstanceJSSE2.init(keyManagers, trustManagers, (SecureRandom) null);
        if (sslContextCacheJSSE2.size() > 100) {
            sslContextCacheJSSE2.clear();
        }
        sslContextCacheJSSE2.put(sSLConfig, sSLContextInstanceJSSE2);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("SSLContextJSSE2 cache size: ").append(sslContextCacheJSSE2.size()).toString());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSSLContext_JSSE2");
        }
        return sSLContextInstanceJSSE2;
    }

    private void getKeyTrustManagers(Map map, SSLConfig sSLConfig, KeyManagerHolder keyManagerHolder, TrustManagerHolder trustManagerHolder) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getKeyTrustManagers", new Object[]{map, sSLConfig});
        }
        TrustManagerFactory trustManagerFactory = null;
        KeyManagerFactory keyManagerFactory = null;
        KeyStore keyStore = null;
        KeyStore keyStore2 = null;
        String str = map != null ? (String) map.get("com.ibm.ssl.direction") : "unknown";
        try {
            boolean isServerProcess = SSLConfigManager.getInstance().isServerProcess();
            String sSLContextProperty = getSSLContextProperty(Constants.SSLPROP_TRUST_STORE_NAME, sSLConfig, isServerProcess);
            WSKeyStore wSKeyStore = null;
            if (sSLContextProperty != null) {
                wSKeyStore = KeyStoreManager.getInstance().getKeyStore(sSLContextProperty);
            }
            String sSLContextProperty2 = wSKeyStore != null ? getSSLContextProperty("com.ibm.ssl.keyStoreProvider", wSKeyStore, isServerProcess) : getSSLContextProperty("com.ibm.ssl.trustStoreProvider", sSLConfig, isServerProcess);
            String sSLContextProperty3 = wSKeyStore != null ? getSSLContextProperty("com.ibm.ssl.keyStore", wSKeyStore, isServerProcess) : getSSLContextProperty("com.ibm.ssl.trustStore", sSLConfig, isServerProcess);
            String sSLContextProperty4 = wSKeyStore != null ? getSSLContextProperty("com.ibm.ssl.keyStorePassword", wSKeyStore, isServerProcess) : getSSLContextProperty("com.ibm.ssl.trustStorePassword", sSLConfig, isServerProcess);
            String sSLContextProperty5 = wSKeyStore != null ? getSSLContextProperty(Constants.SSLPROP_KEY_STORE_MGMT_SCOPE, wSKeyStore, isServerProcess) : getSSLContextProperty(Constants.SSLPROP_TRUST_STORE_MGMT_SCOPE, sSLConfig, isServerProcess);
            String sSLContextProperty6 = wSKeyStore != null ? getSSLContextProperty("com.ibm.ssl.keyStoreType", wSKeyStore, isServerProcess) : getSSLContextProperty("com.ibm.ssl.trustStoreType", sSLConfig, isServerProcess);
            String sSLContextProperty7 = getSSLContextProperty(Constants.SSLPROP_KEY_STORE_NAME, sSLConfig, isServerProcess);
            WSKeyStore wSKeyStore2 = null;
            if (sSLContextProperty7 != null) {
                wSKeyStore2 = KeyStoreManager.getInstance().getKeyStore(sSLContextProperty7);
            }
            String sSLContextProperty8 = wSKeyStore2 != null ? getSSLContextProperty("com.ibm.ssl.keyStoreProvider", wSKeyStore2, isServerProcess) : getSSLContextProperty("com.ibm.ssl.keyStoreProvider", sSLConfig, isServerProcess);
            String sSLContextProperty9 = wSKeyStore2 != null ? getSSLContextProperty("com.ibm.ssl.keyStore", wSKeyStore2, isServerProcess) : getSSLContextProperty("com.ibm.ssl.keyStore", sSLConfig, isServerProcess);
            String sSLContextProperty10 = wSKeyStore2 != null ? getSSLContextProperty("com.ibm.ssl.keyStorePassword", wSKeyStore2, isServerProcess) : getSSLContextProperty("com.ibm.ssl.keyStorePassword", sSLConfig, isServerProcess);
            String sSLContextProperty11 = wSKeyStore2 != null ? getSSLContextProperty(Constants.SSLPROP_KEY_STORE_MGMT_SCOPE, wSKeyStore2, isServerProcess) : getSSLContextProperty(Constants.SSLPROP_KEY_STORE_MGMT_SCOPE, sSLConfig, isServerProcess);
            String sSLContextProperty12 = wSKeyStore2 != null ? getSSLContextProperty("com.ibm.ssl.keyStoreType", wSKeyStore2, isServerProcess) : getSSLContextProperty("com.ibm.ssl.keyStoreType", sSLConfig, isServerProcess);
            boolean z = false;
            boolean z2 = false;
            String sSLContextProperty13 = getSSLContextProperty("com.ibm.ssl.contextProvider", sSLConfig, isServerProcess);
            getSSLContextProperty("com.ibm.ssl.protocol", sSLConfig, isServerProcess);
            String sSLContextProperty14 = getSSLContextProperty("com.ibm.ssl.keyManager", sSLConfig, isServerProcess);
            String sSLContextProperty15 = getSSLContextProperty("com.ibm.ssl.trustManager", sSLConfig, isServerProcess);
            String sSLContextProperty16 = getSSLContextProperty(Constants.SSLPROP_CUSTOM_TRUST_MANAGERS, sSLConfig, isServerProcess);
            String sSLContextProperty17 = getSSLContextProperty(Constants.SSLPROP_CUSTOM_KEY_MANAGER, sSLConfig, isServerProcess);
            String sSLContextProperty18 = getSSLContextProperty("com.ibm.ssl.clientAuthentication", sSLConfig, isServerProcess);
            String sSLContextProperty19 = getSSLContextProperty("com.ibm.ssl.keyStoreClientAlias", sSLConfig, isServerProcess);
            String sSLContextProperty20 = getSSLContextProperty("com.ibm.ssl.keyStoreServerAlias", sSLConfig, isServerProcess);
            getSSLContextProperty(Constants.SSLPROP_TOKEN_ENABLED, sSLConfig, isServerProcess).equals("true");
            String sSLContextProperty21 = getSSLContextProperty("com.ibm.ssl.tokenLibraryFile", sSLConfig, isServerProcess);
            String sSLContextProperty22 = getSSLContextProperty("com.ibm.ssl.tokenPassword", sSLConfig, isServerProcess);
            String sSLContextProperty23 = getSSLContextProperty("com.ibm.ssl.tokenType", sSLConfig, isServerProcess);
            String sSLContextProperty24 = getSSLContextProperty("com.ibm.ssl.tokenSlot", sSLConfig, isServerProcess);
            int intValue = sSLContextProperty24 != null ? Integer.valueOf(sSLContextProperty24).intValue() : 0;
            char[] cArr = null;
            if (sSLContextProperty3 != null && sSLContextProperty4 != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Using trust store: ").append(sSLContextProperty3).toString());
