package com.raplix.rolloutexpress.net.transport;

import com.raplix.rolloutexpress.ConfigurationException;
import com.raplix.rolloutexpress.net.NetMessageCode;
import com.raplix.rolloutexpress.net.NetSubsystem;
import com.raplix.rolloutexpress.persist.query.builder.SqlNode;
import com.raplix.util.logger.Logger;
import com.raplix.util.platform.common.PlatformUtil;
import com.raplix.util.string.PasswordEscape;
import com.raplix.util.string.StringUtil;
import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:122990-01/SUNWspsms/reloc/server/lib/upgrade/5.2.1/rox.jar:com/raplix/rolloutexpress/net/transport/SSLFactory.class */
public class SSLFactory {
    private static final String SUN_PROVIDER_NAME = "com.sun.net.ssl.internal.ssl.Provider";
    private static final String IBM_PROVIDER_NAME = "com.ibm.jsse.IBMJSSEProvider";
    private SSLContext mContext;
    private boolean mIsClientAuth;
    private String[] mCipherSuites;
    private static boolean providerAdded = false;
    private KeyStore mTrustStore;
    private static final String MODE_CARRIER = "OU=";
    private static final String UPSTREAM_ANNOTATION = "upstream";
    private static final String DOWNSTREAM_ANNOTATION = "downstream";
    private File mPrivateStoreFile;
    private File mTrustStoreFile;
    private KeystoreState mRefreshState;
    private String mEncodedPassword;
    static Class class$com$raplix$rolloutexpress$net$transport$SSLFactory;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:122990-01/SUNWspsms/reloc/server/lib/upgrade/5.2.1/rox.jar:com/raplix/rolloutexpress/net/transport/SSLFactory$KeystoreState.class */
    public static class KeystoreState {
        private long mPrivateStoreTS;
        private long mPrivateStoreSize;
        private long mTrustStoreTS;
        private long mTrustStoreSize;

        KeystoreState(File file, File file2) {
            this.mPrivateStoreTS = -1L;
            this.mPrivateStoreSize = -1L;
            this.mTrustStoreTS = -1L;
            this.mTrustStoreSize = -1L;
            if (file.exists()) {
                this.mPrivateStoreTS = file.lastModified();
                this.mPrivateStoreSize = file.length();
            }
            if (file2.exists()) {
                this.mTrustStoreTS = file2.lastModified();
                this.mTrustStoreSize = file2.length();
            }
        }

        public boolean equals(Object obj) {
            if (obj == null || !(obj instanceof KeystoreState)) {
                return false;
            }
            KeystoreState keystoreState = (KeystoreState) obj;
            return this.mPrivateStoreSize == keystoreState.mPrivateStoreSize && this.mPrivateStoreTS == keystoreState.mPrivateStoreTS && this.mTrustStoreSize == keystoreState.mTrustStoreSize && this.mTrustStoreTS == keystoreState.mTrustStoreTS;
        }
    }

    public SSLServerSocket createServerSocket(int i) throws IOException {
        SSLServerSocket sSLServerSocket = (SSLServerSocket) this.mContext.getServerSocketFactory().createServerSocket(i);
        processSocket(sSLServerSocket);
        return sSLServerSocket;
    }

    public SSLServerSocket createServerSocket(int i, int i2) throws IOException {
        SSLServerSocket sSLServerSocket = (SSLServerSocket) this.mContext.getServerSocketFactory().createServerSocket(i, i2);
        processSocket(sSLServerSocket);
        return sSLServerSocket;
    }

    public SSLServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
        SSLServerSocket sSLServerSocket = (SSLServerSocket) this.mContext.getServerSocketFactory().createServerSocket(i, i2, inetAddress);
        processSocket(sSLServerSocket);
        return sSLServerSocket;
    }

    public SSLSocket createSocket(InetAddress inetAddress, int i) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.mContext.getSocketFactory().createSocket(inetAddress, i);
        processSocket(sSLSocket);
        return sSLSocket;
    }

