package com.adobe.idp.dsc.internal.soap;

import com.adobe.idp.dsc.DSCError;
import com.adobe.idp.dsc.DSCRuntimeException;
import com.adobe.idp.dsc.clientsdk.ServiceClientFactoryProperties;
import com.adobe.idp.dsc.i18n.DSCMessageConstants;
import com.adobe.idp.dsc.spi.pkcs11.certListHandler.Pkcs11CertListCallbackHandler;
import com.adobe.idp.dsc.spi.pkcs11.certListHandler.impl.WindowsPkcs11CertListCallbackHandler;
import com.adobe.idp.taskmanager.dsc.client.task.TaskManagerConstants;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.Socket;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Properties;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/adobe/idp/dsc/internal/soap/AuthSSLProtocolSocketFactory.class */
public class AuthSSLProtocolSocketFactory implements SecureProtocolSocketFactory {
    private URL keystoreUrl;
    private String keystorePassword;
    private URL truststoreUrl;
    private String truststorePassword;
    private SSLContext sslcontext;
    private KeyManager keyManager;
    private TrustManager trustManager;
    private Provider pkcs11Provider;
    private String pkcs11ProviderNameSuffix;
    private String pkcs11LibraryPath;
    private Integer pkcs11SlotId;
    private String pkcs11Pin;
    private String pkcs11CertListCallbackClass;
    private String pkcs11SelectedAlias;
    private static final Log LOG = LogFactory.getLog(AuthSSLProtocolSocketFactory.class);
    private static String sunMSCAPIProviderName = "SunMSCAPI";
    private static String sunMSCAPIProviderClass = "sun.security.mscapi.SunMSCAPI";
    private static String ibmMSCAPIProviderName = "IBMCAC";
    private static String ibmMSCAPIProviderClass = "com.ibm.security.capi.IBMCAC";
    private static String sunPkcs11Class = "sun.security.pkcs11.SunPKCS11";
    private static String ibmPkcs11Class = "com.ibm.crypto.pkcs11impl.provider.IBMPKCS11Impl";
    private static String sunKeyStoreType = "PKCS11";
    private static String ibmKeyStoreType = "PKCS11IMPLKS";
    private static String winKeystoreName = "Windows-MY";
    private static String winTrustStoreName = "Windows-ROOT";
    private static String iaikProviderName = "IAIK";
    private static String javaVendor = System.getProperty("java.vendor");
    private static Double javaVersion = new Double(System.getProperty("java.version").substring(0, 3));
    private static String javaArch = System.getProperty("os.arch");

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/adobe/idp/dsc/internal/soap/AuthSSLProtocolSocketFactory$CustomPkcs11KeyManager.class */
    public class CustomPkcs11KeyManager implements X509KeyManager {
        private X509KeyManager defaultKeyManager;
        private String selectedAlias;
        private KeyStore keystore;

        public CustomPkcs11KeyManager(X509KeyManager x509KeyManager, String str, KeyStore keyStore) {
            this.keystore = null;
            this.defaultKeyManager = x509KeyManager;
            this.selectedAlias = str;
            this.keystore = keyStore;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            String str = null;
            try {
            } catch (KeyStoreException e) {
                AuthSSLProtocolSocketFactory.LOG.error(e);
            } catch (InvalidNameException e2) {
                AuthSSLProtocolSocketFactory.LOG.error(e2);
            }
            if (this.keystore.containsAlias(this.selectedAlias)) {
                return this.selectedAlias;
            }
            Enumeration<String> aliases = this.keystore.aliases();
            while (aliases.hasMoreElements()) {
                str = aliases.nextElement();
                for (Rdn rdn : new LdapName(((X509Certificate) this.keystore.getCertificate(str)).getSubjectX500Principal().getName()).getRdns()) {
                    if (rdn.getType().equalsIgnoreCase("CN") && ((String) rdn.getValue()).equalsIgnoreCase(this.selectedAlias)) {
                        return str;
                    }
                }
            }
            return str;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return this.defaultKeyManager.chooseServerAlias(str, principalArr, socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.defaultKeyManager.getCertificateChain(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.defaultKeyManager.getClientAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.defaultKeyManager.getPrivateKey(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.defaultKeyManager.getServerAliases(str, principalArr);
        }
    }