                }
                keyStore2 = KeyStoreManager.getInstance().getKeyStore(sSLContextProperty, sSLContextProperty6, sSLContextProperty2, sSLContextProperty3, sSLContextProperty4, sSLContextProperty5, false, sSLConfig);
            } else if (sSLContextProperty21 != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No trust store specified, but found hardware crypto");
                }
                WSPKCSInKeyStore insert = pkcsStoreList.insert(sSLContextProperty23, sSLContextProperty21, sSLContextProperty22, false, sSLContextProperty13, false);
                if (insert != null) {
                    keyStore2 = insert.getTS();
                    trustManagerFactory = insert.getTMF();
                    z = true;
                }
            } else {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No trust store specified and no hardware crypto defined");
                }
                if (!str.equals("inbound") || !sSLContextProperty18.equals("false")) {
                    throw new IllegalArgumentException("Invalid trust file name of null");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "trust store permitted to be null since this is inbound and client auth is false");
                }
            }
            if (!z) {
                trustManagerFactory = getTrustManagerFactoryInstance(sSLContextProperty15, sSLContextProperty13);
                trustManagerFactory.init(keyStore2);
            }
            if (sSLContextProperty9 != null && sSLContextProperty10 != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Using software keystore: ").append(sSLContextProperty9).toString());
                }
                if (sSLContextProperty12.equals(sSLContextProperty6) && sSLContextProperty8.equals(sSLContextProperty2) && sSLContextProperty9.equals(sSLContextProperty3) && sSLContextProperty10.equals(sSLContextProperty4)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Reusing key store from Trust Manager");
                    }
                    keyStore = keyStore2;
                } else {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Creating new key store for Key Manager");
                    }
                    keyStore = KeyStoreManager.getInstance().getKeyStore(sSLContextProperty7, sSLContextProperty12, sSLContextProperty8, sSLContextProperty9, sSLContextProperty10, sSLContextProperty11, false, sSLConfig);
                }
                if (sSLContextProperty10 != null) {
                    cArr = sSLContextProperty10.toCharArray();
                }
            } else {
                if (sSLContextProperty21 == null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "No key store specified and no hardware crypto defined");
                    }
                    throw new IllegalArgumentException("No key store specified and no hardware crypto defined");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No key store specified, but found hardware crypto");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Reusing key store from Trust Manager");
                }
                WSPKCSInKeyStore insert2 = pkcsStoreList.insert(sSLContextProperty23, sSLContextProperty21, sSLContextProperty22, true, sSLContextProperty13, false);
                if (insert2 != null) {
                    keyStore = insert2.getKS();
                    keyManagerFactory = insert2.getKMF();
                    z2 = true;
                }
            }
            if (!z2) {
                keyManagerFactory = getKeyManagerFactoryInstance(sSLContextProperty14, sSLContextProperty13);
                try {
                    keyManagerFactory.init(keyStore, cArr);
                } catch (UnrecoverableKeyException e) {
                    throw new UnrecoverableKeyException(new StringBuffer().append(e.getMessage()).append(": invalid password for file '").append(sSLContextProperty9).append("'").toString());
                }
            }
            X509KeyManager x509KeyManager = null;
            if (sSLContextProperty17 != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Processing custom KeyManager.");
                }
                x509KeyManager = getCustomKeyManager(keyManagerFactory, keyStore, cArr, sSLConfig, sSLContextProperty17);
            }
            WSX509KeyManager wSX509KeyManager = new WSX509KeyManager(keyStore, cArr, keyManagerFactory, sSLConfig, x509KeyManager);
            if (sSLContextProperty20 != null && sSLContextProperty20.length() > 0) {
                wSX509KeyManager.setServerAlias(sSLContextProperty20, intValue);
            }
            if (sSLContextProperty19 != null && sSLContextProperty19.length() > 0) {
                wSX509KeyManager.setClientAlias(sSLContextProperty19, intValue);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Initializing WSX509KeyManager.", new Object[]{sSLContextProperty20, sSLContextProperty19, sSLContextProperty24});
            }
            keyManagerHolder.setKeyManagers(new KeyManager[]{wSX509KeyManager});
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (sSLContextProperty16 != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Processing custom TrustManagers.");
                }
                TrustManager[] trustManagerArray = getTrustManagerArray(trustManagers, keyStore2, sSLConfig, sSLContextProperty16);
                if (trustManagerArray != null) {
                    trustManagers = trustManagerArray;
                }
            }
            trustManagerHolder.setTrustManagers(new TrustManager[]{new WSX509TrustManager(trustManagers, map, sSLConfig, keyStore2, sSLContextProperty3, sSLContextProperty4)});
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getKeyTrustManagers");
            }
        } catch (Exception e2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Exception caught during init, ").append(e2).toString());
            }
            FFDCFilter.processException(e2, "com.ibm.ws.ssl.provider.AbstractJSSEProvider", "451", this);
            throw e2;
        }
    }

