package com.ibm.ws.jaxrs20.appsecurity.security;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.websphere.ssl.SSLConfig;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.jaxrs20.appsecurity.component.SSLSupportService;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.wsspi.ssl.SSLSupport;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Map;
import java.util.Properties;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocketFactory;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.jaxrs-2.0.appSecurity_1.0.14.jar:com/ibm/ws/jaxrs20/appsecurity/security/JaxRsSSLManager.class */
public class JaxRsSSLManager {
    private static final TraceComponent tc = Tr.register(JaxRsSSLManager.class);
    static final long serialVersionUID = -6831088170268315856L;

    public static SSLSocketFactory getProxySSLSocketFactoryBySSLRef(String str, Map<String, Object> map) {
        return new JaxRsProxySSLSocketFactory(str, map);
    }

    @FFDCIgnore({PrivilegedActionException.class})
    public static SSLSocketFactory getSSLSocketFactoryBySSLRef(final String str, Map<String, Object> map, boolean z) {
        if (!SSLSupportService.isSSLSupportServiceReady()) {
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "The SSL support service is not ready and can't create SSLSocketFactory", new Object[0]);
            return null;
        }
        SSLSupport sSLSupport = SSLSupportService.getSSLSupport();
        final JSSEHelper jSSEHelper = sSLSupport.getJSSEHelper();
        SSLConfig sSLConfig = null;
        try {
            try {
                Properties properties = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction<Properties>() { // from class: com.ibm.ws.jaxrs20.appsecurity.security.JaxRsSSLManager.1
                    static final long serialVersionUID = 4561508428952719639L;
                    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass1.class);

                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public Properties run() throws SSLException {
                        try {
                            return JSSEHelper.this.getProperties(str);
                        } catch (com.ibm.websphere.ssl.SSLException e) {
                            FFDCFilter.processException(e, "com.ibm.ws.jaxrs20.appsecurity.security.JaxRsSSLManager$1", "72", this, new Object[0]);
                            throw ((SSLException) e.getCause());
                        }
                    }
                });
                if (null != properties) {
                    sSLConfig = new SSLConfig(properties);
                } else {
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "Cannot get the ssl configuration by sslRef=" + str, new Object[0]);
                    }
                    if (z) {
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "Try to get the default ssl configuration of server", new Object[0]);
                        }
                        try {
                            Properties properties2 = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction<Properties>() { // from class: com.ibm.ws.jaxrs20.appsecurity.security.JaxRsSSLManager.2
                                static final long serialVersionUID = -3126746084723580346L;
                                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass2.class);

                                /* JADX WARN: Can't rename method to resolve collision */
                                @Override // java.security.PrivilegedExceptionAction
                                public Properties run() throws SSLException {
                                    try {
                                        return JSSEHelper.this.getProperties(null, null, null);
                                    } catch (com.ibm.websphere.ssl.SSLException e) {
                                        FFDCFilter.processException(e, "com.ibm.ws.jaxrs20.appsecurity.security.JaxRsSSLManager$2", "103", this, new Object[0]);
                                        throw ((SSLException) e.getCause());
                                    }
                                }
                            });
                            if (null != properties2) {
                                sSLConfig = new SSLConfig(properties2);
                            }
                        } catch (PrivilegedActionException e) {
                            throw ((SSLException) e.getCause());
                        }
                    }
                }
                if (null == sSLConfig) {
                    if (!TraceComponent.isAnyTracingEnabled() || !tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.debug(tc, "The SSL socket factory cannot be created because the SSL reference id " + str + " does not exist in the server.xml file", new Object[0]);
                    return null;
                }
                if (null != map && !map.isEmpty()) {
                    for (Map.Entry<String, Object> entry : map.entrySet()) {
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, entry.getKey() + "=" + entry.getValue() + " is overriden in SSLConfig=" + str, new Object[0]);
                        }
                        sSLConfig.put(entry.getKey(), entry.getValue());
                    }
                }
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Get the SSLSocketFactory by sslRef=" + str, new Object[0]);
                }
                return sSLSupport.getJSSEProvider().getSSLSocketFactory(null, sSLConfig);
            } catch (PrivilegedActionException e2) {
                throw ((SSLException) e2.getCause());
            }
        } catch (SSLException e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.jaxrs20.appsecurity.security.JaxRsSSLManager", "143", null, new Object[]{str, map, Boolean.valueOf(z)});
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "SSL Exception with ssl ref id " + str + ": " + e3.toString(), new Object[0]);
            }
            throw new IllegalArgumentException(e3);
        } catch (Exception e4) {
            FFDCFilter.processException(e4, "com.ibm.ws.jaxrs20.appsecurity.security.JaxRsSSLManager", "148", null, new Object[]{str, map, Boolean.valueOf(z)});
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception with ssl ref id " + str + ": " + e4.toString(), new Object[0]);
            }
            throw new IllegalStateException(e4);
        }
    }
}
