package com.ibm.websphere.ssl;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.websphere.security.WebSphereRuntimePermission;
import com.ibm.ws.security.util.SASPropFile;
import com.ibm.ws.ssl.JSSEProviderFactory;
import com.ibm.ws.ssl.config.FIPSUtils;
import com.ibm.ws.ssl.config.ManagementScopeManager;
import com.ibm.ws.ssl.config.SSLConfig;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.ssl.config.ThreadManager;
import com.ibm.ws.ssl.core.TraceNLSHelper;
import java.net.URLStreamHandler;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: input_file:com/ibm/websphere/ssl/JSSEHelper.class */
public class JSSEHelper {
    private static final TraceComponent tc = Tr.register(JSSEHelper.class, SSLSocketFactory.SSL, "com.ibm.ws.ssl.resources.ssl");
    private static JSSEHelper thisClass = null;
    private static final WebSphereRuntimePermission GET_SSLCONFIG = new WebSphereRuntimePermission("getSSLConfig");
    private static final WebSphereRuntimePermission SET_SSLCONFIG = new WebSphereRuntimePermission("setSSLConfig");
    public static final String DIRECTION_INBOUND = "inbound";
    public static final String DIRECTION_OUTBOUND = "outbound";
    public static final String DIRECTION_UNKNOWN = "unknown";
    public static final String ENDPOINT_IIOP = "IIOP";
    public static final String ENDPOINT_HTTP = "HTTP";
    public static final String ENDPOINT_SIP = "SIP";
    public static final String ENDPOINT_JMS = "JMS";
    public static final String ENDPOINT_BUS_CLIENT = "BUS_CLIENT";
    public static final String ENDPOINT_BUS_TO_WEBSPHERE_MQ = "BUS_TO_WEBSPHERE_MQ";
    public static final String ENDPOINT_BUS_TO_BUS = "BUS_TO_BUS";
    public static final String ENDPOINT_CLIENT_TO_WEBSPHERE_MQ = "CLIENT_TO_WEBSPHERE_MQ";
    public static final String ENDPOINT_LDAP = "LDAP";
    public static final String ENDPOINT_ADMIN_SOAP = "ADMIN_SOAP";
    public static final String ENDPOINT_ADMIN_IPC = "ADMIN_IPC";
    public static final String CONNECTION_INFO_DIRECTION = "com.ibm.ssl.direction";
    public static final String CONNECTION_INFO_ENDPOINT_NAME = "com.ibm.ssl.endPointName";
    public static final String CONNECTION_INFO_REMOTE_HOST = "com.ibm.ssl.remoteHost";
    public static final String CONNECTION_INFO_REMOTE_PORT = "com.ibm.ssl.remotePort";
    public static final String CONNECTION_INFO_CERT_MAPPING_HOST = "com.ibm.ssl.certMappingHost";
    public static final String CONNECTION_INFO_IS_WEB_CONTAINER_INBOUND = "com.ibm.ssl.isWebContainerInbound";
    public static final int SECURITY_MODE_FIPS_DISABLED = 0;
    public static final int SECURITY_MODE_FIPS_140_2 = 1;
    public static final int SECURITY_MODE_SP_800_131_TRANSITION = 2;
    public static final int SECURITY_MODE_SP_800_131_STRICT = 3;
    public static final int SECURITY_MODE_SUITE_B_128 = 4;
    public static final int SECURITY_MODE_SUITE_B_192 = 5;

    public static JSSEHelper getInstance() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getInstance");
        }
        if (thisClass == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Creating new instance of JSSEHelper.");
            }
            thisClass = new JSSEHelper();
            if (!SSLConfigManager.getInstance().isServerProcess()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Attempting to initialize client configuration, if not already done.");
                }
                SSLConfigManager.getInstance().initializeClientSSL();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getInstance", thisClass);
        }
        return thisClass;
    }

    public void setSSLPropertiesOnThread(Properties properties) {
        String property;
        SSLConfig sSLConfig;
        if (tc.isEntryEnabled()) {
            String str = "Clearing thread properties.";
            if (properties != null) {
                str = (properties == null || properties.getProperty("com.ibm.ssl.alias") == null) ? "Setting thread properties: " + properties.toString() : "Setting thread properties: " + properties.getProperty("com.ibm.ssl.alias");
            }
            Tr.entry(tc, "setSSLPropertiesOnThread", new Object[]{str});
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SET_SSLCONFIG.toString());
            }
            securityManager.checkPermission(SET_SSLCONFIG);
        }
        if (properties != null && (property = properties.getProperty("com.ibm.ssl.alias")) != null && SSLConfigManager.getInstance().getSSLConfig(property) == null && (sSLConfig = new SSLConfig(properties)) != null) {
            try {
                SSLConfigManager.getInstance().addSSLConfigToMap(property, sSLConfig);
            } catch (Exception e) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "The following exception occurred in setSSLPropertiesOnThread().", new Object[]{e});
                }
                Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.setSSLPropertiesOnThread", "303", this);
            }
        }
        ThreadManager.getInstance().setPropertiesOnThread(properties);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setSSLPropertiesOnThread");
        }
    }