    private String getSSLContextProperty(String str, Properties properties, boolean z) {
        String property;
        if (properties != null) {
            property = properties.getProperty(str);
        } else {
            property = System.getProperty(str);
            if (property == null) {
                property = SSLConfigManager.getInstance().getGlobalProperty(str);
            }
        }
        return property;
    }

    public X509KeyManager getCustomKeyManager(KeyManagerFactory keyManagerFactory, KeyStore keyStore, char[] cArr, SSLConfig sSLConfig, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCustomKeyManager", str);
        }
        KeyManagerData keyManagerData = SSLConfigManager.getInstance().getKeyManagerData(str);
        X509KeyManager x509KeyManager = null;
        if (keyManagerData != null) {
            String algorithm = keyManagerData.getAlgorithm();
            String keyManagerClass = keyManagerData.getKeyManagerClass();
            if (keyManagerClass != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Loading custom key manager class: ").append(keyManagerClass).toString());
                }
                x509KeyManager = loadCustomKeyManager(keyManagerClass);
                if (x509KeyManager != null && (x509KeyManager instanceof KeyManagerExtendedInfo)) {
                    ((KeyManagerExtendedInfo) x509KeyManager).setCustomProperties(keyManagerData.getAdditionalKeyManagerAttrs());
                }
            } else if (algorithm != null) {
                KeyManagerFactory keyManagerFactoryInstance = getKeyManagerFactoryInstance(algorithm, keyManagerData.getProvider());
                try {
                    keyManagerFactoryInstance.init(keyStore, cArr);
                    KeyManager[] keyManagers = keyManagerFactoryInstance.getKeyManagers();
                    if (keyManagers != null && keyManagers[0] != null) {
                        x509KeyManager = (X509KeyManager) keyManagers[0];
                    }
                    if (x509KeyManager != null && (x509KeyManager instanceof KeyManagerExtendedInfo)) {
                        ((KeyManagerExtendedInfo) x509KeyManager).setCustomProperties(keyManagerData.getAdditionalKeyManagerAttrs());
                    }
                } catch (UnrecoverableKeyException e) {
                    throw new UnrecoverableKeyException(e.getMessage());
                }
            }
        } else if (str.indexOf(".") != -1) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Loading custom key manager class: ").append(str).toString());
            }
            x509KeyManager = loadCustomKeyManager(str);
        } else {
            KeyManagerFactory keyManagerFactoryInstance2 = getKeyManagerFactoryInstance(str, sSLConfig.getProperty("com.ibm.ssl.contextProvider"));
            try {
                keyManagerFactoryInstance2.init(keyStore, cArr);
                KeyManager[] keyManagers2 = keyManagerFactoryInstance2.getKeyManagers();
                if (keyManagers2 != null && keyManagers2[0] != null) {
                    x509KeyManager = (X509KeyManager) keyManagers2[0];
                }
            } catch (UnrecoverableKeyException e2) {
                throw new UnrecoverableKeyException(e2.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCustomKeyManager");
        }
        return x509KeyManager;
    }