    public SSLSocket createSocket(String str, int i) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.mContext.getSocketFactory().createSocket(str, i);
        processSocket(sSLSocket);
        return sSLSocket;
    }

    public SSLSocket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.mContext.getSocketFactory().createSocket(inetAddress, i, inetAddress2, i2);
        processSocket(sSLSocket);
        return sSLSocket;
    }

    public SSLSocket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.mContext.getSocketFactory().createSocket(str, i, inetAddress, i2);
        processSocket(sSLSocket);
        return sSLSocket;
    }

    public void verifyCertificateChain(SSLSocket sSLSocket, boolean z) throws TransportException {
        Certificate[] peerCertificates;
        try {
            if (sSLSocket.getSession() != null && (peerCertificates = sSLSocket.getSession().getPeerCertificates()) != null) {
                for (int i = 0; i < peerCertificates.length; i++) {
                    ((X509Certificate) peerCertificates[i]).checkValidity();
                    if (!checkPresenceInTrustStore(peerCertificates[i])) {
                        throw new TransportException(NetMessageCode.TRNS_SSL_UNEXPECTED_CERTIFICATE, new String[]{sSLSocket.getSession().getPeerHost()});
                    }
                    checkModeAnnotations(peerCertificates[i], sSLSocket, z);
                }
            }
        } catch (KeyStoreException e) {
            throw new TransportException(NetMessageCode.TRNS_SSL_INVALID_KEYSTORE, e, new String[]{sSLSocket.getSession().getPeerHost()});
        } catch (CertificateExpiredException e2) {
            throw new TransportException(NetMessageCode.TRNS_SSL_CERTIFICATE_EXPIRED, e2, new String[]{sSLSocket.getSession().getPeerHost()});
        } catch (CertificateNotYetValidException e3) {
            throw new TransportException(NetMessageCode.TRNS_SSL_CERTIFICATE_NOT_YET_VALID, e3, new String[]{sSLSocket.getSession().getPeerHost()});
        } catch (SSLPeerUnverifiedException e4) {
        }
    }

    public boolean requiresRefresh() {
        return !this.mRefreshState.equals(new KeystoreState(this.mPrivateStoreFile, this.mTrustStoreFile));
    }

    public SSLFactory refresh(NetSubsystem netSubsystem) throws TransportException {
        TrustManager[] trustManagerArr;
        Class cls;
        Class cls2;
        try {
            char[] charArray = PasswordEscape.decodePassword(this.mEncodedPassword).toCharArray();
            KeyManager[] keyManagers = getKeyManagers(netSubsystem, this.mPrivateStoreFile, charArray);
            KeyStore keyStore = null;
            if (this.mTrustStoreFile.exists()) {
                keyStore = getTrustStore(this.mTrustStoreFile, netSubsystem.getConfigSSLTrustStoreType(), charArray);
                trustManagerArr = getTrustManagerFactory(netSubsystem, keyStore).getTrustManagers();
                if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                    cls = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                    class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls;
                } else {
                    cls = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                }
                if (Logger.isDebugEnabled(cls)) {
                    String stringBuffer = new StringBuffer().append("trustmgr:init:").append(this.mTrustStoreFile.getAbsolutePath()).toString();
                    if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                        cls2 = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                        class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls2;
                    } else {
                        cls2 = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                    }
                    Logger.debug(stringBuffer, cls2);
                }
            } else {
                trustManagerArr = new TrustManager[0];
            }
            SSLContext sSLContext = SSLContext.getInstance(this.mContext.getProtocol());
            sSLContext.init(keyManagers, trustManagerArr, null);
            return new SSLFactory(this, sSLContext, keyStore);
        } catch (ConfigurationException e) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e);
        } catch (TransportException e2) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e2);
        } catch (IOException e3) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e3);
        } catch (KeyManagementException e4) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e4);
        } catch (KeyStoreException e5) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e5);
        } catch (NoSuchAlgorithmException e6) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e6);
        } catch (CertificateException e7) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e7);
        }
    }