    public Properties getSSLPropertiesOnThread() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLPropertiesOnThread");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + GET_SSLCONFIG.toString());
            }
            securityManager.checkPermission(GET_SSLCONFIG);
        }
        Properties propertiesOnThread = ThreadManager.getInstance().getPropertiesOnThread();
        if (tc.isEntryEnabled()) {
            String str = "Thread properties are NULL.";
            if (propertiesOnThread != null) {
                str = (propertiesOnThread == null || propertiesOnThread.getProperty("com.ibm.ssl.alias") == null) ? "Found thread properties: " + propertiesOnThread.toString() : "Found thread properties: " + propertiesOnThread.getProperty("com.ibm.ssl.alias");
            }
            Tr.entry(tc, "getSSLPropertiesOnThread", new Object[]{str});
        }
        return propertiesOnThread;
    }

    public Properties getProperties(String str) throws SSLException {
        Properties properties;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getProperties", new Object[]{str});
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + GET_SSLCONFIG.toString());
            }
            securityManager.checkPermission(GET_SSLCONFIG);
        }
        if (str != null) {
            try {
                if (str.length() > 0 && (properties = SSLConfigManager.getInstance().getProperties(str)) != null) {
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "getProperties -> direct");
                    }
                    return properties;
                }
            } catch (Exception e) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "The following exception occurred in getProperties().", new Object[]{e});
                }
                Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getProperties", "408", this);
                if (e instanceof SSLException) {
                    throw ((SSLException) e);
                }
                throw new SSLException(e);
            }
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getProperties -> null");
        return null;
    }

    public SSLContext getSSLContext(Map map, Properties properties) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLContext", new Object[]{map});
        }
        if (properties == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SSL client config properties are missing. The property 'com.ibm.SSL.ConfigURL' may not be set properly.");
            }
            throw new SSLException(TraceNLSHelper.getInstance().getString("ssl.no.properties.error.CWPKI0315E", "SSL configuration properites are null. Could be a problem parsing the SSL client configuraton."));
        }
        SSLConfig sSLConfig = new SSLConfig(properties);
        String property = properties.getProperty(SASPropFile.CONTEXT_PROVIDER);
        if (property == null) {
            property = "IBMJSSE2";
        }
        try {
            SSLContext sSLContext = JSSEProviderFactory.getInstance(property).getSSLContext(map, sSLConfig);
            if (sSLContext == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "The SSLContext is null.  Throwing exception.");
                }
                throw new SSLException("The SSLContext returned is null.  Validate the Properties passed in.");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLContext");
            }
            return sSLContext;
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred getting the SSLContext.", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getSSLContext", "452", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e.getMessage(), e);
        }
    }

    public URLStreamHandler getURLStreamHandler(Properties properties) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getURLStreamHandler");
        }
        try {
            SSLConfig sSLConfig = new SSLConfig(properties);
            String property = sSLConfig.getProperty(SASPropFile.CONTEXT_PROVIDER);
            if (property == null) {
                property = "IBMJSSE2";
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getURLStreamHandler");
            }
            return JSSEProviderFactory.getInstance(property).getURLStreamHandler(sSLConfig);
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred getting the SSLContext.", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getSSLContext", "495", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e.getMessage(), e);
        }
    }

    public SSLServerSocketFactory getSSLServerSocketFactory(Properties properties) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLServerSocketFactory");
        }
        try {
            SSLConfig sSLConfig = new SSLConfig(properties);
            String property = sSLConfig.getProperty(SASPropFile.CONTEXT_PROVIDER);
            if (property == null) {
                property = "IBMJSSE2";
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLServerSocketFactory");
            }
            return JSSEProviderFactory.getInstance(property).getSSLServerSocketFactory(sSLConfig);
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred in getSSLServerSocketFactory().", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getSSLServerSocketFactory", "538", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e);
        }
    }

