package lotus.priv.CORBA.iiop.ssl;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.Socket;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.util.Properties;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;
import lotus.priv.CORBA.iiop.CDRInputStream;
import lotus.priv.CORBA.iiop.Connection;
import lotus.priv.CORBA.iiop.IIOPConnection;
import lotus.priv.CORBA.iiop.ORB;
import lotus.priv.CORBA.iiop.Profile;
import org.omg.CORBA.INTERNAL;
import org.omg.CORBA.SystemException;

/* loaded from: input_file:lotus/priv/CORBA/iiop/ssl/SSLSecurity.class */
public class SSLSecurity {
    public static final int TAG_SSL_SEC_TRANS = 20;
    private String CLIENT_KEY_STORE;
    private String CLIENT_KEY_STORE_PASSWORD;
    private String CLIENT_CERTS_CONFIG;
    private Properties sslProperties;
    private String sslPropertiesFile;
    private boolean sslDebug;
    private int sslClientTestPort;
    private int sslPort;

    public void setDebug(boolean z) {
        this.sslDebug = z;
    }

    public SSLSecurity(Properties properties) {
        this.CLIENT_KEY_STORE = "domino.keystore";
        this.CLIENT_KEY_STORE_PASSWORD = "domino.kspassword";
        this.CLIENT_CERTS_CONFIG = "dominocertsconfig";
        this.sslProperties = null;
        this.sslPropertiesFile = null;
        this.sslDebug = false;
        this.sslClientTestPort = 0;
        this.sslPort = 0;
        this.sslProperties = new Properties();
        if (properties != null) {
            try {
                if (properties.getProperty(this.CLIENT_KEY_STORE) != null && properties.getProperty(this.CLIENT_KEY_STORE_PASSWORD) != null) {
                    this.sslProperties.put(this.CLIENT_KEY_STORE, properties.getProperty(this.CLIENT_KEY_STORE));
                    this.sslProperties.put(this.CLIENT_KEY_STORE_PASSWORD, properties.getProperty(this.CLIENT_KEY_STORE_PASSWORD));
                }
            } catch (FileNotFoundException e) {
                e.printStackTrace();
                return;
            } catch (IOException e2) {
                e2.printStackTrace();
                return;
            }
        }
        String stringBuffer = new StringBuffer().append(System.getProperty("java.home")).append(File.separator).append(this.CLIENT_CERTS_CONFIG).toString();
        Properties properties2 = new Properties();
        properties2.load(new FileInputStream(stringBuffer));
        this.sslProperties.put(this.CLIENT_KEY_STORE, properties2.getProperty(this.CLIENT_KEY_STORE));
        this.sslProperties.put(this.CLIENT_KEY_STORE_PASSWORD, properties2.getProperty(this.CLIENT_KEY_STORE_PASSWORD));
    }

    public SSLSecurity(ORB orb) throws SystemException {
        this(orb.getORBState());
        try {
            readPropertiesFile(orb.getSSLPropertiesURL());
        } catch (MalformedURLException e) {
            System.out.println(new StringBuffer().append(" SSLSecurity.readPropertiesFile - MalformedURLException, URL was ").append(orb.getSSLPropertiesURL().toString()).toString());
            throw new INTERNAL();
        } catch (IOException e2) {
            System.out.println(" SSLSecurity.readPropertiesFile - IOException");
            throw new INTERNAL();
        }
    }

    public SSLContext createSSLContext() throws SystemException {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyStore keyStore = KeyStore.getInstance("JKS");
            String property = this.sslProperties.getProperty(this.CLIENT_KEY_STORE);
            String property2 = this.sslProperties.getProperty(this.CLIENT_KEY_STORE_PASSWORD);
            if (property == null && this.sslDebug) {
                System.out.println(" SSLSecurity.createSSLContext() - No SSL Key store");
            }
            keyStore.load(new FileInputStream(property), property2.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (Exception e) {
            if (this.sslDebug) {
                System.out.println(" SSLSecurity.createSSLContext() - Fail to create SSLContext ");
            }
            e.printStackTrace();
            throw new INTERNAL();
        }
    }