    /* loaded from: input_file:com/adobe/idp/dsc/internal/soap/AuthSSLProtocolSocketFactory$OSValidator.class */
    static class OSValidator {
        private static String OS = System.getProperty("os.name").toLowerCase();

        OSValidator() {
        }

        public static boolean isWindows() {
            return OS.indexOf("win") >= 0;
        }

        public static boolean isMac() {
            return OS.indexOf("mac") >= 0;
        }

        public static boolean isUnix() {
            return OS.indexOf("nix") >= 0 || OS.indexOf("nux") >= 0 || OS.indexOf("aix") > 0;
        }

        public static boolean isSolaris() {
            return OS.indexOf("sunos") >= 0;
        }
    }

    public AuthSSLProtocolSocketFactory(URL url, String str, URL url2, String str2) {
        this.keystoreUrl = null;
        this.keystorePassword = null;
        this.truststoreUrl = null;
        this.truststorePassword = null;
        this.sslcontext = null;
        this.keyManager = null;
        this.trustManager = null;
        this.pkcs11Provider = null;
        this.pkcs11ProviderNameSuffix = null;
        this.pkcs11LibraryPath = null;
        this.pkcs11SlotId = null;
        this.pkcs11Pin = null;
        this.pkcs11CertListCallbackClass = null;
        this.pkcs11SelectedAlias = null;
        this.keystoreUrl = url;
        this.keystorePassword = str;
        this.truststoreUrl = url2;
        this.truststorePassword = str2;
    }

    public AuthSSLProtocolSocketFactory(SSLContext sSLContext) {
        this.keystoreUrl = null;
        this.keystorePassword = null;
        this.truststoreUrl = null;
        this.truststorePassword = null;
        this.sslcontext = null;
        this.keyManager = null;
        this.trustManager = null;
        this.pkcs11Provider = null;
        this.pkcs11ProviderNameSuffix = null;
        this.pkcs11LibraryPath = null;
        this.pkcs11SlotId = null;
        this.pkcs11Pin = null;
        this.pkcs11CertListCallbackClass = null;
        this.pkcs11SelectedAlias = null;
        this.sslcontext = sSLContext;
    }

    public AuthSSLProtocolSocketFactory(KeyManager keyManager, TrustManager trustManager) {
        this.keystoreUrl = null;
        this.keystorePassword = null;
        this.truststoreUrl = null;
        this.truststorePassword = null;
        this.sslcontext = null;
        this.keyManager = null;
        this.trustManager = null;
        this.pkcs11Provider = null;
        this.pkcs11ProviderNameSuffix = null;
        this.pkcs11LibraryPath = null;
        this.pkcs11SlotId = null;
        this.pkcs11Pin = null;
        this.pkcs11CertListCallbackClass = null;
        this.pkcs11SelectedAlias = null;
        this.keyManager = keyManager;
        this.trustManager = trustManager;
    }

    public AuthSSLProtocolSocketFactory(String str, String str2, Integer num, String str3, URL url, String str4, String str5) {
        this.keystoreUrl = null;
        this.keystorePassword = null;
        this.truststoreUrl = null;
        this.truststorePassword = null;
        this.sslcontext = null;
        this.keyManager = null;
        this.trustManager = null;
        this.pkcs11Provider = null;
        this.pkcs11ProviderNameSuffix = null;
        this.pkcs11LibraryPath = null;
        this.pkcs11SlotId = null;
        this.pkcs11Pin = null;
        this.pkcs11CertListCallbackClass = null;
        this.pkcs11SelectedAlias = null;
        this.pkcs11ProviderNameSuffix = str;
        this.pkcs11LibraryPath = str2;
        this.pkcs11SlotId = num;
        this.pkcs11Pin = str3;
        this.truststoreUrl = url;
        this.truststorePassword = str4;
        this.pkcs11CertListCallbackClass = str5;
    }