    public javax.net.ssl.SSLSocketFactory getSSLSocketFactory(Map map, Properties properties) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLSocketFactory");
        }
        try {
            SSLConfig sSLConfig = new SSLConfig(properties);
            String property = sSLConfig.getProperty(SASPropFile.CONTEXT_PROVIDER);
            if (property == null) {
                property = "IBMJSSE2";
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLSocketFactory");
            }
            return JSSEProviderFactory.getInstance(property).getSSLSocketFactory(map, sSLConfig);
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred in getSSLSocketFactory().", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getSSLSocketFactory", "579", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e);
        }
    }

    public SSLContext getSSLContext(String str, Map map, SSLConfigChangeListener sSLConfigChangeListener) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLContext", new Object[]{str, map, sSLConfigChangeListener});
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + GET_SSLCONFIG.toString());
            }
            securityManager.checkPermission(GET_SSLCONFIG);
        }
        try {
            SSLConfig sSLConfig = (SSLConfig) getProperties(str, map, sSLConfigChangeListener);
            if (sSLConfig == null) {
                throw new SSLException("SSLContext could not be created due to null SSL properties.");
            }
            String property = sSLConfig.getProperty(SASPropFile.CONTEXT_PROVIDER);
            if (property == null) {
                property = "IBMJSSE2";
            }
            SSLContext sSLContext = JSSEProviderFactory.getInstance(property).getSSLContext(map, sSLConfig);
            if (sSLContext == null) {
                throw new SSLException("SSLContext could not be created from specified SSL properties.");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLContext");
            }
            return sSLContext;
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred in getSSLContext().", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getSSLContext", "704", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e);
        }
    }

    public URLStreamHandler getURLStreamHandler(String str, Map map, SSLConfigChangeListener sSLConfigChangeListener) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getURLStreamHandler", new Object[]{str, map, sSLConfigChangeListener});
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + GET_SSLCONFIG.toString());
            }
            securityManager.checkPermission(GET_SSLCONFIG);
        }
        try {
            Properties properties = getProperties(str, map, sSLConfigChangeListener);
            String str2 = "IBMJSSE2";
            if (properties != null) {
                str2 = properties.getProperty(SASPropFile.CONTEXT_PROVIDER);
                if (str2 == null) {
                    str2 = "IBMJSSE2";
                }
            }
            URLStreamHandler uRLStreamHandler = JSSEProviderFactory.getInstance(str2).getURLStreamHandler((SSLConfig) properties);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getURLStreamHandler");
            }
            return uRLStreamHandler;
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred in getURLStreamHandler().", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getURLStreamHandler", "766", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e);
        }
    }

    public javax.net.ssl.SSLSocketFactory getSSLSocketFactory(String str, Map map, SSLConfigChangeListener sSLConfigChangeListener) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLSocketFactory", new Object[]{str, map, sSLConfigChangeListener});
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + GET_SSLCONFIG.toString());
            }
            securityManager.checkPermission(GET_SSLCONFIG);
        }
        try {
            SSLConfig sSLConfig = (SSLConfig) getProperties(str, map, sSLConfigChangeListener);
            String property = sSLConfig.getProperty(SASPropFile.CONTEXT_PROVIDER);
            if (property == null) {
                property = "IBMJSSE2";
            }
            javax.net.ssl.SSLSocketFactory sSLSocketFactory = JSSEProviderFactory.getInstance(property).getSSLSocketFactory(map, sSLConfig);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLSocketFactory");
            }
            return sSLSocketFactory;
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred in getSSLSocketFactory().", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getSSLSocketFactory", "825", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e);
        }
    }

    public SSLServerSocketFactory getSSLServerSocketFactory(String str, Map map, SSLConfigChangeListener sSLConfigChangeListener) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLServerSocketFactory", new Object[]{str, map, sSLConfigChangeListener});
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + GET_SSLCONFIG.toString());
            }
            securityManager.checkPermission(GET_SSLCONFIG);
        }
        try {
            SSLConfig sSLConfig = (SSLConfig) getProperties(str, map, sSLConfigChangeListener);
            String property = sSLConfig.getProperty(SASPropFile.CONTEXT_PROVIDER);
            if (property == null) {
                property = "IBMJSSE2";
            }
            SSLServerSocketFactory sSLServerSocketFactory = JSSEProviderFactory.getInstance(property).getSSLServerSocketFactory(sSLConfig);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSSLServerSocketFactory");
            }
            return sSLServerSocketFactory;
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred in getSSLServerSocketFactory().", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getSSLServerSocketFactory", "883", this);
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e);
        }
    }