    private void checkModeAnnotations(Certificate certificate, SSLSocket sSLSocket, boolean z) throws TransportException {
        String obj;
        int indexOf;
        Vector vector = new Vector();
        vector.add(0, UPSTREAM_ANNOTATION);
        vector.add(1, DOWNSTREAM_ANNOTATION);
        if (!(certificate instanceof X509Certificate) || (indexOf = (obj = ((X509Certificate) certificate).getSubjectDN().toString()).indexOf(MODE_CARRIER)) <= -1) {
            return;
        }
        int indexOf2 = obj.indexOf(32, indexOf);
        String substring = indexOf2 > -1 ? obj.substring(indexOf + MODE_CARRIER.length(), indexOf2 - 1) : SqlNode.S;
        if (z && substring.equalsIgnoreCase(DOWNSTREAM_ANNOTATION)) {
            throw new TransportException(NetMessageCode.TRNS_SSL_UNEXPECTED_CERTIFICATE_INCORRECT_MODE_ANNOTATION, new Object[]{sSLSocket.getSession().getPeerHost(), new Double(vector.indexOf(DOWNSTREAM_ANNOTATION)), new Double(vector.indexOf(UPSTREAM_ANNOTATION))});
        }
        if (!z && substring.equalsIgnoreCase(UPSTREAM_ANNOTATION)) {
            throw new TransportException(NetMessageCode.TRNS_SSL_UNEXPECTED_CERTIFICATE_INCORRECT_MODE_ANNOTATION, new Object[]{sSLSocket.getSession().getPeerHost(), new Double(vector.indexOf(UPSTREAM_ANNOTATION)), new Double(vector.indexOf(DOWNSTREAM_ANNOTATION))});
        }
    }

    private boolean checkPresenceInTrustStore(Certificate certificate) throws KeyStoreException, CertificateExpiredException, CertificateNotYetValidException {
        if (this.mTrustStore == null) {
            return false;
        }
        String certificateAlias = this.mTrustStore.getCertificateAlias(certificate);
        Object obj = null;
        if (certificateAlias != null) {
            obj = this.mTrustStore.getCertificate(certificateAlias);
        }
        return obj != null && (obj instanceof X509Certificate) && (certificate instanceof X509Certificate) && ((X509Certificate) obj).getSubjectDN().equals(((X509Certificate) certificate).getSubjectDN());
    }

    private void processSocket(SSLSocket sSLSocket) throws IOException {
        if (this.mCipherSuites != null) {
            sSLSocket.setEnabledCipherSuites(this.mCipherSuites);
        }
        sSLSocket.startHandshake();
    }