    public AuthSSLProtocolSocketFactory(Properties properties) {
        this.keystoreUrl = null;
        this.keystorePassword = null;
        this.truststoreUrl = null;
        this.truststorePassword = null;
        this.sslcontext = null;
        this.keyManager = null;
        this.trustManager = null;
        this.pkcs11Provider = null;
        this.pkcs11ProviderNameSuffix = null;
        this.pkcs11LibraryPath = null;
        this.pkcs11SlotId = null;
        this.pkcs11Pin = null;
        this.pkcs11CertListCallbackClass = null;
        this.pkcs11SelectedAlias = null;
        boolean z = false;
        boolean z2 = false;
        String property = properties.getProperty(ServiceClientFactoryProperties.DSC_KEYSTORE_URL);
        String property2 = properties.getProperty(ServiceClientFactoryProperties.DSC_KEYSTORE_PASSWORD);
        String property3 = properties.getProperty(ServiceClientFactoryProperties.DSC_TRUSTSTORE_URL);
        String property4 = properties.getProperty(ServiceClientFactoryProperties.DSC_TRUSTSTORE_PASSWORD);
        KeyManager keyManager = (KeyManager) properties.get(ServiceClientFactoryProperties.KEY_MANAGER);
        TrustManager trustManager = (TrustManager) properties.get(ServiceClientFactoryProperties.TRUST_MANAGER);
        String property5 = properties.getProperty(ServiceClientFactoryProperties.DSC_PKCS11_PROVIDER_NAME);
        String property6 = properties.getProperty(ServiceClientFactoryProperties.DSC_PKCS11_LIBRARY_PATH);
        String property7 = properties.getProperty(ServiceClientFactoryProperties.DSC_PKCS11_SLOT_ID);
        String property8 = properties.getProperty(ServiceClientFactoryProperties.DSC_PKCS11_PIN);
        String property9 = properties.getProperty(ServiceClientFactoryProperties.DSC_PKCS11_CERT_LIST_CALLBACK_CLASS);
        if (property != null && property2 != null && property3 != null && property4 != null && !property.isEmpty() && !property2.isEmpty() && !property3.isEmpty() && !property4.isEmpty()) {
            try {
                this.keystoreUrl = new URL(property);
                this.keystorePassword = property2;
                this.truststoreUrl = new URL(property3);
                this.truststorePassword = property4;
                return;
            } catch (MalformedURLException e) {
                LOG.debug("Error during Authenticating " + e.getMessage());
                throw new DSCRuntimeException(e);
            }
        }
        if (keyManager != null && trustManager != null) {
            this.keyManager = keyManager;
            this.trustManager = trustManager;
            return;
        }
        if (property3 != null && !property3.isEmpty()) {
            try {
                this.truststoreUrl = new URL(property3);
                this.truststorePassword = property4;
                z = true;
            } catch (MalformedURLException e2) {
                LOG.debug("Error during Authenticating " + e2.getMessage());
                throw new DSCRuntimeException(e2);
            }
        }
        if (property != null && property2 != null && !property.isEmpty() && !property2.isEmpty()) {
            try {
                this.keystoreUrl = new URL(property);
                this.keystorePassword = property2;
                z2 = true;
            } catch (MalformedURLException e3) {
                LOG.debug("Error during Authenticating " + e3.getMessage());
                throw new DSCRuntimeException(e3);
            }
        } else if (property6 != null && property8 != null && !property6.isEmpty() && !property8.isEmpty()) {
            try {
                this.pkcs11LibraryPath = property6;
                this.pkcs11Pin = property8;
                if (property7 != null && !property7.isEmpty()) {
                    this.pkcs11SlotId = Integer.valueOf(Integer.parseInt(property7));
                }
                if (property5 != null && !property5.isEmpty()) {
                    this.pkcs11ProviderNameSuffix = property5;
                } else if (javaVendor.contains("Oracle")) {
                    this.pkcs11ProviderNameSuffix = "aem_sunpkcs11";
                } else {
                    this.pkcs11ProviderNameSuffix = "aem_ibmpkcs11";
                }
                z2 = true;
            } catch (NumberFormatException e4) {
                LOG.debug("Error during Authentication " + e4.getMessage());
                throw new DSCRuntimeException(e4);
            }
        }
        if (property9 != null && !property9.isEmpty()) {
            this.pkcs11CertListCallbackClass = property9;
        } else if (OSValidator.isWindows()) {
            this.pkcs11CertListCallbackClass = WindowsPkcs11CertListCallbackHandler.class.getCanonicalName();
        }
        if (OSValidator.isWindows()) {
            return;
        }
        if (!z || !z2) {
            throw new DSCRuntimeException(new DSCError(DSCMessageConstants.MAUTH_CREDENTIAL));
        }
    }

