package com.buildforge.services.common.ssl.provider;

import com.buildforge.services.common.dbo.MessageDBO;
import com.buildforge.services.common.dbo.SSLDBO;
import com.buildforge.services.common.ssl.config.FIPSManager;
import java.security.Provider;
import java.security.Security;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLContext;

/* loaded from: input_file:com/buildforge/services/common/ssl/provider/JSSEProviderFactory.class */
public class JSSEProviderFactory {
    private static final String CMSPROVIDER = "com.ibm.security.cmskeystore.CMSProvider";
    private static final String IBMJSSE2_PROVIDER = "IBMJSSE2";
    private static final String SUNJSSE_PROVIDER = "SunJSSE";
    private static final String DEFAULT_PROVIDER = "IBMJSSE2";
    private static final Logger log = Logger.getLogger(JSSEProviderFactory.class.getName());
    private static JSSEProvider cachedProvider = null;
    private static Map<String, JSSEProvider> providerCache = new HashMap();
    private static String trustManagerFactoryAlgorithm = null;
    private static String keyManagerFactoryAlgorithm = null;
    private static String defaultSSLSocketFactory = null;
    private static String defaultSSLServerSocketFactory = null;
    private static boolean fipsInitialized = false;
    private static List<String> fipsJCEProvidersObjectList = null;
    private static String providerFromProviderList = null;

    public static JSSEProvider getInstance() {
        return getInstance(null);
    }

    public static JSSEProvider getInstance(String str) {
        if (str == null) {
            str = getProviderFromProviderList();
        }
        if (str == null) {
            str = "IBMJSSE2";
        }
        if (isFipsEnabled()) {
            str = "IBMJSSE2";
        }
        cachedProvider = providerCache.get(str);
        if (cachedProvider != null) {
            return cachedProvider;
        }
        Provider provider = Security.getProvider(str);
        if (provider == null) {
            if (isFipsEnabled() || str.equalsIgnoreCase("IBMJSSE2")) {
                try {
                    provider = (Provider) Class.forName("com.ibm.jsse2.IBMJSSEProvider2").newInstance();
                } catch (Exception e) {
                    MessageDBO messageDBO = new MessageDBO(MessageDBO.Severity.WARNING, "SSLProviderLoadFailed", str);
                    if (log.isLoggable(Level.WARNING)) {
                        log.log(Level.WARNING, messageDBO.translate());
                    }
                }
            } else if (str.equalsIgnoreCase(SUNJSSE_PROVIDER)) {
                try {
                    provider = (Provider) Class.forName("com.sun.net.ssl.internal.ssl.Provider").newInstance();
                } catch (Exception e2) {
                    MessageDBO messageDBO2 = new MessageDBO(MessageDBO.Severity.WARNING, "SSLProviderLoadFailed", str);
                    if (log.isLoggable(Level.WARNING)) {
                        log.log(Level.WARNING, messageDBO2.translate());
                    }
                }
            } else {
                try {
                    provider = (Provider) Class.forName("com.ibm.jsse2.IBMJSSEProvider2").newInstance();
                } catch (Exception e3) {
                    MessageDBO messageDBO3 = new MessageDBO(MessageDBO.Severity.WARNING, "SSLProviderLoadFailed", str);
                    if (log.isLoggable(Level.WARNING)) {
                        log.log(Level.WARNING, messageDBO3.translate());
                    }
                }
            }
            if (provider != null) {
                Security.addProvider(provider);
            }
        }
        initializeIBMCMSProvider();
        Provider[] providers = Security.getProviders();
        for (int i = 0; i < providers.length; i++) {
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "Provider name [" + i + "]: " + providers[i].getName());
            }
            if (cachedProvider == null && providers[i].getName().equalsIgnoreCase(str)) {
                if (str.equalsIgnoreCase("IBMJSSE2") && validateProvider("IBMJSSE2")) {
                    cachedProvider = new IBMJSSE2Provider();
                    providerCache.put("IBMJSSE2", cachedProvider);
                    providerCache.put(str, cachedProvider);
                } else if (str.equalsIgnoreCase(SUNJSSE_PROVIDER) && validateProvider(SUNJSSE_PROVIDER)) {
                    cachedProvider = new SunJSSEProvider();
                    providerCache.put(SUNJSSE_PROVIDER, cachedProvider);
                    providerCache.put(str, cachedProvider);
                    if (isFipsEnabled()) {
                        MessageDBO messageDBO4 = new MessageDBO(MessageDBO.Severity.WARNING, "SSLProviderNotFIPSCompliant", new String[0]);
                        if (log.isLoggable(Level.WARNING)) {
                            log.log(Level.WARNING, messageDBO4.translate());
                        }
                    }
                } else {
                    cachedProvider = new IBMJSSE2Provider();
                    providerCache.put("IBMJSSE2", cachedProvider);
                    providerCache.put(str, cachedProvider);
                }
            }
            if (cachedProvider == null) {
                cachedProvider = new IBMJSSE2Provider();
                providerCache.put("IBMJSSE2", cachedProvider);
                providerCache.put(str, cachedProvider);
            }
        }
        return cachedProvider;
    }