    private void processSocket(SSLServerSocket sSLServerSocket) {
        if (this.mCipherSuites != null) {
            sSLServerSocket.setEnabledCipherSuites(this.mCipherSuites);
        }
        if (Logger.isDebugEnabled(this)) {
            Logger.debug(new StringBuffer().append("ClientAuth:").append(this.mIsClientAuth).toString(), this);
        }
        sSLServerSocket.setNeedClientAuth(this.mIsClientAuth);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSLFactory init(NetSubsystem netSubsystem, boolean z) throws TransportException {
        Class cls;
        Class cls2;
        TrustManager[] trustManagerArr;
        Class cls3;
        Class cls4;
        Class cls5;
        Class cls6;
        try {
            initProvider();
            SSLContext sSLContext = SSLContext.getInstance(netSubsystem.getConfigSSLProtocol());
            File file = new File(netSubsystem.getConfigSSLPrivateStorePath());
            File file2 = new File(netSubsystem.getConfigSSLTrustStorePath());
            String configSSLTrustStoreType = netSubsystem.getConfigSSLTrustStoreType();
            KeyStore keyStore = null;
            char[] cArr = new char[0];
            String str = null;
            if (file.exists() || file2.exists()) {
                if (!z) {
                    try {
                        str = netSubsystem.getApplication().promptForInput(new String[]{NetMessageCode.TRNS_ENTER_KEY_PASSWORD.roxMessage().getMessageString()});
                    } catch (IOException e) {
                        if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                            cls = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                            class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls;
                        } else {
                            cls = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                        }
                        if (Logger.isWarnEnabled(cls)) {
                            if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                                cls2 = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                                class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls2;
                            } else {
                                cls2 = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                            }
                            Logger.warn("Error reading password from stdin", e, cls2);
                        }
                    }
                }
                if (StringUtil.isEmpty(str)) {
                    str = netSubsystem.getConfigSSLKeyStorePass();
                }
                cArr = StringUtil.isEmpty(str) ? new char[0] : str.toCharArray();
            }
            KeyManager[] keyManagers = getKeyManagers(netSubsystem, file, cArr);
            if (file2.exists()) {
                keyStore = getTrustStore(file2, configSSLTrustStoreType, cArr);
                trustManagerArr = getTrustManagerFactory(netSubsystem, keyStore).getTrustManagers();
                if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                    cls5 = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                    class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls5;
                } else {
                    cls5 = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                }
                if (Logger.isDebugEnabled(cls5)) {
                    String stringBuffer = new StringBuffer().append("trustmgr:init:").append(file2.getAbsolutePath()).toString();
                    if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                        cls6 = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                        class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls6;
                    } else {
                        cls6 = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                    }
                    Logger.debug(stringBuffer, cls6);
                }
            } else {
                trustManagerArr = new TrustManager[0];
            }
            sSLContext.init(keyManagers, trustManagerArr, null);
            boolean configSSLClientAuth = netSubsystem.getConfigSSLClientAuth();
            String configSSLCipherSuites = netSubsystem.getConfigSSLCipherSuites();
            String[] strArr = null;
            if (!StringUtil.isEmpty(configSSLCipherSuites)) {
                StringTokenizer stringTokenizer = new StringTokenizer(configSSLCipherSuites, ",");
                strArr = new String[stringTokenizer.countTokens()];
                int i = 0;
                while (stringTokenizer.hasMoreTokens()) {
                    strArr[i] = stringTokenizer.nextToken();
                    i++;
                }
                verifyCipherSuites(strArr, sSLContext);
            }
            if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                cls3 = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls3;
            } else {
                cls3 = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