    public TrustManager[] getTrustManagerArray(TrustManager[] trustManagerArr, KeyStore keyStore, SSLConfig sSLConfig, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTrustManagerArray", str);
        }
        ArrayList arrayList = new ArrayList();
        X509TrustManager x509TrustManager = null;
        for (TrustManager trustManager : trustManagerArr) {
            arrayList.add(trustManager);
        }
        String[] split = str.split(",");
        if (split != null && split.length > 0) {
            for (int i = 0; i < split.length; i++) {
                TrustManagerData trustManagerData = SSLConfigManager.getInstance().getTrustManagerData(split[i]);
                if (trustManagerData != null) {
                    String algorithm = trustManagerData.getAlgorithm();
                    String trustManagerClass = trustManagerData.getTrustManagerClass();
                    if (trustManagerClass != null) {
                        x509TrustManager = loadCustomTrustManager(trustManagerClass);
                        if (x509TrustManager != null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Adding custom trust manager \"").append(trustManagerClass).append("\" to the trust manager list.").toString());
                            }
                            arrayList.add(x509TrustManager);
                        }
                        if (x509TrustManager != null && (x509TrustManager instanceof TrustManagerExtendedInfo)) {
                            ((TrustManagerExtendedInfo) x509TrustManager).setCustomProperties(trustManagerData.getAdditionalTrustManagerAttrs());
                        }
                    } else if (algorithm != null) {
                        TrustManagerFactory trustManagerFactoryInstance = getTrustManagerFactoryInstance(algorithm, trustManagerData.getProvider());
                        trustManagerFactoryInstance.init(keyStore);
                        TrustManager[] trustManagers = trustManagerFactoryInstance.getTrustManagers();
                        if (trustManagers != null && trustManagers[0] != null) {
                            x509TrustManager = (X509TrustManager) trustManagers[0];
                        }
                        if (x509TrustManager != null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Adding custom trust manager \"").append(trustManagerClass).append("\" to the trust manager list.").toString());
                            }
                            arrayList.add(x509TrustManager);
                        }
                        if (x509TrustManager != null && (x509TrustManager instanceof TrustManagerExtendedInfo)) {
                            ((TrustManagerExtendedInfo) x509TrustManager).setCustomProperties(trustManagerData.getAdditionalTrustManagerAttrs());
                        }
                    }
                } else if (split[i] != null && split[i].indexOf(".") != -1) {
                    x509TrustManager = loadCustomTrustManager(split[i]);
                    if (x509TrustManager != null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, new StringBuffer().append("Adding custom trust manager \"").append(split[i]).append("\" to the trust manager list.").toString());
                        }
                        arrayList.add(x509TrustManager);
                    }
                } else if (split[i] != null) {
                    TrustManagerFactory trustManagerFactoryInstance2 = getTrustManagerFactoryInstance(split[i], sSLConfig.getProperty("com.ibm.ssl.contextProvider"));
                    trustManagerFactoryInstance2.init(keyStore);
                    TrustManager[] trustManagers2 = trustManagerFactoryInstance2.getTrustManagers();
                    if (trustManagers2 != null && trustManagers2[0] != null) {
                        x509TrustManager = (X509TrustManager) trustManagers2[0];
                    }
                    if (x509TrustManager != null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, new StringBuffer().append("Adding custom trust manager \"").append(split[i]).append("\" to the trust manager list.").toString());
                        }
                        arrayList.add(x509TrustManager);
                    }
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTrustManagerArray");
        }
        return (TrustManager[]) arrayList.toArray(new TrustManager[0]);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public URLStreamHandler getURLStreamHandler(SSLConfig sSLConfig) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getURLStreamHandler");
        }
        Properties properties = null;
        try {
            try {
                properties = ThreadManager.getInstance().getPropertiesOnThread();
                ThreadManager.getInstance().setPropertiesOnThread(sSLConfig);
                URLStreamHandler handler = getHandler();
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getURLStreamHandler");
                }
                ThreadManager.getInstance().setPropertiesOnThread(properties);
                return handler;
            } catch (Exception e) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "The following exception occurred in getURLStreamHandler().", new Object[]{e});
                }
                FFDCFilter.processException(e, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.getURLStreamHandler", "687", this);
                if (e instanceof SSLException) {
                    throw ((javax.net.ssl.SSLException) e);
                }
                throw new SSLException(e);
            }
        } catch (Throwable th) {
            ThreadManager.getInstance().setPropertiesOnThread(properties);
            throw th;
        }
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public SSLServerSocketFactory getSSLServerSocketFactory(SSLConfig sSLConfig) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLServerSocketFactory");
        }
        try {
            SSLContext sSLContext = getSSLContext(null, sSLConfig);
            if (sSLContext == null) {
                throw new SSLException("SSLContext could not be created to return an SSLServerSocketFactory.");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLServerSocketFactory");
            }
            return sSLContext.getServerSocketFactory();
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred in getSSLServerSocketFactory().", new Object[]{e});
            }
            FFDCFilter.processException(e, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.getSSLServerSocketFactory", "718", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e);
        }
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public SSLSocketFactory getSSLSocketFactory(Map map, SSLConfig sSLConfig) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLSocketFactory", new Object[]{map});
        }
        SSLContext sSLContext = getSSLContext(map, sSLConfig);
        if (sSLContext == null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLSocketFactory -> NULL");
            }
            throw new SSLException("SSLContext could not be created to return an SSLSocketFactory.");
        }
        SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, new StringBuffer().append("getSSLSocketFactory -> ").append(socketFactory.getClass().getName()).toString());
        }
        return socketFactory;
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public SSLContext getSSLContextInstance(SSLConfig sSLConfig) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLContextInstance");
        }
        String property = JSSEProviderFactory.isFipsEnabled() ? "IBMJSSE2" : sSLConfig.getProperty("com.ibm.ssl.contextProvider");
        String property2 = JSSEProviderFactory.isFipsEnabled() ? Constants.PROTOCOL_TLS : sSLConfig.getProperty("com.ibm.ssl.protocol");
        String property3 = sSLConfig.getProperty(Constants.SSLPROP_ALIAS);
        String property4 = sSLConfig.getProperty(Constants.SSLPROP_CONFIGURL_LOADED_FROM);
        if (property2 == null) {
            throw new IllegalArgumentException("Protocol is not specified.");
        }
        try {
            SSLContext sSLContext = (SSLContext) AccessController.doPrivileged(new PrivilegedExceptionAction(this, property, property2) { // from class: com.ibm.ws.ssl.provider.AbstractJSSEProvider.1
                private final String val$contextProvider;
                private final String val$protocol;
                private final AbstractJSSEProvider this$0;

