package com.sun.enterprise.security;

import com.sun.enterprise.admin.servermgmt.KeystoreManager;
import com.sun.enterprise.config.clientbeans.Ssl;
import com.sun.enterprise.security.ssl.UnifiedX509KeyManager;
import com.sun.enterprise.security.ssl.UnifiedX509TrustManager;
import com.sun.enterprise.server.pluggable.SecuritySupport;
import com.sun.logging.LogDomains;
import com.sun.web.security.SSLSocketFactory;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:119166-06/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/enterprise/security/SSLUtils.class */
public final class SSLUtils {
    private static final String defaultKeyStorePass = "changeit";
    private static final String defaultTrustStorePass = "changeit";
    private static final String keystoreProp = "javax.net.ssl.keyStore";
    private static final String keystorePassProp = "javax.net.ssl.keyStorePassword";
    private static final String truststorePassProp = "javax.net.ssl.trustStorePassword";
    private static Logger _logger;
    private static SecuritySupport secSupp;
    private static boolean hasKey;
    private static KeyStore mergedTrustStore;
    private static boolean initialized;
    private static Ssl appclientSsl;
    private static HashMap fullCipherNameMap;
    private static KeyManager keyManager = null;
    private static TrustManager trustManager = null;
    private static SSLUtils privateKeyEntryProxy = new SSLUtils();

    /* loaded from: input_file:119166-06/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/enterprise/security/SSLUtils$PrivateKeyEntry.class */
    public class PrivateKeyEntry {
        PrivateKey key;
        Certificate[] certs;
        private final SSLUtils this$0;

        PrivateKeyEntry(SSLUtils sSLUtils, PrivateKey privateKey, Certificate[] certificateArr) {
            this.this$0 = sSLUtils;
            this.key = privateKey;
            this.certs = certificateArr;
        }

        public PrivateKey getPrivateKey() {
            return this.key;
        }

        public Certificate[] getCertificateChain() {
            return this.certs;
        }
    }

    private SSLUtils() {
    }

    private PrivateKeyEntry getPrivateKeyEntry(PrivateKey privateKey, Certificate[] certificateArr) {
        return new PrivateKeyEntry(this, privateKey, certificateArr);
    }

    public static void initStoresAtStartup() throws Exception {
        if (initialized) {
            return;
        }
        SSLSocketFactory.setManagers(getKeyManagers(), getTrustManagers());
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(getKeyManagers(), getTrustManagers(), null);
        HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        com.sun.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        initialized = true;
    }

    public static KeyStore[] getKeyStores() throws Exception {
        return secSupp.getKeyStores();
    }

    public static KeyStore getKeyStore() throws Exception {
        return getKeyStores()[0];
    }

    public static KeyStore[] getTrustStores() throws Exception {
        return secSupp.getTrustStores();
    }

    public static KeyStore getTrustStore() throws Exception {
        return getTrustStores()[0];
    }

    public static KeyStore getMergedTrustStore() {
        return mergedTrustStore;
    }

    public static KeyManager[] getKeyManagers() throws Exception {
        return new KeyManager[]{keyManager};
    }

    public static TrustManager[] getTrustManagers() throws Exception {
        return new TrustManager[]{trustManager};
    }

    public static void setAppclientSsl(Ssl ssl) {
        appclientSsl = ssl;
    }

    public static Ssl getAppclientSsl() {
        return appclientSsl;
    }

    public static String getKeyStorePass() {
        return System.getProperty("javax.net.ssl.keyStorePassword", KeystoreManager.DEFAULT_MASTER_PASSWORD);
    }

    public static String getTrustStorePass() {
        return System.getProperty("javax.net.ssl.trustStorePassword", KeystoreManager.DEFAULT_MASTER_PASSWORD);
    }

    public static boolean isKeyAvailable() {
        return hasKey;
    }

    public static boolean isTokenKeyAlias(String str) throws Exception {
        boolean z = false;
        if (str != null) {
            int indexOf = str.indexOf(58);
            KeyStore[] keyStores = getKeyStores();
            int i = -1;
            String str2 = null;
            if (indexOf != -1) {
                String[] tokenNames = secSupp.getTokenNames();
                String substring = str.substring(0, indexOf);
                str2 = str.substring(indexOf + 1);
                for (int i2 = 0; i2 < tokenNames.length; i2++) {
                    if (substring.equals(tokenNames[i2])) {
                        i = i2;
                    }
                }
            }
            if (i != -1) {
                z = keyStores[i].isKeyEntry(str2);
            } else {
                int i3 = 0;
                while (true) {
                    if (i3 >= keyStores.length) {
                        break;
                    }
                    if (keyStores[i3].isKeyEntry(str)) {
                        z = true;
                        break;
                    }
                    i3++;
                }
            }
        }
        return z;
    }