    private static boolean validateProvider(String str) {
        boolean z = false;
        try {
            String str2 = SSLDBO.TYPE_KEY;
            if (isFipsEnabled()) {
                str2 = "TLS";
            }
            SSLContext.getInstance(str2, str);
            z = true;
        } catch (Exception e) {
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "Error validating provider: " + str + ", Exception: " + e.getMessage(), (Throwable) e);
            }
        }
        return z;
    }

    public static String getDefaultSSLSocketFactory() {
        if (defaultSSLSocketFactory == null) {
            defaultSSLSocketFactory = Security.getProperty("ssl.SocketFactory.provider");
        }
        return defaultSSLSocketFactory;
    }

    public static String getDefaultSSLServerSocketFactory() {
        if (defaultSSLServerSocketFactory == null) {
            defaultSSLServerSocketFactory = Security.getProperty("ssl.ServerSocketFactory.provider");
        }
        return defaultSSLServerSocketFactory;
    }

    public static String getKeyManagerFactoryAlgorithm() {
        if (keyManagerFactoryAlgorithm == null) {
            keyManagerFactoryAlgorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        }
        return keyManagerFactoryAlgorithm;
    }

    public static String getTrustManagerFactoryAlgorithm() {
        if (trustManagerFactoryAlgorithm == null) {
            trustManagerFactoryAlgorithm = Security.getProperty("ssl.TrustManagerFactory.algorithm");
        }
        return trustManagerFactoryAlgorithm;
    }

    public static boolean isFipsEnabled() {
        return FIPSManager.getInstance().isFIPSEnabled();
    }

    public static void initializeIBMCMSProvider() {
        if (Security.getProvider("IBMCMSProvider") != null) {
            return;
        }
        try {
            Security.addProvider((Provider) Class.forName(CMSPROVIDER).newInstance());
        } catch (Exception e) {
            if (log.isLoggable(Level.WARNING)) {
                log.warning(new MessageDBO(MessageDBO.Severity.WARNING, "SSLProviderLoadFailed", CMSPROVIDER).translate());
            }
        }
    }

