package com.ibm.ws.wspolicy.acquisition;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ejs.ras.TraceNLS;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.policyset.runtime.PolicySetConfiguration;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.websvcs.transport.common.TransportConstants;
import com.ibm.ws.wspolicy.TraceAndMessageConstants;
import com.ibm.ws.wspolicy.WSPolicyInternalException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;

/* loaded from: input_file:com/ibm/ws/wspolicy/acquisition/SSLHelper.class */
public final class SSLHelper {
    private static final TraceComponent TRACE_COMPONENT = Tr.register(SSLHelper.class, TraceAndMessageConstants.COMPONENT, "com.ibm.ws.wspolicy.resources.CWPOLMessages");
    private static final TraceNLS nls = TraceNLS.getTraceNLS("com.ibm.ws.wspolicy.resources.CWPOLMessages");
    private static final JSSEHelper _jhlpr = JSSEHelper.getInstance();

    public static Properties setupSSLForRequest(PolicySetConfiguration policySetConfiguration, String str, String str2) throws SSLException, MalformedURLException, WSPolicyInternalException {
        Properties obtainBindingPropertiesForType;
        if (TraceComponent.isAnyTracingEnabled() && TRACE_COMPONENT.isEntryEnabled()) {
            Tr.entry(TRACE_COMPONENT, "setupSSLForRequest", new Object[]{policySetConfiguration, str, str2});
        }
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        if (policySetConfiguration != null) {
            Properties obtainPropertiesForType = obtainPropertiesForType(policySetConfiguration, TransportConstants.SSL_POLICY_KEY);
            boolean z = (obtainPropertiesForType == null || obtainPropertiesForType.isEmpty()) ? false : true;
            if (TraceComponent.isAnyTracingEnabled() && TRACE_COMPONENT.isDebugEnabled()) {
                Tr.debug(TRACE_COMPONENT, "setupSSLForRequest ssl exists ", new Object[]{Boolean.valueOf(z)});
            }
            if (z) {
                Properties obtainBindingPropertiesForType2 = obtainBindingPropertiesForType(policySetConfiguration, TransportConstants.SSL_BINDING_KEY);
                if (TraceComponent.isAnyTracingEnabled() && TRACE_COMPONENT.isDebugEnabled()) {
                    Tr.debug(TRACE_COMPONENT, "setupSSLForRequest ssl binding", new Object[]{obtainBindingPropertiesForType2});
                }
                if (obtainBindingPropertiesForType2 != null) {
                    str3 = (String) obtainBindingPropertiesForType2.get(TransportConstants.OUT_REQ_SSL_ALIAS);
                    str4 = (String) obtainBindingPropertiesForType2.get(TransportConstants.OUT_REQ_SSL_FILE);
                    if (TraceComponent.isAnyTracingEnabled() && TRACE_COMPONENT.isDebugEnabled()) {
                        Tr.debug(TRACE_COMPONENT, "setupSSLForRequest sslAliasName", new Object[]{str3, str4});
                    }
                }
            }
            Properties obtainPropertiesForType2 = obtainPropertiesForType(policySetConfiguration, TransportConstants.HTTP_POLICY_KEY);
            if (((obtainPropertiesForType2 == null || obtainPropertiesForType2.isEmpty()) ? false : true) && (obtainBindingPropertiesForType = obtainBindingPropertiesForType(policySetConfiguration, TransportConstants.HTTP_BINDING_KEY)) != null) {
                str5 = (String) obtainBindingPropertiesForType.get(TransportConstants.OUT_REQ_PROXY_HOST);
                str6 = (String) obtainBindingPropertiesForType.get(TransportConstants.OUT_REQ_PROXY_PORT);
            }
        }
        if (str5 != null && !str5.equals("")) {
            if (TraceComponent.isAnyTracingEnabled() && TRACE_COMPONENT.isDebugEnabled()) {
                Tr.debug(TRACE_COMPONENT, "using proxy hostname ", new Object[]{str5});
            }
            str = str5;
        }
        if (str6 != null && !str6.equals("")) {
            if (TraceComponent.isAnyTracingEnabled() && TRACE_COMPONENT.isDebugEnabled()) {
                Tr.debug(TRACE_COMPONENT, "using proxy port ", new Object[]{str6});
            }
            str2 = str6;
        }
        try {
            final String str7 = str4;
            final String str8 = str3;
            final String str9 = str;
            final String str10 = str2;
            Properties properties = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction<Properties>() { // from class: com.ibm.ws.wspolicy.acquisition.SSLHelper.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Properties run() throws SSLException, MalformedURLException {
                    if (str7 != null && !str7.equals("")) {
                        URL url = new URL("file", "", str7);
                        if (TraceComponent.isAnyTracingEnabled() && SSLHelper.TRACE_COMPONENT.isDebugEnabled()) {
                            Tr.debug(SSLHelper.TRACE_COMPONENT, "loadSSLClientProps", url.toString());
                        }
                        SSLHelper._jhlpr.loadClientSSLPropertiesFromURL(url.toString(), false);
                    }
                    return SSLHelper.setupSSLOnThreadPreferred(str8, SSLHelper.getConnectionInfo(str9, str10));
                }
            });
            if (TraceComponent.isAnyTracingEnabled() && TRACE_COMPONENT.isEntryEnabled()) {
                Tr.exit(TRACE_COMPONENT, "setupSSLForRequest", properties);
            }
            return properties;
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            FFDCFilter.processException(e, "com.ibm.ws.wspolicy.acquisition.SSLHelper.setupSSLForRequest", "178");
            if (TraceComponent.isAnyTracingEnabled() && TRACE_COMPONENT.isEntryEnabled()) {
                Tr.exit(TRACE_COMPONENT, "setupSSLForRequest", exception);
            }
            if (exception instanceof SSLException) {
                throw ((SSLException) exception);
            }
            if (exception instanceof MalformedURLException) {
                throw ((MalformedURLException) exception);
            }
            throw new WSPolicyInternalException(exception);
        }
    }

