package oracle.ojvmwcu.security;

import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.URL;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.PrivilegedAction;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import oracle.aurora.rdbms.ResourceHandle;
import oracle.aurora.rdbms.Schema;

/* loaded from: input_file:oracle/ojvmwcu/security/Utils.class */
public class Utils {
    public static Boolean isSetCredentials = Boolean.FALSE;
    public static Boolean isSetTrustStore = Boolean.FALSE;
    private static Boolean DEBUG = Boolean.FALSE;
    private static String certPath = "/lib/security/cacerts";
    private static String resourcePath = "jserver:/resource/schema/";
    private static String install_schema = "OJVMWCU_INSTALL";
    private static Authenticator authenticator;

    /* loaded from: input_file:oracle/ojvmwcu/security/Utils$SavingTrustManager.class */
    private static class SavingTrustManager implements X509TrustManager {
        private final X509TrustManager tm;
        public X509Certificate[] chain;

        SavingTrustManager(X509TrustManager x509TrustManager) {
            this.tm = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.chain = x509CertificateArr;
            this.tm.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public static void setCredentials(String str, String str2) {
        ReflectionUtils.checkWcuUser();
        authenticator = new OJVMAuthenticator(str, str2);
        isSetCredentials = Boolean.TRUE;
    }

    public static void setDefaultAuthenticator() {
        ReflectionUtils.checkWcuUser();
        AccessController.doPrivileged(new PrivilegedAction<Void>() { // from class: oracle.ojvmwcu.security.Utils.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Void run() {
                Authenticator.setDefault(Utils.authenticator);
                return null;
            }
        });
    }

    private static InputStream getInputStream() {
        URL url;
        InputStream inputStream = null;
        try {
            url = new URL(resourcePath + Schema.currentSchema() + certPath);
            inputStream = url.openConnection().getInputStream();
        } catch (Exception e) {
            System.out.println("OJVMWCU : Default cacerts not found. Will check in " + install_schema);
            url = null;
        }
        if (url == null) {
            try {
                url = new URL(resourcePath + install_schema + certPath);
                inputStream = url.openConnection().getInputStream();
            } catch (Exception e2) {
                System.out.println("OJVMWCU : Default cacerts not found. Could not proceed.");
                if (!DEBUG.booleanValue()) {
                    return null;
                }
                e2.printStackTrace(System.out);
                return null;
            }
        }
        if (url != null) {
            return inputStream;
        }
        System.out.println("OJVMWCU : Default cacerts not found. Could not proceed.");
        return null;
    }

    public static void setSSLContext() {
        try {
            final SSLContext sSLContext = getSSLContext();
            if (sSLContext == null) {
                System.out.println("OJVMWCU : Exception while setting SSL Context.");
            } else {
                AccessController.doPrivileged(new PrivilegedAction<Void>() { // from class: oracle.ojvmwcu.security.Utils.2
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public Void run() {
                        HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
                        return null;
                    }
                });
                System.out.println("OJVMWCU : SSL Context is set with new trustStore.");
            }
        } catch (Exception e) {
            System.out.println("OJVMWCU : Exception while setting SSL Context.");
            if (DEBUG.booleanValue()) {
                e.printStackTrace(System.out);
            }
        }
    }

    public static SSLContext getSSLContext() {
        ReflectionUtils.checkWcuUser();
        InputStream inputStream = getInputStream();
        if (inputStream == null) {
            return null;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            keyStore.load(inputStream, null);
            trustManagerFactory.init(keyStore);
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (Exception e) {
            System.out.println("OJVMWCU : Exception while setting SSL Context.");
            if (!DEBUG.booleanValue()) {
                return null;
            }
            e.printStackTrace(System.out);
            return null;
        }
    }

    public static void grabAndSaveCertificate(String str, String str2) {
        InputStream inputStream = getInputStream();
        if (inputStream == null) {
            return;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(inputStream, null);
            inputStream.close();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SavingTrustManager savingTrustManager = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
            sSLContext.init(null, new TrustManager[]{savingTrustManager}, null);
            SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, Integer.parseInt(str2));
            sSLSocket.setSoTimeout(10000);
            try {
                sSLSocket.startHandshake();
                sSLSocket.close();
                System.out.println("OJVMWCU : Certificate is already trusted.");
            } catch (Exception e) {
                System.out.println("OJVMWCU : Certificate is not trusted.");
                X509Certificate[] x509CertificateArr = savingTrustManager.chain;
                if (x509CertificateArr == null) {
                    System.out.println("OJVMWCU : Could not obtain server certificate chain");
                    return;
                }
                new BufferedReader(new InputStreamReader(System.in));
                for (int i = 0; i < x509CertificateArr.length; i++) {
                    keyStore.setCertificateEntry(str + "-" + i, x509CertificateArr[i]);
                }
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                keyStore.store(byteArrayOutputStream, "".toCharArray());
                if (ResourceHandle.create(byteArrayOutputStream.toByteArray(), "lib/security/cacerts", Schema.currentSchema(), true, false) == null) {
                    System.out.println("OJVMWCU : Could not save certificate in schema " + Schema.currentSchema());
                } else {
                    System.out.println("OJVMWCU : Successfully saved certificate in schema " + Schema.currentSchema());
                }
                byteArrayOutputStream.close();
            }
        } catch (Exception e2) {
            System.out.println("OJVMWCU : Exception while storing trustStore." + Schema.currentSchema());
            if (DEBUG.booleanValue()) {
                e2.printStackTrace(System.out);
            }
        }
    }
}