    public Properties getProperties(String str, Map map, SSLConfigChangeListener sSLConfigChangeListener) throws SSLException {
        String configAndCertAliasesFromGroups;
        Properties properties;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getProperties", new Object[]{str, map, sSLConfigChangeListener});
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + GET_SSLCONFIG.toString());
            }
            securityManager.checkPermission(GET_SSLCONFIG);
        }
        String str2 = null;
        if (map != null) {
            try {
                str2 = (String) map.get(CONNECTION_INFO_DIRECTION);
            } catch (Exception e) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "The following exception occurred in getSSLContext().", new Object[]{e});
                }
                Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.getSSLContext", "1059", this);
                throw new SSLException(e);
            }
        }
        Properties sSLPropertiesOnThread = getSSLPropertiesOnThread();
        if (sSLPropertiesOnThread != null && str2 != null && str2.equals(DIRECTION_OUTBOUND)) {
            SSLConfig sSLConfig = new SSLConfig(sSLPropertiesOnThread);
            if (sSLConfigChangeListener != null) {
                String property = sSLConfig.getProperty("com.ibm.ssl.alias");
                if (property == null) {
                    property = str;
                }
                registerEvent(sSLConfigChangeListener, property, sSLConfig, "thread", map);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getProperties -> programmatic");
            }
            return sSLConfig;
        }
        SSLConfig sSLConfig2 = (SSLConfig) SSLConfigManager.getInstance().getPropertiesFromDynamicSelectionInfo(map);
        if (sSLConfig2 != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getProperties -> dynamic");
            }
            if (sSLConfigChangeListener != null) {
                String property2 = sSLConfig2.getProperty("com.ibm.ssl.alias");
                if (property2 == null) {
                    property2 = str;
                }
                registerEvent(sSLConfigChangeListener, property2, sSLConfig2, "dynamic", map);
            }
            return sSLConfig2;
        }
        if (str != null && str.length() > 0 && (properties = SSLConfigManager.getInstance().getProperties(str)) != null) {
            Properties determineIfCSIv2SettingsApply = SSLConfigManager.getInstance().determineIfCSIv2SettingsApply(properties, map);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getProperties -> direct");
            }
            if (sSLConfigChangeListener != null) {
                registerEvent(sSLConfigChangeListener, str, determineIfCSIv2SettingsApply, "direct", map);
            }
            return determineIfCSIv2SettingsApply;
        }
        if (SSLConfigManager.getInstance().isServerProcess() && (configAndCertAliasesFromGroups = ManagementScopeManager.getInstance().getConfigAndCertAliasesFromGroups(map)) != null) {
            String str3 = null;
            String str4 = null;
            StringTokenizer stringTokenizer = new StringTokenizer(configAndCertAliasesFromGroups, ",");
            String[] strArr = new String[stringTokenizer.countTokens()];
            int i = 0;
            while (stringTokenizer.hasMoreTokens()) {
                int i2 = i;
                i++;
                strArr[i2] = stringTokenizer.nextToken();
            }
            if (strArr != null && strArr.length == 2) {
                str3 = strArr[0];
                str4 = strArr[1];
            } else if (strArr != null && strArr.length == 1) {
                str3 = strArr[0];
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "configAlias: " + str3 + ", certAlias: " + str4);
            }
            if (str3 != null) {
                Properties properties2 = SSLConfigManager.getInstance().getProperties(str3);
                if (properties2 != null) {
                    if (str4 != null) {
                        properties2 = (Properties) properties2.clone();
                    }
                    if (str4 == null || map == null) {
                        if (str4 != null) {
                            properties2.setProperty(SASPropFile.SERVER_KEY_ALIAS, str4);
                            properties2.setProperty(SASPropFile.CLIENT_KEY_ALIAS, str4);
                        }
                    } else if (str2 != null && str2.equals(DIRECTION_INBOUND)) {
                        properties2.setProperty(SASPropFile.SERVER_KEY_ALIAS, str4);
                    } else if (str2 != null && str2.equals(DIRECTION_OUTBOUND)) {
                        properties2.setProperty(SASPropFile.CLIENT_KEY_ALIAS, str4);
                    }
                    Properties determineIfCSIv2SettingsApply2 = SSLConfigManager.getInstance().determineIfCSIv2SettingsApply(properties2, map);
                    if (sSLConfigChangeListener != null) {
                        registerEvent(sSLConfigChangeListener, str3, determineIfCSIv2SettingsApply2, "scoped", map);
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "getProperties -> group");
                    }
                    return determineIfCSIv2SettingsApply2;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getProperties -> default");
        }
        return SSLConfigManager.getInstance().getDefaultSSLConfig();
    }