    public Socket createSSLSocket(Profile profile, boolean z) throws SystemException {
        SSLSocket sSLSocket;
        SSLTag sSLTag = new SSLTag();
        try {
            getSSLComponentTagValues(profile, sSLTag);
            if (this.sslDebug) {
                System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - target_requires ").append((int) sSLTag.getTargetRequires()).toString());
                System.out.println(new StringBuffer().append("                             - target_supports ").append((int) sSLTag.getTargetSupports()).toString());
                System.out.println(new StringBuffer().append("                             - ssl port ").append(sSLTag.getSSLPort()).toString());
            }
            if (sSLTag.getTargetRequires() > sSLTag.getTargetSupports()) {
                if (this.sslDebug) {
                    System.out.println(" SSLSecurity.createSSLSocket - AssociationOption target_requires exceeds target_supports.");
                    System.out.println(" SSLSecurity.createSSLSocket - Unable to determine SSL cipher suites to use.");
                }
                throw new INTERNAL();
            }
            try {
                SSLContext createSSLContext = createSSLContext();
                String host = profile.getHost();
                try {
                    if (this.sslDebug) {
                        System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - host ").append(host).append(", sslPort ").append(sSLTag.getSSLPort()).append(", client ").append(z).append(", port ").append(profile.getPort()).toString());
                    }
                    if (z) {
                        sSLSocket = (SSLSocket) createSSLContext.getSocketFactory().createSocket(host, sSLTag.getSSLPort());
                        sSLSocket.setUseClientMode(true);
                    } else {
                        sSLSocket = (SSLSocket) createSSLContext.getSocketFactory().createSocket(host, sSLTag.getSSLPort());
                        sSLSocket.setUseClientMode(false);
                    }
                    if (modifyCiphersWithAssocOpt(sSLTag.getTargetRequires(), sSLSocket.getEnabledCipherSuites()).length() > 0) {
                        if (this.sslDebug) {
                            System.out.println(" SSLSecurity.createSSLSocket - SSLSocket created. Exiting ");
                        }
                        return sSLSocket;
                    }
                    if (this.sslDebug) {
                        System.out.println(" SSLSecurity.createSSLSocket - Negotiated cipher suite does not meet minimum security requirements. ");
                        System.out.println(" SSLSecurity.createSSLSocket - SSLSocket not created. ");
                    }
                    try {
                        sSLSocket.close();
                        return null;
                    } catch (Exception e) {
                        return null;
                    }
                } catch (UnknownHostException e2) {
                    if (this.sslDebug) {
                        System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - UnknownHostException from SSLSocket() ").append(e2).toString());
                    }
                    throw new INTERNAL();
                } catch (SSLException e3) {
                    if (this.sslDebug) {
                        System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - SSLException from SSLSocket() ").append(e3).toString());
                    }
                    throw new INTERNAL();
                } catch (IOException e4) {
                    if (this.sslDebug) {
                        System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - IOException from SSLSocket() ").append(e4).toString());
                    }
                    throw new INTERNAL();
                } catch (Exception e5) {
                    e5.printStackTrace();
                    throw new INTERNAL();
                }
            } catch (SystemException e6) {
                if (this.sslDebug) {
                    System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - SystemException from createSSLContext() ").append(e6).toString());
                }
                throw e6;
            }
        } catch (Exception e7) {
            if (this.sslDebug) {
                System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - Bad or non-exixtant SSL component tag. ").append(e7).toString());
            }
            throw new INTERNAL();
        }
    }