                {
                    this.this$0 = this;
                    this.val$contextProvider = property;
                    this.val$protocol = property2;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws NoSuchAlgorithmException, NoSuchProviderException {
                    return this.val$contextProvider != null ? SSLContext.getInstance(this.val$protocol, this.val$contextProvider) : SSLContext.getInstance(this.val$protocol);
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLContextInstance");
            }
            return sSLContext;
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occurred getting SSL context.", new Object[]{exception});
            }
            if (exception instanceof NoSuchAlgorithmException) {
                String formattedMessage = TraceNLSHelper.getInstance().getFormattedMessage("ssl.no.such.algorithm.CWPKI0028E", new Object[]{property2, property3, property4, exception.getMessage()}, new StringBuffer().append("CWPKI0028E: SSL handshake protocol ").append(property2).append(" is not valid.  This protocol is specified in the SSL configuration alias ").append(property3).append(" loaded from SSL configuration file ").append(property4).append(".  The extended error message is: ").append(exception.getMessage()).append(".").toString());
                Tr.error(tc, formattedMessage);
                throw new SSLException(formattedMessage, exception);
            }
            if (!(exception instanceof NoSuchProviderException)) {
                throw new SSLException(exception);
            }
            String formattedMessage2 = TraceNLSHelper.getInstance().getFormattedMessage("ssl.invalid.context.provider.CWPKI0029E", new Object[]{"IBMJSSE2", property3, property4, exception.getMessage()}, new StringBuffer().append("CWPKI0029E: SSL context provider IBMJSSE2 is not valid.  This provider is specified in the SSL configuration alias ").append(property3).append(" loaded from SSL configuration file ").append(property4).append(".  The extended error message is: ").append(exception.getMessage()).append(".").toString());
            Tr.error(tc, formattedMessage2);
            throw new SSLException(formattedMessage2, exception);
        }
    }

