package com.ibm.etools.wdt.server.ui.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/ibm/etools/wdt/server/ui/util/WDTServerSSLUtil.class */
public class WDTServerSSLUtil {
    public static final String JAVA_KEYSTORE_TYPE = "JKS";
    public static final int DEFAULT_HTTPS_PORT_NUM = 443;
    public static final String JRE_CACERTS_PATH = String.valueOf(System.getProperty("java.home")) + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts";
    private static List<String> X509_CERTS_FILEEXTENSION = Arrays.asList(".der", ".crt", ".cer", ".pem");

    public static Certificate getServerCertificate(String str) throws KeyManagementException, SSLPeerUnverifiedException, NoSuchAlgorithmException, UnknownHostException, IOException {
        URL url = new URL(str);
        String host = url.getHost();
        int port = url.getPort();
        return getServerCertificate(host, port == -1 ? DEFAULT_HTTPS_PORT_NUM : port);
    }

    public static Certificate importCertificateFromLocal(String str) throws CertificateException, FileNotFoundException {
        return CertificateFactory.getInstance("X.509").generateCertificate(new FileInputStream(new File(str)));
    }

    public static Certificate getServerCertificate(String str, int i) throws NoSuchAlgorithmException, KeyManagementException, UnknownHostException, IOException, SSLPeerUnverifiedException {
        Certificate[] peerCertificates = createSSLSocket(str, i).getSession().getPeerCertificates();
        return peerCertificates[peerCertificates.length - 1];
    }

    private static SSLSocket createSSLSocket(String str, int i) throws NoSuchAlgorithmException, KeyManagementException, UnknownHostException, IOException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{createEasyTrustManager()}, new SecureRandom());
        return (SSLSocket) sSLContext.getSocketFactory().createSocket(str, i);
    }

    private static TrustManager createEasyTrustManager() {
        return new X509TrustManager() { // from class: com.ibm.etools.wdt.server.ui.util.WDTServerSSLUtil.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }
        };
    }

    public static boolean isCommonX509CertFileExtension(String str) {
        return X509_CERTS_FILEEXTENSION.contains(str);
    }
}