    private void registerEvent(SSLConfigChangeListener sSLConfigChangeListener, String str, Properties properties, String str2, Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "registerEvent", new Object[]{sSLConfigChangeListener, str, str2});
        }
        if (sSLConfigChangeListener != null) {
            SSLConfigManager.getInstance().registerSSLConfigChangeListener(sSLConfigChangeListener, new SSLConfigChangeEvent(str, properties, str2, map));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "registerEvent");
        }
    }

    public void registerSSLConfigChangeListener(String str, Map map, SSLConfigChangeListener sSLConfigChangeListener) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "registerSSLConfigChangeListener", new Object[]{str, map, sSLConfigChangeListener});
        }
        getProperties(str, map, sSLConfigChangeListener);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "registerSSLConfigChangeListener");
        }
    }

    public void deregisterSSLConfigChangeListener(SSLConfigChangeListener sSLConfigChangeListener) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "deregisterSSLConfigChangeListener", new Object[]{sSLConfigChangeListener});
        }
        SSLConfigManager.getInstance().deregisterSSLConfigChangeListener(sSLConfigChangeListener);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "deregisterSSLConfigChangeListener");
        }
    }

    public boolean doesSSLConfigExist(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "doesSSLConfigExist", new Object[]{str});
        }
        if (str == null) {
            throw new IllegalArgumentException("sslAliasName is null.");
        }
        boolean z = false;
        if (SSLConfigManager.getInstance().getProperties(str) != null) {
            z = true;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "doesSSLConfigExist -> " + z);
        }
        return z;
    }

    public void loadClientSSLPropertiesFromURL(String str, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "parseClientSSLPropertiesURL", new Object[]{str});
        }
        if (str == null) {
            throw new IllegalArgumentException("configURL is null.");
        }
        if (str != null && str.indexOf("soap.client.props") != -1) {
            SSLConfigManager.getInstance().parseConfigURL(ENDPOINT_ADMIN_SOAP, str, z);
        } else if (str == null || str.indexOf("sas.client.props") == -1) {
            SSLConfigManager.getInstance().parseSSLConfigURL(str, z);
        } else {
            SSLConfigManager.getInstance().parseConfigURL(ENDPOINT_IIOP, str, z);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "parseClientSSLPropertiesURL");
        }
    }

    public void reinitializeClientDefaultSSLProperties() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "reinitializeClientDefaultSSLProperties");
        }
        SSLConfigManager.getInstance().reinitializeClientSSL();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "reinitializeClientDefaultSSLProperties");
        }
    }

    public void validateSSLProperties(Properties properties) throws SSLException {
        try {
            new SSLConfig(properties).validateSSLConfig();
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred validating the SSL properties.", new Object[]{e});
            }
            Manager.Ffdc.log(e, this, "com.ibm.websphere.ssl.JSSEHelper.validateSSLProperties", "1208", this);
            if (!(e instanceof SSLException)) {
                throw new SSLException(e.getMessage(), e);
            }
            throw ((SSLException) e);
        }
    }

    public Map getInboundConnectionInfo() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getInboundConnectionInfo");
        }
        Map inboundConnectionInfo = ThreadManager.getInstance().getInboundConnectionInfo();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getInboundConnectionInfo", inboundConnectionInfo);
        }
        return inboundConnectionInfo;
    }

    public void setInboundConnectionInfo(Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setInboundConnectionInfo", map);
        }
        ThreadManager.getInstance().setInboundConnectionInfo(map);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setInboundConnectionInfo");
        }
    }

    public Map getOutboundConnectionInfo() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOutboundConnectionInfo");
        }
        Map outboundConnectionInfo = ThreadManager.getInstance().getOutboundConnectionInfo();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOutboundConnectionInfo", outboundConnectionInfo);
        }
        return outboundConnectionInfo;
    }

    public void setOutboundConnectionInfo(Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setOutboundConnectionInfo", map);
        }
        ThreadManager.getInstance().setOutboundConnectionInfo(map);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setOutboundConnectionInfo");
        }
    }

    public int getFipsInfo() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFipsInfo");
        }
        int fipsSecurityMode = FIPSUtils.getFipsSecurityMode(FIPSUtils.checkFipsEnabled(), FIPSUtils.checkFipsLevel(), FIPSUtils.checkSuiteBLevel());
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getFipsInfo=" + fipsSecurityMode);
        }
        return fipsSecurityMode;
    }
}