    public static void initializeFips() throws Exception {
        if (fipsInitialized) {
            return;
        }
        int i = 0;
        Provider provider = null;
        Provider provider2 = null;
        try {
            System.setProperty("com.ibm.jsse2.JSSEFIPS", "true");
            Provider[] providers = Security.getProviders();
            for (int i2 = 0; i2 < providers.length; i2++) {
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, "Provider[" + i2 + "]: " + providers[i2].getName());
                }
                if (providers[i2].getName().equals("IBMJCE")) {
                    if (log.isLoggable(Level.FINE)) {
                        log.log(Level.FINE, "IBMJCE provider at position " + i2);
                    }
                } else if (providers[i2].getName().equals("IBMJCEFIPS")) {
                    if (log.isLoggable(Level.FINE)) {
                        log.log(Level.FINE, "IBMJCEFIPS provider at position " + i2);
                    }
                    i = i2;
                    provider = providers[i2];
                } else if (providers[i2].getName().equals("SUN")) {
                    if (log.isLoggable(Level.FINE)) {
                        log.log(Level.FINE, "SUN provider at position " + i2);
                    }
                    provider2 = providers[i2];
                }
            }
            if (provider == null) {
                Security.getProviders();
                try {
                    Provider provider3 = (Provider) Class.forName("com.ibm.crypto.fips.provider.IBMJCEFIPS").newInstance();
                    if (provider2 != null) {
                        insertProviderAt(provider2, 1);
                        insertProviderAt(provider3, 2);
                    } else {
                        insertProviderAt(provider3, 1);
                    }
                } catch (Exception e) {
                    MessageDBO messageDBO = new MessageDBO(MessageDBO.Severity.WARNING, "SSLJCEFIPSProviderFailed", new String[0]);
                    if (log.isLoggable(Level.WARNING)) {
                        log.log(Level.WARNING, messageDBO.translate(), (Throwable) e);
                    }
                }
            } else if (i != 0) {
                Security.getProviders();
                if (provider2 != null) {
                    insertProviderAt(provider2, 1);
                    insertProviderAt(provider, 2);
                } else {
                    insertProviderAt(provider, 1);
                }
            }
            Provider[] providers2 = Security.getProviders();
            for (int i3 = 0; i3 < providers2.length; i3++) {
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, "Provider[" + i3 + "]: " + providers2[i3].getName() + ", info: " + providers2[i3].getInfo());
                }
            }
            fipsInitialized = true;
        } catch (Exception e2) {
            MessageDBO messageDBO2 = new MessageDBO(MessageDBO.Severity.WARNING, "SSLJCEFIPSProviderFailed", new String[0]);
            if (log.isLoggable(Level.WARNING)) {
                log.log(Level.WARNING, messageDBO2.translate(), (Throwable) e2);
            }
            throw e2;
        }
    }

    public static void insertProviderAt(Provider provider, int i) {
        Provider[] providerArr;
        Provider[] providers = Security.getProviders();
        if (providers == null) {
            providers = new Provider[0];
        }
        if (i > providers.length) {
            i = providers.length;
        }
        if (providers.length > 0) {
            providerArr = new Provider[providers.length + 2];
            providerArr[i] = provider;
        } else {
            providerArr = new Provider[]{provider};
        }
        int i2 = 1;
        for (Provider provider2 : providers) {
            if (provider2 != null && provider2.getName() != provider.getName()) {
                while (providerArr[i2] != null) {
                    i2++;
                }
                providerArr[i2] = provider2;
                i2++;
            }
        }
        removeAllProviders();
        Security.getProviders();
        for (int i3 = 0; i3 < providerArr.length; i3++) {
            Provider provider3 = providerArr[i3];
            if (provider3 != null) {
                int insertProviderAt = Security.insertProviderAt(provider3, i3 + 1);
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, provider3.getName() + " provider added at position " + insertProviderAt);
                }
            }
        }
    }

    public static void removeAllProviders() {
        String name;
        Provider[] providers = Security.getProviders();
        for (int i = 0; i < providers.length; i++) {
            if (providers[i] != null && (name = providers[i].getName()) != null) {
                Security.removeProvider(name);
            }
        }
    }

    public static List<String> fipsJCEProviders() {
        String[] strArr = {"IBMJCEFIPS"};
        if (fipsJCEProvidersObjectList == null) {
            fipsJCEProvidersObjectList = new ArrayList(strArr.length);
            if (isFipsEnabled()) {
                for (String str : strArr) {
                    fipsJCEProvidersObjectList.add(str);
                }
            }
        }
        return fipsJCEProvidersObjectList;
    }

    private static String getProviderFromProviderList() {
        Provider[] providers = Security.getProviders();
        int i = 0;
        while (true) {
            if (i >= providers.length) {
                break;
            }
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "Provider name [" + i + "]: " + providers[i].getName());
            }
            if (providers[i].getName().equalsIgnoreCase("IBMJSSE2")) {
                providerFromProviderList = "IBMJSSE2";
                break;
            }
            if (providers[i].getName().equalsIgnoreCase(SUNJSSE_PROVIDER)) {
                providerFromProviderList = SUNJSSE_PROVIDER;
                break;
            }
            i++;
        }
        if (providerFromProviderList == null) {
            providerFromProviderList = "IBMJSSE2";
        }
        return providerFromProviderList;
    }
}
