package com.ghc.a3.mq.ssl;

import com.ghc.a3.jms.ssl.SSLConfigurationProvider;
import com.ghc.a3.mq.utils.MQConfigProperties;
import com.ghc.config.Config;
import com.ghc.config.ConfigUtils;
import com.ghc.ibmmq.nls.GHMessages;
import com.ghc.identity.AuthenticationManager;
import com.ghc.identity.IdentityStoreResource;
import com.ghc.ssl.SSLUtils;
import com.ghc.utils.throwable.GHException;
import java.text.MessageFormat;
import java.util.Hashtable;
import javax.jms.ConnectionFactory;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:com/ghc/a3/mq/ssl/BaseMQSSLConfigurationProvider.class */
public abstract class BaseMQSSLConfigurationProvider implements SSLConfigurationProvider {
    protected String m_protocol;
    protected String m_peerName = "";
    protected String m_cipherSuite = "";
    protected Boolean m_fipsRequired = false;
    protected Integer m_keyResetCount = 0;
    private AuthenticationManager m_authenticationManager = null;
    protected String m_trustStoreURL = "";
    protected String m_keyStoreURL = "";
    private Iterable<String> overrideProtocols;

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean useSSL() {
        return this.m_protocol != null && this.m_protocol.equals(MQConfigProperties.USE_SSL);
    }

    public void configureFactory(ConnectionFactory connectionFactory) throws Exception {
    }

    public Hashtable<String, Object> getJNDIContextProperties() throws Exception {
        return new Hashtable<>();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSLSocketFactory getSSLSocketFactory() throws GHException {
        if (this.m_authenticationManager == null) {
            return null;
        }
        try {
            KeyManager[] keyManagers = getKeyManagers();
            TrustManager[] trustManagers = getTrustManagers();
            SSLContext sSLContext = SSLUtils.getSSLContext(this.overrideProtocols);
            sSLContext.init(keyManagers == null ? null : keyManagers, trustManagers, null);
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            throw new GHException(MessageFormat.format(GHMessages.BaseMQSSLConfigurationProvider_couldNotCreateMQSSLSocketFactory, GHMessages.BaseMQSSLConfigurationProvider_errorMessageSeparator, e.getMessage()), e);
        }
    }

    private TrustManager[] getTrustManagers() throws GHException {
        if (getTrustStoreURL() == null || getTrustStoreURL().equals("")) {
            return null;
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(getIdentityStore(getTrustStoreURL()).getKeyStore());
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e) {
            throw new GHException(MessageFormat.format(GHMessages.BaseMQSSLConfigurationProvider_couldNotAccessTrustStore, getTrustStoreURL(), GHMessages.BaseMQSSLConfigurationProvider_errorMessageSeparator, e.getMessage()));
        }
    }

    private KeyManager[] getKeyManagers() throws GHException {
        if (getKeyStoreURL() == null || getKeyStoreURL().equals("")) {
            return null;
        }
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            IdentityStoreResource identityStore = getIdentityStore(getKeyStoreURL());
            keyManagerFactory.init(identityStore.getKeyStore(), identityStore.getPassword().toCharArray());
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            throw new GHException(MessageFormat.format(GHMessages.BaseMQSSLConfigurationProvider_couldNotAccessKeyStore, getKeyStoreURL(), GHMessages.BaseMQSSLConfigurationProvider_errorMessageSeparator, e.getMessage()));
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x002a, code lost:
    
        r5 = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:2:0x000b, code lost:
    
        if (r0 != null) goto L8;
     */
    /* JADX WARN: Code restructure failed: missing block: B:4:0x003a, code lost:
    
        return r5;
     */
    /* JADX WARN: Code restructure failed: missing block: B:7:0x0036, code lost:
    
        if (r0.hasNext() != false) goto L5;
     */
    /* JADX WARN: Code restructure failed: missing block: B:8:0x0011, code lost:
    
        r0 = (com.ghc.identity.IdentityStoreResource) r0.next();
     */
    /* JADX WARN: Code restructure failed: missing block: B:9:0x0027, code lost:
    
        if (r0.getName().equals(r4) == false) goto L14;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private com.ghc.identity.IdentityStoreResource getIdentityStore(java.lang.String r4) {
        /*
            r3 = this;
            r0 = 0
            r5 = r0
            r0 = r3
            com.ghc.identity.AuthenticationManager r0 = r0.m_authenticationManager
            java.util.Iterator r0 = r0.getIdentityStores()
            r6 = r0
            r0 = r6
            if (r0 == 0) goto L39
            goto L30
        L11:
            r0 = r6
            java.lang.Object r0 = r0.next()
            com.ghc.identity.IdentityStoreResource r0 = (com.ghc.identity.IdentityStoreResource) r0
            r7 = r0
            r0 = r7
            java.lang.String r0 = r0.getName()
            r1 = r4
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto L30
            r0 = r7
            r5 = r0
            goto L39
        L30:
            r0 = r6
            boolean r0 = r0.hasNext()
            if (r0 != 0) goto L11
        L39:
            r0 = r5
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ghc.a3.mq.ssl.BaseMQSSLConfigurationProvider.getIdentityStore(java.lang.String):com.ghc.identity.IdentityStoreResource");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getPeerName() {
        return this.m_peerName;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getCipherSuite() {
        return this.m_cipherSuite;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Boolean getFipsRequired() {
        return this.m_fipsRequired;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Integer getKeyResetCount() {
        return this.m_keyResetCount;
    }

    private String getTrustStoreURL() {
        return this.m_trustStoreURL;
    }

    private String getKeyStoreURL() {
        return this.m_keyStoreURL;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.m_authenticationManager = authenticationManager;
    }

    public void loadFromConfig(Config config) {
        this.m_protocol = config.getString(MQConfigProperties.MQ_PROTOCOL);
        this.m_cipherSuite = ConfigUtils.getStringValueIfSet(config, MQConfigProperties.SSL_CIPHERSUITE);
        this.m_peerName = ConfigUtils.getStringValueIfSet(config, MQConfigProperties.SSL_PEER_NAME);
        this.m_trustStoreURL = AuthenticationManager.getInstance().getTagResolvedURLForIdentityStoreURL(ConfigUtils.getStringValueIfSet(config, MQConfigProperties.SSL_TRUST_STORE));
        this.m_keyStoreURL = AuthenticationManager.getInstance().getTagResolvedURLForIdentityStoreURL(ConfigUtils.getStringValueIfSet(config, MQConfigProperties.SSL_KEY_STORE));
        this.m_fipsRequired = Boolean.valueOf(config.getBoolean(MQConfigProperties.SSL_FIPS_REQUIRED, false));
        String stringValueIfSet = ConfigUtils.getStringValueIfSet(config, MQConfigProperties.SSL_KEY_RESET_COUNT);
        if (stringValueIfSet != null) {
            try {
                this.m_keyResetCount = Integer.valueOf(stringValueIfSet);
            } catch (NumberFormatException unused) {
                this.m_keyResetCount = 0;
            }
        }
        this.overrideProtocols = SSLUtils.splitProtocolList(ConfigUtils.getStringValueIfSet(config, MQConfigProperties.SSL_OVERRIDE_PROTOCOLS), ';');
    }
}