    public com.ibm.jsse2.SSLContext getSSLContextInstanceJSSE2(SSLConfig sSLConfig) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLContextInstanceJSSE2");
        }
        String property = JSSEProviderFactory.isFipsEnabled() ? Constants.PROTOCOL_TLS : sSLConfig.getProperty("com.ibm.ssl.protocol");
        String property2 = sSLConfig.getProperty(Constants.SSLPROP_ALIAS);
        String property3 = sSLConfig.getProperty(Constants.SSLPROP_CONFIGURL_LOADED_FROM);
        if (property == null) {
            throw new IllegalArgumentException("Protocol is not specified.");
        }
        try {
            com.ibm.jsse2.SSLContext sSLContext = (com.ibm.jsse2.SSLContext) AccessController.doPrivileged(new PrivilegedExceptionAction(this, property) { // from class: com.ibm.ws.ssl.provider.AbstractJSSEProvider.2
                private final String val$protocol;
                private final AbstractJSSEProvider this$0;

                {
                    this.this$0 = this;
                    this.val$protocol = property;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws NoSuchAlgorithmException, NoSuchProviderException {
                    return com.ibm.jsse2.SSLContext.getInstance(this.val$protocol, "IBMJSSE2");
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLContextInstanceJSSE2");
            }
            return sSLContext;
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occurred getting SSL context.", new Object[]{exception});
            }
            if (exception instanceof NoSuchAlgorithmException) {
                String formattedMessage = TraceNLSHelper.getInstance().getFormattedMessage("ssl.no.such.algorithm.CWPKI0028E", new Object[]{property, property2, property3, exception.getMessage()}, new StringBuffer().append("CWPKI0028E: SSL handshake protocol ").append(property).append(" is not valid.  This protocol is specified in the SSL configuration alias ").append(property2).append(" loaded from SSL configuration file ").append(property3).append(".  The extended error message is: ").append(exception.getMessage()).append(".").toString());
                Tr.error(tc, formattedMessage);
                throw new SSLException(formattedMessage, exception);
            }
            if (!(exception instanceof NoSuchProviderException)) {
                throw new SSLException(exception);
            }
            String formattedMessage2 = TraceNLSHelper.getInstance().getFormattedMessage("ssl.invalid.context.provider.CWPKI0029E", new Object[]{"IBMJSSE2", property2, property3, exception.getMessage()}, new StringBuffer().append("CWPKI0029E: SSL context provider IBMJSSE2 is not valid.  This provider is specified in the SSL configuration alias ").append(property2).append(" loaded from SSL configuration file ").append(property3).append(".  The extended error message is: ").append(exception.getMessage()).append(".").toString());
            Tr.error(tc, formattedMessage2);
            throw new SSLException(formattedMessage2, exception);
        }
    }

    public TrustManagerFactory getTrustManagerFactoryInstance(String str, String str2) throws NoSuchAlgorithmException, NoSuchProviderException {
        String[] split;
        String str3 = str2;
        if (str.indexOf("|") != -1 && (split = str.split("\\|")) != null && split.length == 2) {
            str = split[0];
            str3 = split[1];
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("return TrustManagerFactory.getInstance(").append(str).append(", ").append(str3).append(")").toString());
        }
        return TrustManagerFactory.getInstance(str, str3);
    }

    public KeyManagerFactory getKeyManagerFactoryInstance(String str, String str2) throws NoSuchAlgorithmException, NoSuchProviderException {
        String[] split;
        if (str.indexOf("|") != -1 && (split = str.split("\\|")) != null && split.length == 2) {
            str = split[0];
            String str3 = split[1];
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("return KeyManagerFactory.getInstance(").append(str).append(", ").append(str2).append(")").toString());
        }
        return KeyManagerFactory.getInstance(str, str2);
    }

    @Override // com.ibm.ws.ssl.JSSEProvider
    public KeyStore getKeyStoreInstance(String str, String str2) throws KeyStoreException, NoSuchProviderException {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("KeyStore.getInstance(").append(str).append(", ").append(str2).append(")").toString());
        }
        return str2 != null ? KeyStore.getInstance(str, str2) : KeyStore.getInstance(str);
    }

    protected static void registerPackage(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("registerPackage -> ").append(str).toString());
        }
        ArrayList arrayList = new ArrayList();
        String property = System.getProperty(URL_HANDLER_PROP);
        if (property != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Current package list: ").append(property).toString());
            }
            StringTokenizer stringTokenizer = new StringTokenizer(property, "|");
            while (stringTokenizer.hasMoreTokens()) {
                arrayList.add(stringTokenizer.nextToken());
            }
        }
        if (arrayList.contains(str)) {
            return;
        }
        arrayList.add(str);
        StringBuffer stringBuffer = new StringBuffer();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            stringBuffer.append((String) it.next());
            if (it.hasNext()) {
                stringBuffer.append('|');
            }
        }
        AccessController.doPrivileged(new PrivilegedAction(stringBuffer) { // from class: com.ibm.ws.ssl.provider.AbstractJSSEProvider.3
            private final StringBuffer val$currentPackages;