    private static KeyStore createKeyStore(URL url, String str) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (url == null) {
            throw new IllegalArgumentException("Keystore url may not be null");
        }
        LOG.debug("Initializing key store");
        KeyStore keyStore = KeyStore.getInstance("jks");
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(new File(url.getFile()));
                keyStore.load(fileInputStream, str != null ? str.toCharArray() : null);
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                return keyStore;
            } catch (FileNotFoundException e) {
                LOG.info("FileNotFoundException", e);
                throw e;
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private static KeyManager[] createKeyManagers(KeyStore keyStore, String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore may not be null");
        }
        LOG.debug("Initializing key manager");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, str != null ? str.toCharArray() : null);
        return keyManagerFactory.getKeyManagers();
    }

    private static TrustManager[] createTrustManagers(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException {
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore may not be null");
        }
        LOG.debug("Initializing trust manager");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                trustManagers[i] = new AuthSSLX509TrustManager((X509TrustManager) trustManagers[i]);
            }
        }
        return trustManagers;
    }

    private SSLContext createSSLContext() {
        if (this.keyManager != null && this.trustManager != null) {
            return createSSLContext(this.keyManager, this.trustManager);
        }
        if (this.truststoreUrl != null && this.keystoreUrl != null) {
            return createSSLContextWithFiles();
        }
        if (javaVendor.contains("Oracle") && javaVersion.doubleValue() < 1.8d && javaArch.contains("64")) {
            throw new AuthSSLInitializationError("Sun Jdk version 7 and lower (64 bit) do not support pkcs");
        }
        return createPkcs11SSLContext();
    }

