package com.ibm.ws.ssl.core;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.wsspi.ssl.KeyManagerExtendedInfo;
import java.io.BufferedReader;
import java.io.FileReader;
import java.net.Socket;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.Properties;
import javax.net.ssl.X509KeyManager;
import org.apache.axis2.jaxws.description.builder.MDQConstants;

/* loaded from: input_file:com/ibm/ws/ssl/core/CertMappingKeyManager.class */
public class CertMappingKeyManager implements X509KeyManager, KeyManagerExtendedInfo {
    public static final String PROTOCOL_HTTPS_CERT_MAPPING_FILE = "com.ibm.ssl.cert.mapping.file";
    public static final String PROTOCOL_HTTPS_CERT_DEFAULT_LABEL = "com.ibm.ssl.cert.default.label";
    private static final String PROTOCOL_HTTPS_CERT_TAG = "SSLServerCert";
    private static final String SINGLE_QUOTE_STRING = "'";
    private Properties certMapping;
    private Properties customProperties;
    private String certDefaultLabel;
    private X509KeyManager defaultX509KeyManager;
    private Map connectionInfo;
    private static final TraceComponent tc = Tr.register(CertMappingKeyManager.class, "SSL", "com.ibm.ws.ssl.resources.ssl");
    private static final char[] DOUBLE_QUOTE = {'\"'};
    private static final String DOUBLE_QUOTE_STRING = new String(DOUBLE_QUOTE);

    public CertMappingKeyManager() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, MDQConstants.CONSTRUCTOR_METHOD);
        }
        this.certMapping = new Properties();
        this.certDefaultLabel = null;
        this.defaultX509KeyManager = null;
        parseSSLCertFile();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, MDQConstants.CONSTRUCTOR_METHOD);
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return (String[]) this.certMapping.values().toArray(new String[0]);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "chooseServerAlias", new Object[]{str, principalArr, socket});
        }
        String str2 = null;
        Map inboundConnectionInfo = JSSEHelper.getInstance().getInboundConnectionInfo();
        if (inboundConnectionInfo != null) {
            str2 = this.certMapping.getProperty((String) inboundConnectionInfo.get(JSSEHelper.CONNECTION_INFO_CERT_MAPPING_HOST), this.certDefaultLabel);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "chooseServerAlias", str2);
        }
        return str2;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return null;
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setCustomProperties(Properties properties) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setCustomProperties", properties);
        }
        this.customProperties = properties;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setCustomProperties");
        }
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setSSLConfig(Properties properties) {
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setDefaultX509KeyManager(X509KeyManager x509KeyManager) {
        this.defaultX509KeyManager = x509KeyManager;
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setKeyStore(KeyStore keyStore) {
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setKeyStoreServerAlias(String str) {
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setKeyStoreClientAlias(String str) {
    }

    public String getProperty(String str) {
        String str2 = null;
        if (this.customProperties != null) {
            str2 = this.customProperties.getProperty(str);
        }
        if (str2 == null) {
            str2 = System.getProperty(str);
        }
        if (str2 == null) {
            str2 = SSLConfigManager.getInstance().getGlobalProperty(str);
        }
        return str2;
    }

    private void parseSSLCertFile() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "parseSSLCertFile");
        }
        this.certDefaultLabel = getProperty(PROTOCOL_HTTPS_CERT_DEFAULT_LABEL);
        try {
            String property = getProperty(PROTOCOL_HTTPS_CERT_MAPPING_FILE);
            if (property != null && !property.equals("")) {
                BufferedReader bufferedReader = new BufferedReader(new FileReader(property));
                for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                    extractSSLServerCert(readLine.trim());
                }
            }
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "The following exception occurred in parseSSLCertFile().", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.ws.ssl.core.CustomX509KeyManager.getProperties", "280", this);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "parseSSLCertFile");
        }
    }

    private void extractSSLServerCert(String str) {
        String trim;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "extractSSLServerCert", str);
        }
        if (str.startsWith(PROTOCOL_HTTPS_CERT_TAG)) {
            String trim2 = str.substring(PROTOCOL_HTTPS_CERT_TAG.length()).trim();
            if (trim2.startsWith(SINGLE_QUOTE_STRING) || trim2.startsWith(DOUBLE_QUOTE_STRING)) {
                char charAt = trim2.charAt(0);
                String substring = trim2.substring(1, trim2.lastIndexOf(charAt));
                if (substring != null && substring.length() != 0 && (trim = trim2.substring(trim2.lastIndexOf(charAt) + 1).trim()) != null && trim.length() != 0) {
                    this.certMapping.setProperty(trim, substring);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "extractSSLServerCert");
        }
    }
}