            }
            if (Logger.isDebugEnabled(cls3)) {
                String stringBuffer2 = new StringBuffer().append("SSLFactory:init:").append(sSLContext).toString();
                if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                    cls4 = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                    class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls4;
                } else {
                    cls4 = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                }
                Logger.debug(stringBuffer2, cls4);
            }
            return new SSLFactory(sSLContext, configSSLClientAuth, strArr, keyStore, file, file2, PasswordEscape.encodePassword(str));
        } catch (ConfigurationException e2) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e2);
        } catch (IOException e3) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e3);
        } catch (ClassNotFoundException e4) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e4);
        } catch (IllegalAccessException e5) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e5);
        } catch (InstantiationException e6) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e6);
        } catch (KeyManagementException e7) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e7);
        } catch (KeyStoreException e8) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e8);
        } catch (NoSuchAlgorithmException e9) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e9);
        } catch (CertificateException e10) {
            throw new TransportException(NetMessageCode.TRNS_ERR_INIT_KEY_STORES, e10);
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:6:0x005f
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private static java.security.KeyStore getTrustStore(java.io.File r9, java.lang.String r10, char[] r11) throws java.security.cert.CertificateException, com.raplix.rolloutexpress.net.transport.TransportException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException {
        /*
            r0 = 0
            r12 = r0
            r0 = 0
            r13 = r0
            r0 = r10
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)     // Catch: java.io.FileNotFoundException -> L21 java.io.IOException -> L3b java.lang.Throwable -> L4a
            r13 = r0
            java.io.FileInputStream r0 = new java.io.FileInputStream     // Catch: java.io.FileNotFoundException -> L21 java.io.IOException -> L3b java.lang.Throwable -> L4a
            r1 = r0
            r2 = r9
            r1.<init>(r2)     // Catch: java.io.FileNotFoundException -> L21 java.io.IOException -> L3b java.lang.Throwable -> L4a
            r12 = r0
            r0 = r13
            r1 = r12
            r2 = r11
            r0.load(r1, r2)     // Catch: java.io.FileNotFoundException -> L21 java.io.IOException -> L3b java.lang.Throwable -> L4a
            r0 = jsr -> L52
        L1e:
            goto L63
        L21:
            r14 = move-exception
            com.raplix.rolloutexpress.net.transport.TransportException r0 = new com.raplix.rolloutexpress.net.transport.TransportException     // Catch: java.lang.Throwable -> L4a
            r1 = r0
            com.raplix.rolloutexpress.net.NetMessageCode r2 = com.raplix.rolloutexpress.net.NetMessageCode.TRNS_ERR_TRUST_KEY_STORE     // Catch: java.lang.Throwable -> L4a
            r3 = r14
            r4 = 1
            java.lang.String[] r4 = new java.lang.String[r4]     // Catch: java.lang.Throwable -> L4a
            r5 = r4
            r6 = 0
            r7 = r9
            java.lang.String r7 = r7.getAbsolutePath()     // Catch: java.lang.Throwable -> L4a
            r5[r6] = r7     // Catch: java.lang.Throwable -> L4a
            r1.<init>(r2, r3, r4)     // Catch: java.lang.Throwable -> L4a
            throw r0     // Catch: java.lang.Throwable -> L4a
        L3b:
            r14 = move-exception
            com.raplix.rolloutexpress.net.transport.TransportException r0 = new com.raplix.rolloutexpress.net.transport.TransportException     // Catch: java.lang.Throwable -> L4a
            r1 = r0
            com.raplix.rolloutexpress.net.NetMessageCode r2 = com.raplix.rolloutexpress.net.NetMessageCode.TRNS_ERR_TRUST_KEY_STORE     // Catch: java.lang.Throwable -> L4a
            r3 = r14
            r1.<init>(r2, r3)     // Catch: java.lang.Throwable -> L4a
            throw r0     // Catch: java.lang.Throwable -> L4a
        L4a:
            r15 = move-exception
            r0 = jsr -> L52
        L4f:
            r1 = r15
            throw r1
        L52:
            r16 = r0
            r0 = r12
            if (r0 == 0) goto L61
            r0 = r12
            r0.close()     // Catch: java.io.IOException -> L5f
            goto L61
        L5f:
            r17 = move-exception
        L61:
            ret r16
        L63:
            r1 = r13
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.raplix.rolloutexpress.net.transport.SSLFactory.getTrustStore(java.io.File, java.lang.String, char[]):java.security.KeyStore");
    }