    public static void teardownSSLForRequest(final Properties properties) {
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wspolicy.acquisition.SSLHelper.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                SSLHelper._jhlpr.setSSLPropertiesOnThread(properties);
                return null;
            }
        });
    }

    private static Properties obtainPropertiesForType(PolicySetConfiguration policySetConfiguration, String str) {
        Object policyTypeConfiguration;
        if (policySetConfiguration == null || (policyTypeConfiguration = policySetConfiguration.getPolicyTypeConfiguration(str)) == null || !(policyTypeConfiguration instanceof Properties)) {
            return null;
        }
        return (Properties) policyTypeConfiguration;
    }

    private static Properties obtainBindingPropertiesForType(PolicySetConfiguration policySetConfiguration, String str) {
        Object policyTypeBinding;
        if (policySetConfiguration == null || (policyTypeBinding = policySetConfiguration.getPolicyTypeBinding(str)) == null || !(policyTypeBinding instanceof Properties)) {
            return null;
        }
        return (Properties) policyTypeBinding;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Properties setupSSLOnThreadPreferred(String str, Map<String, String> map) throws SSLException {
        Properties properties;
        Properties sSLPropertiesOnThread = _jhlpr.getSSLPropertiesOnThread();
        if (str == null || str.equals("")) {
            Properties properties2 = _jhlpr.getProperties(null, map, null);
            if (properties2 == null) {
                properties2 = getDefaultSystemAlias(map);
            }
            properties = properties2;
        } else {
            Properties properties3 = _jhlpr.getProperties(str);
            if (properties3 == null) {
                throw new SSLException(nls.getFormattedMessage("CWPOL7000", new Object[]{map.toString(), str}, "No Secure Sockets Layer (SSL) configuration is available for the {0} endpoint.  The SSL Alias that failed to resolve was {1}."));
            }
            properties = properties3;
        }
        if (properties != null) {
            _jhlpr.setSSLPropertiesOnThread(properties);
        }
        return sSLPropertiesOnThread;
    }

    private static Properties getDefaultSystemAlias(Map<String, String> map) throws SSLException {
        return _jhlpr.getProperties(Constants.DEFAULT_SYSTEM_ALIAS, map, null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Map<String, String> getConnectionInfo(String str, String str2) {
        HashMap hashMap = null;
        if (0 == 0) {
            hashMap = new HashMap();
            hashMap.put("com.ibm.ssl.direction", "outbound");
            hashMap.put("com.ibm.ssl.endPointName", "HTTP");
            hashMap.put("com.ibm.ssl.remoteHost", str);
            hashMap.put("com.ibm.ssl.remotePort", str2);
        }
        return hashMap;
    }
}