    private SSLContext createSSLContextWithFiles() {
        try {
            KeyManager[] keyManagerArr = null;
            TrustManager[] trustManagerArr = null;
            if (this.keystoreUrl != null) {
                KeyStore createKeyStore = createKeyStore(this.keystoreUrl, this.keystorePassword);
                if (LOG.isDebugEnabled()) {
                    Enumeration<String> aliases = createKeyStore.aliases();
                    while (aliases.hasMoreElements()) {
                        String nextElement = aliases.nextElement();
                        Certificate[] certificateChain = createKeyStore.getCertificateChain(nextElement);
                        if (certificateChain != null) {
                            LOG.debug("Certificate chain '" + nextElement + "':");
                            for (int i = 0; i < certificateChain.length; i++) {
                                if (certificateChain[i] instanceof X509Certificate) {
                                    X509Certificate x509Certificate = (X509Certificate) certificateChain[i];
                                    LOG.debug(" Certificate " + (i + 1) + TaskManagerConstants.VERSION_DELIMITER);
                                    LOG.debug("  Subject DN: " + x509Certificate.getSubjectDN());
                                    LOG.debug("  Signature Algorithm: " + x509Certificate.getSigAlgName());
                                    LOG.debug("  Valid from: " + x509Certificate.getNotBefore());
                                    LOG.debug("  Valid until: " + x509Certificate.getNotAfter());
                                    LOG.debug("  Issuer: " + x509Certificate.getIssuerDN());
                                }
                            }
                        }
                    }
                }
                keyManagerArr = createKeyManagers(createKeyStore, this.keystorePassword);
            }
            if (this.truststoreUrl != null) {
                KeyStore createKeyStore2 = createKeyStore(this.truststoreUrl, this.truststorePassword);
                if (LOG.isDebugEnabled()) {
                    Enumeration<String> aliases2 = createKeyStore2.aliases();
                    while (aliases2.hasMoreElements()) {
                        String nextElement2 = aliases2.nextElement();
                        LOG.debug("Trusted certificate '" + nextElement2 + "':");
                        Certificate certificate = createKeyStore2.getCertificate(nextElement2);
                        if (certificate != null && (certificate instanceof X509Certificate)) {
                            X509Certificate x509Certificate2 = (X509Certificate) certificate;
                            LOG.debug("  Subject DN: " + x509Certificate2.getSubjectDN());
                            LOG.debug("  Signature Algorithm: " + x509Certificate2.getSigAlgName());
                            LOG.debug("  Valid from: " + x509Certificate2.getNotBefore());
                            LOG.debug("  Valid until: " + x509Certificate2.getNotAfter());
                            LOG.debug("  Issuer: " + x509Certificate2.getIssuerDN());
                        }
                    }
                }
                trustManagerArr = createTrustManagers(createKeyStore2);
            }
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerArr, trustManagerArr, null);
            return sSLContext;
        } catch (IOException e) {
            LOG.error(e.getMessage(), e);
            throw new AuthSSLInitializationError("I/O error reading keystore/truststore file: " + e.getMessage());
        } catch (KeyStoreException e2) {
            LOG.error(e2.getMessage(), e2);
            throw new AuthSSLInitializationError("Keystore exception: " + e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            LOG.error(e3.getMessage(), e3);
            throw new AuthSSLInitializationError("Unsupported algorithm exception: " + e3.getMessage());
        } catch (GeneralSecurityException e4) {
            LOG.error(e4.getMessage(), e4);
            throw new AuthSSLInitializationError("Key management exception: " + e4.getMessage());
        }
    }

    private SSLContext createSSLContext(KeyManager keyManager, TrustManager trustManager) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(new KeyManager[]{keyManager}, new TrustManager[]{trustManager}, null);
            return sSLContext;
        } catch (KeyManagementException e) {
            LOG.error(e.getMessage(), e);
            throw new AuthSSLInitializationError("KeyManagementException exception: " + e.getMessage());
        } catch (NoSuchAlgorithmException e2) {
            LOG.error(e2.getMessage(), e2);
            throw new AuthSSLInitializationError("Unsupported algorithm exception: " + e2.getMessage());
        }
    }

