package oracle.cloudlogic.javaservice.common.clibase.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import oracle.cloudlogic.javaservice.common.clibase.CommandLine;
import oracle.cloudlogic.javaservice.common.clibase.CommandLineArg;
import oracle.cloudlogic.javaservice.common.clibase.CommonConstants;
import oracle.cloudlogic.javaservice.common.clibase.nls.NLSUtil;
import oracle.cloudlogic.javaservice.common.clibase.util.logger.Logger;

/* JADX WARN: Classes with same name are omitted:
  input_file:localextension.jar:oracle/cloudlogic/javaservice/common/clibase/util/SSLUtil.class
 */
/* loaded from: input_file:whitelist.jar:oracle/cloudlogic/javaservice/common/clibase/util/SSLUtil.class */
public class SSLUtil implements CommonConstants {
    static final HostnameVerifier ACCEPT_ALL_HOSTS = new HostnameVerifier() { // from class: oracle.cloudlogic.javaservice.common.clibase.util.SSLUtil.2
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            Logger.getDEFAULT().printlnWarningI18n(CommonConstants.NLS_WARN_ACCEPT_ALL_HOSTS, str);
            return true;
        }
    };
    static final TrustManager[] TRUST_MANAGERS_TRUSTING_ALL = {new X509TrustManager() { // from class: oracle.cloudlogic.javaservice.common.clibase.util.SSLUtil.1
        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            Logger.getDEFAULT().printlnWarningI18n(CommonConstants.NLS_WARN_TRUST_ALL_SERVER_CERT);
        }
    }};

    public static void setSSLWithoutKeystore(CommandLine commandLine) throws Exception {
        setSSLWithoutKeystore(commandLine, false);
    }

    public static void setSSLWithoutKeystore(CommandLine commandLine, boolean z) throws Exception {
        boolean valueAsBoolean = commandLine.getValueAsBoolean(CommonConstants.PARAM_SSL_ACCEPT_ALL_HOSTS);
        String argValue = commandLine.getArgValue(CommonConstants.PARAM_SSL_TRUSTSTORE_PWD, "");
        boolean valueAsBoolean2 = commandLine.getValueAsBoolean(CommonConstants.PARAM_SSL_TRUST_SERVER_CERT);
        CommandLineArg commandLineArg = commandLine.getArgs().get(CommonConstants.PARAM_SSL_TRUSTSTORE);
        CommandLineArg commandLineArg2 = commandLine.getArgs().get(CommonConstants.PARAM_SSL_TRUSTSTORE_PWD);
        String argValue2 = commandLine.getArgValue(CommonConstants.PARAM_SSL_TRUSTSTORE);
        if (valueAsBoolean2) {
            if (argValue2 != null) {
                Logger.getDEFAULT().printlnDebug("Ignoring argument:truststore");
            }
        } else {
            if (argValue2 == null) {
                throw new Exception("truststore must be provided when trustservercert is false. You can also specify -trustservercert to be true to trust any server this client is going to connect");
            }
            boolean z2 = (commandLineArg == null || argValue2.equals(commandLineArg.getOptionDefaltValue())) ? false : true;
            boolean z3 = (commandLineArg2 == null || argValue.equals(commandLineArg2.getOptionDefaltValue())) ? false : true;
            CloudUtil.validateInputFile(argValue2, CommonConstants.PARAM_SSL_TRUSTSTORE);
            if (z2 && !z3) {
                if (!z) {
                    Logger.getDEFAULT().printlnWarning("truststore is specified without a password.");
                } else if (commandLineArg2.prompt()) {
                    argValue = commandLineArg2.getOptionValue();
                }
            }
        }
        setSSLWithoutKeystore(argValue2, argValue, valueAsBoolean, valueAsBoolean2);
    }

    /* JADX WARN: Finally extract failed */
    public static void setSSLWithoutKeystore(String str, String str2, boolean z, boolean z2) throws Exception {
        TrustManager[] trustManagerArr;
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        if (z2) {
            trustManagerArr = TRUST_MANAGERS_TRUSTING_ALL;
        } else {
            FileInputStream fileInputStream = null;
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                fileInputStream = new FileInputStream(str);
                keyStore.load(fileInputStream, str2.toCharArray());
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                trustManagerFactory.init(keyStore);
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        }
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        sSLContext.init(null, trustManagerArr, new SecureRandom());
        setSunSSLContextAndDefaultHostVerifier(sSLContext, z);
    }