            {
                this.val$currentPackages = stringBuffer;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                System.setProperty(AbstractJSSEProvider.URL_HANDLER_PROP, this.val$currentPackages.toString());
                return null;
            }
        });
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "registerPackage");
        }
    }

    public URLStreamHandler getHandler() throws Exception {
        String stringBuffer = new StringBuffer().append(getSSLProtocolPackageHandler()).append(".https.Handler").toString();
        try {
            ClassLoader classLoader = (ClassLoader) java.security.AccessController.doPrivileged(getCtxClassLoader);
            return classLoader != null ? (URLStreamHandler) classLoader.loadClass(stringBuffer).newInstance() : (URLStreamHandler) Class.forName(stringBuffer).newInstance();
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.getHandler", "985", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception loading https stream handler.", new Object[]{e});
            }
            Tr.error(tc, "ssl.load.https.stream.handler.CWPKI0025E", new Object[]{stringBuffer, e.getMessage()});
            throw e;
        }
    }

    public static void addHandlers(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addHandlers", new Object[]{str});
        }
        if (!handlersInitialized) {
            if (!CertificateManager.getInstance().isKeyCertJarAvailable()) {
                setDefaultSocketFactories();
            }
            try {
                if (!queryHandler()) {
                    createStreamHandler();
                }
                if (!queryProvider("https")) {
                    String stringBuffer = new StringBuffer().append(str).append(".https.Handler").toString();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("Adding handler: ").append(stringBuffer).toString());
                    }
                    addProvider("https", stringBuffer);
                }
                if (PlatformHelperFactory.getPlatformHelper().isZOS()) {
                    if (!queryProvider("safkeyring")) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Adding handler:  com.ibm.crypto.provider.safkeyring.Handler");
                        }
                        addProvider("safkeyring", "com.ibm.crypto.provider.safkeyring.Handler");
                    }
                    if (!queryProvider("safkeyringhw")) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Adding handler: com.ibm.crypto.hdwrCCA.provider.safkeyring.Handler");
                        }
                        addProvider("safkeyringhw", "com.ibm.crypto.hdwrCCA.provider.safkeyring.Handler");
                    }
                }
                handlersInitialized = true;
            } catch (Throwable th) {
                FFDCFilter.processException(th, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.addHandlers", "1031");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unable to set safkeyring stream handler", th);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addHandlers");
        }
    }

    public static void setDefaultSocketFactories() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setDefaultSocketFactories");
        }
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.ssl.provider.AbstractJSSEProvider.4
            @Override // java.security.PrivilegedAction
            public Object run() {
                Security.setProperty("ssl.SocketFactory.provider", AbstractJSSEProvider.SSL_SOCKET_FACTORY_NAME);
                Security.setProperty("ssl.ServerSocketFactory.provider", AbstractJSSEProvider.SSL_SERVER_SOCKET_FACTORY_NAME);
                return null;
            }
        });
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "setDefaultSocketFactories", new StringBuffer().append("The following socket factories have been set: ").append(SSL_SOCKET_FACTORY_NAME).append(" and ").append(SSL_SERVER_SOCKET_FACTORY_NAME).toString());
            Tr.exit(tc, "setDefaultSocketFactories");
        }
    }

    private X509KeyManager loadCustomKeyManager(String str) throws Exception {
        X509KeyManager x509KeyManager = null;
        try {
            ClassLoader classLoader = (ClassLoader) java.security.AccessController.doPrivileged(getCtxClassLoader);
            if (classLoader != null) {
                try {
                    x509KeyManager = (X509KeyManager) classLoader.loadClass(str).newInstance();
                } catch (Exception e) {
                }
            }
            if (x509KeyManager == null) {
                x509KeyManager = (X509KeyManager) Class.forName(str).newInstance();
            }
            return x509KeyManager;
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.loadCustomKeyManager", "1089", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception loading custom KeyManager.", new Object[]{e2});
            }
            Tr.error(tc, "ssl.load.keymanager.error.CWPKI0021E", new Object[]{str, e2.getMessage()});
            throw e2;
        }
    }