    private SSLContext createPkcs11SSLContext() {
        KeyStore createPkcs11IbmKeyStore;
        try {
            TrustManager[] createTrustManagers = createTrustManagers(createTrustStore());
            if (javaVendor.contains("Oracle")) {
                if (this.pkcs11LibraryPath == null) {
                    LOG.debug("Windows KeyStore, Sun Jdk ");
                    createPkcs11IbmKeyStore = createMSCAPIKeyStore(sunMSCAPIProviderName, sunMSCAPIProviderClass);
                } else {
                    createPkcs11IbmKeyStore = createPkcs11SunKeyStore();
                }
            } else if (this.pkcs11LibraryPath == null) {
                LOG.debug("Windows KeyStore, Ibm Jdk");
                createPkcs11IbmKeyStore = createMSCAPIKeyStore(ibmMSCAPIProviderName, ibmMSCAPIProviderClass);
            } else {
                createPkcs11IbmKeyStore = createPkcs11IbmKeyStore();
            }
            KeyManager[] createKeyManagers = createKeyManagers(createPkcs11IbmKeyStore, this.pkcs11Pin);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            if (this.pkcs11CertListCallbackClass != null) {
                HashMap hashMap = new HashMap();
                Enumeration<String> aliases = createPkcs11IbmKeyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    hashMap.put(nextElement, createPkcs11IbmKeyStore.getCertificate(nextElement));
                }
                this.pkcs11SelectedAlias = ((Pkcs11CertListCallbackHandler) Class.forName(this.pkcs11CertListCallbackClass).getConstructor(new Class[0]).newInstance(new Object[0])).handle(hashMap);
                if (this.pkcs11SelectedAlias == null || this.pkcs11SelectedAlias.trim().length() <= 0) {
                    throw new AuthSSLInitializationError("No Certificate Selected by user");
                }
                sSLContext.init(new KeyManager[]{new CustomPkcs11KeyManager((X509KeyManager) createKeyManagers[0], this.pkcs11SelectedAlias.trim(), createPkcs11IbmKeyStore)}, createTrustManagers, null);
            } else {
                sSLContext.init(createKeyManagers, createTrustManagers, null);
            }
            this.sslcontext = sSLContext;
            return sSLContext;
        } catch (FileNotFoundException e) {
            LOG.error(e.getMessage(), e);
            throw new AuthSSLInitializationError("FileNotFoundException exception: " + e.getMessage());
        } catch (IOException e2) {
            LOG.error(e2.getMessage(), e2);
            throw new AuthSSLInitializationError("IOException exception: " + e2.getMessage());
        } catch (KeyManagementException e3) {
            LOG.error(e3.getMessage(), e3);
            throw new AuthSSLInitializationError("KeyManagementException exception: " + e3.getMessage());
        } catch (NoSuchAlgorithmException e4) {
            LOG.error(e4.getMessage(), e4);
            throw new AuthSSLInitializationError("Unsupported algorithm exception: " + e4.getMessage());
        } catch (GeneralSecurityException e5) {
            LOG.error(e5.getMessage(), e5);
            throw new AuthSSLInitializationError("GeneralSecurityException exception: " + e5.getMessage());
        } catch (Exception e6) {
            LOG.error(e6.getMessage(), e6);
            throw new AuthSSLInitializationError("Generic Exception: " + e6.getMessage());
        }
    }

    private KeyStore createMSCAPIKeyStore(String str, String str2) throws Exception {
        Provider provider = Security.getProvider(str);
        if (provider == null) {
            provider = (Provider) Class.forName(str2).getConstructor(new Class[0]).newInstance(new Object[0]);
            Security.addProvider(provider);
            Security.removeProvider(iaikProviderName);
        }
        KeyStore keyStore = KeyStore.getInstance(winKeystoreName, provider);
        keyStore.load(null, null);
        if (LOG.isDebugEnabled()) {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                LOG.debug(aliases.nextElement());
            }
        }
        return keyStore;
    }

    private KeyStore createPkcs11SunKeyStore() throws Exception {
        Provider provider = Security.getProvider("SunPKCS11-" + this.pkcs11ProviderNameSuffix);
        if (provider == null) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("name = ").append(this.pkcs11ProviderNameSuffix).append("\n");
            stringBuffer.append("library = ").append(this.pkcs11LibraryPath).append("\n");
            if (this.pkcs11SlotId != null) {
                stringBuffer.append("slot = ").append(Integer.toString(this.pkcs11SlotId.intValue())).append("\n");
            }
            ByteArrayInputStream byteArrayInputStream = null;
            try {
                byteArrayInputStream = new ByteArrayInputStream(stringBuffer.toString().getBytes());
                provider = (Provider) Class.forName(sunPkcs11Class).getConstructor(InputStream.class).newInstance(byteArrayInputStream);
                Security.removeProvider(iaikProviderName);
                Security.addProvider(provider);
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
            } catch (Throwable th) {
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                throw th;
            }
        }
        KeyStore keyStore = KeyStore.getInstance(sunKeyStoreType, provider);
        keyStore.load(null, this.pkcs11Pin != null ? this.pkcs11Pin.toCharArray() : null);
        LOG.debug("Sun Java KeyStore");
        if (LOG.isDebugEnabled()) {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                LOG.debug(aliases.nextElement());
            }
        }
        return keyStore;
    }