    public static PrivateKeyEntry getPrivateKeyEntryFromTokenAlias(String str) throws Exception {
        PrivateKeyEntry privateKeyEntry = null;
        if (str != null) {
            int indexOf = str.indexOf(58);
            KeyStore[] keyStores = getKeyStores();
            int i = -1;
            String str2 = str;
            if (indexOf != -1) {
                String[] tokenNames = secSupp.getTokenNames();
                String substring = str.substring(0, indexOf);
                str2 = str.substring(indexOf + 1);
                for (int i2 = 0; i2 < tokenNames.length; i2++) {
                    if (substring.equals(tokenNames[i2])) {
                        i = i2;
                    }
                }
            }
            String[] keyStorePasswords = secSupp.getKeyStorePasswords();
            if (i == -1 || keyStorePasswords.length < i) {
                int i3 = 0;
                while (true) {
                    if (i3 >= keyStores.length) {
                        break;
                    }
                    Key key = keyStores[i3].getKey(str2, keyStorePasswords[i3].toCharArray());
                    if (key != null && (key instanceof PrivateKey)) {
                        privateKeyEntry = privateKeyEntryProxy.getPrivateKeyEntry((PrivateKey) key, keyStores[i3].getCertificateChain(str2));
                        break;
                    }
                    i3++;
                }
            } else {
                Key key2 = keyStores[i].getKey(str2, keyStorePasswords[i].toCharArray());
                if (key2 instanceof PrivateKey) {
                    privateKeyEntry = privateKeyEntryProxy.getPrivateKeyEntry((PrivateKey) key2, keyStores[i].getCertificateChain(str2));
                }
            }
        }
        return privateKeyEntry;
    }

    private static void initKeyManagers(KeyStore[] keyStoreArr, String[] strArr) throws Exception {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < keyStoreArr.length; i++) {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            keyManagerFactory.init(keyStoreArr[i], strArr[i].toCharArray());
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            if (keyManagers != null) {
                for (KeyManager keyManager2 : keyManagers) {
                    arrayList.add(keyManager2);
                }
            }
        }
        keyManager = new UnifiedX509KeyManager((X509KeyManager[]) arrayList.toArray(new X509KeyManager[arrayList.size()]), secSupp.getTokenNames());
    }

    private static void initTrustManagers(KeyStore[] keyStoreArr) throws Exception {
        ArrayList arrayList = new ArrayList();
        for (KeyStore keyStore : keyStoreArr) {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers != null) {
                for (TrustManager trustManager2 : trustManagers) {
                    arrayList.add(trustManager2);
                }
            }
        }
        if (arrayList.size() == 1) {
            trustManager = (TrustManager) arrayList.get(0);
        } else {
            trustManager = new UnifiedX509TrustManager((X509TrustManager[]) arrayList.toArray(new X509TrustManager[arrayList.size()]));
        }
    }

    private static KeyStore mergingTrustStores(KeyStore[] keyStoreArr) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore;
        try {
            keyStore = KeyStore.getInstance("CaseExactJKS");
        } catch (KeyStoreException e) {
            keyStore = KeyStore.getInstance("JKS");
        }
        String[] keyStorePasswords = secSupp.getKeyStorePasswords();
        keyStore.load(null, keyStorePasswords[keyStorePasswords.length - 1].toCharArray());
        for (int i = 0; i < keyStoreArr.length; i++) {
            Enumeration<String> aliases = keyStoreArr[i].aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                String str = nextElement;
                int i2 = 1;
                while (keyStore.getCertificate(str) != null) {
                    int i3 = i2;
                    i2++;
                    str = new StringBuffer().append(nextElement).append("__").append(i3).toString();
                }
                keyStore.setCertificateEntry(str, keyStoreArr[i].getCertificate(nextElement));
            }
        }
        return keyStore;
    }

    static {
        _logger = null;
        secSupp = null;
        hasKey = false;
        mergedTrustStore = null;
        _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
        KeyTool.initProvider();
        secSupp = SecurityUtil.getSecuritySupport();
        try {
            KeyStore[] keyStores = getKeyStores();
            initKeyManagers(keyStores, secSupp.getKeyStorePasswords());
            initTrustManagers(getTrustStores());
            if (keyStores != null && keyStores.length > 0) {
                for (int i = 0; i < keyStores.length; i++) {
                    Enumeration<String> aliases = keyStores[i].aliases();
                    while (true) {
                        if (!aliases.hasMoreElements()) {
                            break;
                        }
                        if (keyStores[i].isKeyEntry(aliases.nextElement())) {
                            hasKey = true;
                            break;
                        }
                    }
                    if (hasKey) {
                        break;
                    }
                }
            }
            mergedTrustStore = mergingTrustStores(secSupp.getTrustStores());
            initialized = false;
            appclientSsl = null;
            fullCipherNameMap = new HashMap();
        } catch (Exception e) {
            if (_logger.isLoggable(Level.FINE)) {
                _logger.log(Level.FINE, "SSLUtils static init fails.", (Throwable) e);
            }
            throw new IllegalStateException(e.getMessage());
        }
    }
}