    public static void setSSL(CommandLine commandLine, InputStream inputStream, String str, String str2) throws Exception {
        TrustManager[] trustManagerArr;
        boolean valueAsBoolean = commandLine.getValueAsBoolean(CommonConstants.PARAM_SSL_ACCEPT_ALL_HOSTS);
        String argValue = commandLine.getArgValue(CommonConstants.PARAM_SSL_TRUSTSTORE_PWD, "");
        boolean valueAsBoolean2 = commandLine.getValueAsBoolean(CommonConstants.PARAM_SSL_TRUST_SERVER_CERT);
        String argValue2 = commandLine.getArgValue(CommonConstants.PARAM_SSL_TRUSTSTORE);
        if (valueAsBoolean2) {
            if (argValue2 != null) {
                Logger.getDEFAULT().printlnDebug("Ignoring argument:truststore");
            }
        } else {
            if (argValue2 == null) {
                throw new Exception("truststore must be provided when trustservercert is false. You can also specify -trustservercert to be true trust any server this client is going to connect");
            }
            CloudUtil.validateInputFile(argValue2, CommonConstants.PARAM_SSL_TRUSTSTORE);
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        if (keyManagerFactory == null) {
            throw new Exception("Unable to get KeyManagerFactory instance");
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        if (valueAsBoolean2) {
            trustManagerArr = TRUST_MANAGERS_TRUSTING_ALL;
        } else {
            FileInputStream fileInputStream = null;
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                fileInputStream = new FileInputStream(argValue2);
                keyStore.load(fileInputStream, argValue.toCharArray());
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                trustManagerFactory.init(keyStore);
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        }
        KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore2.load(inputStream, str.toCharArray());
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        keyManagerFactory.init(keyStore2, str2.toCharArray());
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerArr, new SecureRandom());
        setSunSSLContextAndDefaultHostVerifier(sSLContext, valueAsBoolean);
    }

    public static List<CommandLineArg> getSSLArguments() {
        ArrayList arrayList = new ArrayList();
        CommandLineArg commandLineArg = new CommandLineArg(CommonConstants.PARAM_SSL_ACCEPT_ALL_HOSTS, false, new CommandLineArg.BooleanOptionType(), NLSUtil.localizeMessage(CommonConstants.NLS_PARAM_SSL_ACCEPT_ALL_HOSTS));
        arrayList.add(commandLineArg);
        commandLineArg.setAdvancedOption(true);
        commandLineArg.setOptionDefaltValue("false");
        commandLineArg.setShortCut("ig");
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(CommandLineArg.FileExt.jks);
        CommandLineArg commandLineArg2 = new CommandLineArg(CommonConstants.PARAM_SSL_TRUST_SERVER_CERT, false, new CommandLineArg.BooleanOptionType(), NLSUtil.localizeMessage(CommonConstants.NLS_PARAM_SSL_TRUST_SERVER_CERT));
        commandLineArg2.setOptionDefaltValue("false");
        commandLineArg2.setAdvancedOption(true);
        commandLineArg2.setShortCut("tsc");
        arrayList.add(commandLineArg2);
        CommandLineArg commandLineArg3 = new CommandLineArg(CommonConstants.PARAM_SSL_TRUSTSTORE, false, new CommandLineArg.FileOptionType(CommandLineArg.CardinalityEnum.one, null, arrayList2, false, true), NLSUtil.localizeMessage(CommonConstants.NLS_PARAM_SSL_TRUST_STORE));
        arrayList.add(commandLineArg3);
        commandLineArg3.setAdvancedOption(true);
        commandLineArg3.setShortCut("ts");
        if (ProcessUtil.getENV_DEFAULT_JAVA_HOME() != null) {
            File file = new File(ProcessUtil.getENV_DEFAULT_JAVA_HOME(), "lib/security/cacerts");
            commandLineArg3.setOptionDefaltValue(file.exists() ? file.getAbsolutePath() : new File(ProcessUtil.getENV_DEFAULT_JAVA_HOME(), "jre/lib/security/cacerts").getAbsolutePath());
        }
        CommandLineArg commandLineArg4 = new CommandLineArg(CommonConstants.PARAM_SSL_TRUSTSTORE_PWD, false, new CommandLineArg.PasswordType(), "Only for SSL. The password for the truststore specified for truststore");
        commandLineArg4.setOptionDefaltValue("changeit");
        arrayList.add(commandLineArg4);
        commandLineArg4.setHidden(true);
        commandLineArg4.setAdvancedOption(true);
        commandLineArg4.setShortCut("tsp");
        return arrayList;
    }

    public static void setSunSSLContextAndDefaultHostVerifier(SSLContext sSLContext, boolean z) throws Exception {
        HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        if (z) {
            HttpsURLConnection.setDefaultHostnameVerifier(ACCEPT_ALL_HOSTS);
        }
    }
}