    private X509TrustManager loadCustomTrustManager(String str) throws Exception {
        X509TrustManager x509TrustManager = null;
        try {
            ClassLoader classLoader = (ClassLoader) java.security.AccessController.doPrivileged(getCtxClassLoader);
            if (classLoader != null) {
                try {
                    x509TrustManager = (X509TrustManager) classLoader.loadClass(str).newInstance();
                } catch (Exception e) {
                }
            }
            if (x509TrustManager == null) {
                x509TrustManager = (X509TrustManager) Class.forName(str).newInstance();
            }
            return x509TrustManager;
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.loadCustomTrustManager", "1126", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception loading custom TrustManager.", new Object[]{e2});
            }
            Tr.error(tc, "ssl.load.trustmanager.error.CWPKI0020E", new Object[]{str, e2.getMessage()});
            throw e2;
        }
    }

    private static boolean queryHandler() {
        try {
            Boolean bool = (Boolean) Class.forName("com.ibm.ws.runtime.util.StreamHandlerUtils").getMethod("queryHandler", null).invoke(null, null);
            if (bool != null) {
                return bool.booleanValue();
            }
            return false;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.queryHandler", "1160");
            if (!tc.isDebugEnabled()) {
                return false;
            }
            Tr.debug(tc, "Exception: ", new Object[]{e});
            return false;
        }
    }

    private static boolean queryProvider(String str) {
        Class<?> cls;
        try {
            Class<?> cls2 = Class.forName("com.ibm.ws.runtime.util.StreamHandlerUtils");
            Class<?>[] clsArr = new Class[1];
            if (class$java$lang$String == null) {
                cls = class$("java.lang.String");
                class$java$lang$String = cls;
            } else {
                cls = class$java$lang$String;
            }
            clsArr[0] = cls;
            Boolean bool = (Boolean) cls2.getMethod("queryProvider", clsArr).invoke(null, str);
            if (bool != null) {
                return bool.booleanValue();
            }
            return false;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.queryProvider", "1180");
            if (!tc.isDebugEnabled()) {
                return false;
            }
            Tr.debug(tc, "Exception: ", new Object[]{e});
            return false;
        }
    }

    private static void addProvider(String str, String str2) {
        Class<?> cls;
        Class<?> cls2;
        try {
            Class<?> cls3 = Class.forName("com.ibm.ws.runtime.util.StreamHandlerUtils");
            Class<?>[] clsArr = new Class[2];
            if (class$java$lang$String == null) {
                cls = class$("java.lang.String");
                class$java$lang$String = cls;
            } else {
                cls = class$java$lang$String;
            }
            clsArr[0] = cls;
            if (class$java$lang$String == null) {
                cls2 = class$("java.lang.String");
                class$java$lang$String = cls2;
            } else {
                cls2 = class$java$lang$String;
            }
            clsArr[1] = cls2;
            cls3.getMethod("addProvider", clsArr).invoke(null, str, str2);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.addProvider", "1180");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception: ", new Object[]{e});
            }
        }
    }

    private static void createStreamHandler() {
        try {
            Class.forName("com.ibm.ws.runtime.util.StreamHandlerUtils").getMethod("createStreamHandler", null).invoke(null, null);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.provider.AbstractJSSEProvider.createStreamHandler", "1216");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception: ", new Object[]{e});
            }
        }
    }

    public static void clearSSLContextCache() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "clearSSLContextCache");
        }
        if (sslContextCacheJAVAX != null && sslContextCacheJAVAX.size() > 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Clearing standard javax.net.ssl.SSLContext cache.");
            }
            sslContextCacheJAVAX.clear();
        }
        if (sslContextCacheJSSE2 != null && sslContextCacheJSSE2.size() > 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Clearing com.ibm.jsse2.SSLContext cache.");
            }
            sslContextCacheJSSE2.clear();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "clearSSLContextCache");
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$ssl$provider$AbstractJSSEProvider == null) {
            cls = class$("com.ibm.ws.ssl.provider.AbstractJSSEProvider");
            class$com$ibm$ws$ssl$provider$AbstractJSSEProvider = cls;
        } else {
            cls = class$com$ibm$ws$ssl$provider$AbstractJSSEProvider;
        }
        tc = Tr.register(cls, "SSL", "com.ibm.ws.ssl.resources.ssl");
        pkcsStoreList = new WSPKCSInKeyStoreList();
        sslContextCacheJAVAX = new HashMap();
        sslContextCacheJSSE2 = new HashMap();
        handlersInitialized = false;
        SSL_SOCKET_FACTORY_NAME = Constants.SOCKET_FACTORY_WAS_DEFAULT;
        SSL_SERVER_SOCKET_FACTORY_NAME = Constants.SERVER_SOCKET_FACTORY_WAS_DEFAULT;
        URL_HANDLER_PROP = WSConstants.URL_HANDLER_PROP;
        getCtxClassLoader = new PrivilegedAction() { // from class: com.ibm.ws.ssl.provider.AbstractJSSEProvider.5
            @Override // java.security.PrivilegedAction
            public Object run() {
                return Thread.currentThread().getContextClassLoader();
            }
        };
    }
}