    public Socket createSSLSocket(Profile profile, boolean z, Socket socket, SSLContext sSLContext) throws SystemException {
        SSLContext createSSLContext;
        SSLSocket sSLSocket;
        SSLTag sSLTag = new SSLTag();
        try {
            getSSLComponentTagValues(profile, sSLTag);
            if (sSLTag.getTargetRequires() > sSLTag.getTargetSupports()) {
                if (this.sslDebug) {
                    System.out.println(" SSLSecurity.createSSLSocket - AssociationOption target_requires exceeds target_supports.");
                    System.out.println(" SSLSecurity.createSSLSocket - Unable to determine SSL cipher suites to use.");
                }
                throw new INTERNAL();
            }
            if (sSLContext == null) {
                try {
                    createSSLContext = createSSLContext();
                } catch (SystemException e) {
                    if (this.sslDebug) {
                        System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - SystemException from createSSLContext() ").append(e).toString());
                    }
                    throw e;
                }
            } else {
                createSSLContext = sSLContext;
            }
            if (socket != null) {
                if (this.sslDebug) {
                    System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - socket ").append(socket).append(", client ").append(z).toString());
                }
                if (z) {
                    sSLSocket = (SSLSocket) socket;
                    sSLSocket.setUseClientMode(true);
                } else {
                    sSLSocket = (SSLSocket) socket;
                    sSLSocket.setUseClientMode(false);
                }
            } else {
                String host = profile.getHost();
                if (this.sslDebug) {
                    System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - host ").append(host).append(", sslPort ").append(sSLTag.getSSLPort()).append(", client ").append(z).append(", port ").append(profile.getPort()).toString());
                }
                try {
                    if (z) {
                        sSLSocket = (SSLSocket) createSSLContext.getSocketFactory().createSocket(host, sSLTag.getSSLPort());
                        sSLSocket.setUseClientMode(true);
                    } else {
                        sSLSocket = (SSLSocket) createSSLContext.getSocketFactory().createSocket(host, sSLTag.getSSLPort());
                        sSLSocket.setUseClientMode(false);
                    }
                } catch (UnknownHostException e2) {
                    if (this.sslDebug) {
                        System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - UnknownHostException from SSLSocket() ").append(e2).toString());
                    }
                    throw new INTERNAL();
                } catch (SSLException e3) {
                    if (this.sslDebug) {
                        System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - SSLException from SSLSocket() ").append(e3).toString());
                    }
                    throw new INTERNAL();
                } catch (IOException e4) {
                    if (this.sslDebug) {
                        System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - IOException from SSLSocket() ").append(e4).toString());
                    }
                    throw new INTERNAL();
                }
            }
            if (modifyCiphersWithAssocOpt(sSLTag.getTargetRequires(), sSLSocket.getEnabledCipherSuites()).length() > 0) {
                if (this.sslDebug) {
                    System.out.println(" SSLSecurity.createSSLSocket - SSLSocket created. Exiting ");
                }
                return sSLSocket;
            }
            if (this.sslDebug) {
                System.out.println(" SSLSecurity.createSSLSocket - Negotiated cipher suite does not meet minimum security requirements. ");
                System.out.println(" SSLSecurity.createSSLSocket - SSLSocket not created. ");
            }
            try {
                sSLSocket.close();
                return null;
            } catch (Exception e5) {
                return null;
            }
        } catch (Exception e6) {
            if (this.sslDebug) {
                System.out.println(new StringBuffer().append(" SSLSecurity.createSSLSocket - Bad or non-exixtant SSL component tag. ").append(e6).toString());
            }
            throw new INTERNAL();
        }
    }

    public Socket createSSLSocket(String str, String[] strArr) throws IOException, UnknownHostException, ClassNotFoundException, InstantiationException, IllegalAccessException {
        int i;
        int indexOf = str.indexOf(58);
        if (indexOf == -1) {
            i = 443;
        } else {
            try {
                i = Integer.parseInt(str.substring(indexOf + 1));
                str = str.substring(0, indexOf);
                if (this.sslDebug) {
                    System.out.println(new StringBuffer().append(" SSLSecurity: set host to ").append(str).toString());
                    System.out.println(new StringBuffer().append(" SSLSecurity: set SSL port to ").append(i).toString());
                }
            } catch (NumberFormatException e) {
                if (this.sslDebug) {
                    System.out.println(new StringBuffer().append(" SSLSecurity: Error converting ").append(str).toString());
                }
                i = 443;
            }
        }
        SSLSocket sSLSocket = (SSLSocket) createSSLContext().getSocketFactory().createSocket(str, i);
        sSLSocket.setUseClientMode(true);
        return sSLSocket;
    }

    public Connection createSSLConnection(ORB orb, Profile profile, boolean z) throws SystemException {
        Socket socket = null;
        IIOPConnection iIOPConnection = null;
        if (!orb.SSLSecurityIsEnabled()) {
            if (!this.sslDebug) {
                return null;
            }
            System.out.println(" SSLSecurity.createSSLConnection. Configuration not using SSL. Exiting ");
            return null;
        }
        if (this.sslDebug) {
            System.out.println(" SSLSecurity.createSSLConnection. Configuration using SSL ");
        }
        try {
            socket = createSSLSocket(profile, z);
            if (socket != null) {
                iIOPConnection = new IIOPConnection(orb, profile.getHost(), socket.getPort(), socket, socket.getInputStream(), socket.getOutputStream(), z, orb.getConnectionTable());
            }
            return iIOPConnection;
        } catch (Exception e) {
            if (this.sslDebug) {
                System.out.println("            .createSSLConnection - Unable to create IIOPConnection with SSLSocket.");
            }
            if (socket != null) {
                try {
                    socket.close();
                } catch (Exception e2) {
                }
            }
            throw new INTERNAL();
        }
    }