    private KeyStore createPkcs11IbmKeyStore() throws Exception {
        Provider provider = Security.getProvider("IBMPKCS11Impl");
        if (provider == null) {
            provider = Security.getProvider("IBMPKCS11Impl-" + this.pkcs11ProviderNameSuffix);
            if (provider == null) {
                ByteArrayInputStream byteArrayInputStream = null;
                BufferedReader bufferedReader = null;
                try {
                    StringBuffer stringBuffer = new StringBuffer();
                    stringBuffer.append("name = ").append(this.pkcs11ProviderNameSuffix).append("\n");
                    stringBuffer.append("library = ").append(this.pkcs11LibraryPath).append("\n");
                    if (this.pkcs11SlotId != null) {
                        stringBuffer.append("slot = ").append(Integer.toString(this.pkcs11SlotId.intValue())).append("\n");
                    }
                    byteArrayInputStream = new ByteArrayInputStream(stringBuffer.toString().getBytes());
                    bufferedReader = new BufferedReader(new InputStreamReader(byteArrayInputStream));
                    provider = (Provider) Class.forName(ibmPkcs11Class).getConstructor(BufferedReader.class).newInstance(bufferedReader);
                    Security.insertProviderAt(provider, 2);
                    if (byteArrayInputStream != null) {
                        byteArrayInputStream.close();
                    }
                    if (bufferedReader != null) {
                        bufferedReader.close();
                    }
                } catch (Throwable th) {
                    if (byteArrayInputStream != null) {
                        byteArrayInputStream.close();
                    }
                    if (bufferedReader != null) {
                        bufferedReader.close();
                    }
                    throw th;
                }
            }
        }
        KeyStore keyStore = KeyStore.getInstance(ibmKeyStoreType, provider);
        keyStore.load(null, this.pkcs11Pin.toCharArray());
        LOG.debug("Ibm Java KeyStore");
        if (LOG.isDebugEnabled()) {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                LOG.debug(aliases.nextElement());
            }
        }
        return keyStore;
    }

    private KeyStore createTrustStore() throws Exception {
        KeyStore createKeyStore;
        if (this.truststoreUrl == null) {
            if (javaVendor.contains("IBM")) {
                Provider provider = Security.getProvider(ibmMSCAPIProviderName);
                if (provider == null) {
                    provider = (Provider) Class.forName(ibmMSCAPIProviderClass).getConstructor(new Class[0]).newInstance(new Object[0]);
                    Security.addProvider(provider);
                    LOG.debug("provider name " + provider.getName());
                    Security.removeProvider(iaikProviderName);
                }
                createKeyStore = KeyStore.getInstance(winTrustStoreName, provider);
                LOG.debug("Windows Certmgr.msc TrustStore with IBM Jdk");
            } else {
                createKeyStore = KeyStore.getInstance(winTrustStoreName);
                LOG.debug("Windows Certmgr.msc TrustStore with Sun Jdk");
            }
            createKeyStore.load(null, null);
        } else {
            createKeyStore = createKeyStore(this.truststoreUrl, this.truststorePassword);
        }
        if (LOG.isDebugEnabled()) {
            Enumeration<String> aliases = createKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                LOG.debug(aliases.nextElement());
            }
        }
        return createKeyStore;
    }

    public SSLContext getSSLContext() {
        if (this.sslcontext == null) {
            this.sslcontext = createSSLContext();
        }
        return this.sslcontext;
    }

    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2, HttpConnectionParams httpConnectionParams) throws IOException, UnknownHostException, ConnectTimeoutException {
        if (httpConnectionParams == null) {
            throw new IllegalArgumentException("Parameters may not be null");
        }
        int connectionTimeout = httpConnectionParams.getConnectionTimeout();
        SSLSocketFactory socketFactory = getSSLContext().getSocketFactory();
        if (connectionTimeout == 0) {
            return socketFactory.createSocket(str, i, inetAddress, i2);
        }
        Socket createSocket = socketFactory.createSocket();
        InetSocketAddress inetSocketAddress = new InetSocketAddress(inetAddress, i2);
        InetSocketAddress inetSocketAddress2 = new InetSocketAddress(str, i);
        createSocket.bind(inetSocketAddress);
        createSocket.connect(inetSocketAddress2, connectionTimeout);
        return createSocket;
    }

    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(str, i, inetAddress, i2);
    }

    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(str, i);
    }

    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException, UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(socket, str, i, z);
    }
}