    private static void initProvider() throws ClassNotFoundException, IllegalAccessException, InstantiationException {
        if (providerAdded) {
            return;
        }
        Security.addProvider((Provider) Class.forName(PlatformUtil.isAix() ? IBM_PROVIDER_NAME : SUN_PROVIDER_NAME).newInstance());
        providerAdded = true;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:24:0x0105
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private static javax.net.ssl.KeyManager[] getKeyManagers(com.raplix.rolloutexpress.net.NetSubsystem r9, java.io.File r10, char[] r11) throws java.io.IOException, com.raplix.rolloutexpress.ConfigurationException, java.security.NoSuchAlgorithmException, java.security.KeyStoreException, java.security.cert.CertificateException, com.raplix.rolloutexpress.net.transport.TransportException {
        /*
            Method dump skipped, instructions count: 265
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.raplix.rolloutexpress.net.transport.SSLFactory.getKeyManagers(com.raplix.rolloutexpress.net.NetSubsystem, java.io.File, char[]):javax.net.ssl.KeyManager[]");
    }

    private static TrustManagerFactory getTrustManagerFactory(NetSubsystem netSubsystem, KeyStore keyStore) throws IOException, ConfigurationException, NoSuchAlgorithmException, KeyStoreException, CertificateException, TransportException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(netSubsystem.getConfigSSLTrustMgrAlg());
        if (netSubsystem.getConfigSSLInitValidateCerts()) {
            verifyKeyStoreCertificates(keyStore);
        }
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    private static void verifyCipherSuites(String[] strArr, SSLContext sSLContext) throws TransportException {
        String[] supportedCipherSuites = sSLContext.getServerSocketFactory().getSupportedCipherSuites();
        HashSet hashSet = new HashSet();
        for (String str : supportedCipherSuites) {
            hashSet.add(str);
        }
        HashSet hashSet2 = new HashSet();
        for (int i = 0; i < strArr.length; i++) {
            if (!hashSet.contains(strArr[i])) {
                hashSet2.add(strArr[i]);
            }
        }
        if (!hashSet2.isEmpty()) {
            throw new TransportException(NetMessageCode.TRNS_ERR_SSL_CIPHER_SUITES, new String[]{hashSet2.toString(), hashSet.toString()});
        }
    }

    private SSLFactory(SSLContext sSLContext, boolean z, String[] strArr, KeyStore keyStore, File file, File file2, String str) {
        this.mTrustStore = null;
        this.mContext = sSLContext;
        this.mIsClientAuth = z;
        this.mCipherSuites = strArr;
        this.mTrustStore = keyStore;
        this.mPrivateStoreFile = file;
        this.mTrustStoreFile = file2;
        this.mRefreshState = new KeystoreState(this.mPrivateStoreFile, this.mTrustStoreFile);
        this.mEncodedPassword = str;
    }

    private SSLFactory(SSLFactory sSLFactory, SSLContext sSLContext, KeyStore keyStore) {
        this.mTrustStore = null;
        this.mContext = sSLContext;
        this.mTrustStore = keyStore;
        this.mIsClientAuth = sSLFactory.mIsClientAuth;
        this.mCipherSuites = sSLFactory.mCipherSuites;
        this.mPrivateStoreFile = sSLFactory.mPrivateStoreFile;
        this.mTrustStoreFile = sSLFactory.mTrustStoreFile;
        this.mRefreshState = new KeystoreState(this.mPrivateStoreFile, this.mTrustStoreFile);
        this.mEncodedPassword = sSLFactory.mEncodedPassword;
    }

    private static void verifyKeyStoreCertificates(KeyStore keyStore) throws CertificateException, KeyStoreException {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
            if (certificateChain != null) {
                for (int i = 0; i < certificateChain.length; i++) {
                    if (certificateChain[i] instanceof X509Certificate) {
                        ((X509Certificate) certificateChain[i]).checkValidity();
                    }
                }
            }
            Certificate certificate = keyStore.getCertificate(nextElement);
            if (certificate != null && (certificate instanceof X509Certificate)) {
                ((X509Certificate) certificate).checkValidity();
            }
        }
    }

    private static void logKeyStore(KeyStore keyStore, char[] cArr) {
        Class cls;
        Class cls2;
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isCertificateEntry(nextElement)) {
                    if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                        cls = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                        class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls;
                    } else {
                        cls = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                    }
                    if (Logger.isInfoEnabled(cls)) {
                        String stringBuffer = new StringBuffer().append("Alias:").append(nextElement).append(":Cert:").append(keyStore.getCertificate(nextElement)).toString();
                        if (class$com$raplix$rolloutexpress$net$transport$SSLFactory == null) {
                            cls2 = class$("com.raplix.rolloutexpress.net.transport.SSLFactory");
                            class$com$raplix$rolloutexpress$net$transport$SSLFactory = cls2;
                        } else {
                            cls2 = class$com$raplix$rolloutexpress$net$transport$SSLFactory;
                        }
                        Logger.info(stringBuffer, cls2);
                    }
                }
            }
        } catch (Exception e) {
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