    protected void readPropertiesFile(String str) throws MalformedURLException, IOException {
        readPropertiesFile(new URL(str));
        this.sslPropertiesFile = str;
    }

    protected void readPropertiesFile(URL url) throws MalformedURLException, IOException {
        InputStream openStream = url.openStream();
        Properties properties = new Properties(this.sslProperties);
        properties.load(openStream);
        openStream.close();
        if (properties.getProperty("lotus.priv.CORBA.SSLDebug") != null) {
            this.sslDebug = true;
            String property = properties.getProperty("lotus.priv.CORBA.SSLClientTestPort");
            if (property != null) {
                try {
                    this.sslClientTestPort = new Integer(property).intValue();
                } catch (Exception e) {
                }
            }
        }
        String property2 = properties.getProperty("lotus.priv.CORBA.SSLPort");
        if (property2 != null) {
            try {
                this.sslPort = new Integer(property2).intValue();
            } catch (Exception e2) {
                if (this.sslDebug) {
                    System.out.println("SSLSecurity.readPropertiesFile - NumberFormatException on sslPort");
                }
            }
        }
        this.sslProperties = properties;
        this.sslPropertiesFile = url.toString();
    }

    public void getSSLComponentTagValues(Profile profile, SSLTag sSLTag) throws IOException {
        if (this.sslDebug && this.sslClientTestPort != 0) {
            sSLTag.setTargetSupports((short) 4);
            sSLTag.setTargetRequires((short) 4);
            sSLTag.setSSLPort(this.sslClientTestPort);
            return;
        }
        byte[] taggedComponent = profile.getTaggedComponent(20);
        try {
            CDRInputStream cDRInputStream = new CDRInputStream(null, taggedComponent, taggedComponent.length);
            cDRInputStream.consumeEndian();
            sSLTag.setTargetSupports(cDRInputStream.read_short());
            sSLTag.setTargetRequires(cDRInputStream.read_short());
            sSLTag.setSSLPort(cDRInputStream.read_short());
        } catch (SystemException e) {
            if (this.sslDebug) {
                System.out.println("SSLSecurity.getSSLComponentTagValues - Exception while reading SSL component tag");
            }
            throw e;
        }
    }

    public int getSSLPort(Profile profile) {
        SSLTag sSLTag = new SSLTag();
        try {
            getSSLComponentTagValues(profile, sSLTag);
            return sSLTag.getSSLPort();
        } catch (Exception e) {
            return 0;
        }
    }

    public String modifyCiphersWithAssocOpt(short s, String[] strArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (String str : strArr) {
            if ((s & 1) != 0 && str.indexOf("WITH_NULL_NULL") != -1) {
                stringBuffer.append(str);
                stringBuffer.append(" ");
            } else if ((s & 2) != 0 && str.indexOf("WITH_NULL") != -1) {
                stringBuffer.append(str);
                stringBuffer.append(" ");
            } else if ((s & 4) != 0) {
                stringBuffer.append(str);
                stringBuffer.append(" ");
            }
        }
        return stringBuffer.toString();
    }

    public void addProperty(String str, String str2) {
        this.sslProperties.setProperty(str, str2);
    }

    public void setProperties(Properties properties) {
        if (properties != null) {
            this.sslProperties = properties;
        }
    }

    public Properties getProperties() {
        return this.sslProperties;
    }

    public void setPropertiesFile(String str) throws SystemException {
        try {
            readPropertiesFile(str);
        } catch (MalformedURLException e) {
            if (this.sslDebug) {
                System.out.println(new StringBuffer().append(" SSLSecurity.setPropertiesFile - MalformedURLException, URL was ").append(str).toString());
            }
            throw new INTERNAL();
        } catch (IOException e2) {
            if (this.sslDebug) {
                System.out.println(" SSLSecurity.setPropertiesFile - IOException");
            }
            throw new INTERNAL();
        }
    }

    public String getPropertiesFile() {
        return this.sslPropertiesFile;
    }
}
