package com.certicom.net.ssl;

import com.certicom.security.cert.internal.x509.SSLPlusSupport;
import com.certicom.tls.interfaceimpl.TLSConnectionImpl;
import com.certicom.tls.interfaceimpl.TLSSystem;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Vector;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.impl.SSLSocketImpl;
import javax.security.cert.CertificateException;
import javax.security.cert.X509Certificate;
import weblogic.security.utils.SSLCertUtility;
import weblogic.security.utils.SSLContextWrapper;
import weblogic.security.utils.SSLHostnameVerifier;
import weblogic.security.utils.SSLSetup;
import weblogic.security.utils.SSLTruster;

/* loaded from: input_file:weblogic.jar:com/certicom/net/ssl/CerticomContextWrapper.class */
public class CerticomContextWrapper extends SSLContextWrapper {
    private SSLContext sslCtx = new SSLContext();

    @Override // weblogic.security.utils.SSLContextWrapper
    public void addTrustedCA(X509Certificate x509Certificate) throws CertificateException {
        try {
            this.sslCtx.addTrustedCertificate(x509Certificate);
        } catch (java.security.cert.CertificateException e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void addTrustedCA(X509Certificate[] x509CertificateArr) throws CertificateException {
        for (X509Certificate x509Certificate : x509CertificateArr) {
            try {
                this.sslCtx.addTrustedCertificate(x509Certificate);
            } catch (java.security.cert.CertificateException e) {
                throw new CertificateException(e.getMessage());
            }
        }
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public PrivateKey inputPrivateKey(InputStream inputStream, char[] cArr) throws KeyManagementException {
        return (PrivateKey) SSLPlusSupport.getLocalIdentityPartial(inputStream, cArr).lastElement();
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public X509Certificate[] inputCertChain(InputStream inputStream) throws KeyManagementException {
        Vector localIdentityPartial = SSLPlusSupport.getLocalIdentityPartial(inputStream, " ".toCharArray());
        X509Certificate[] x509CertificateArr = new X509Certificate[localIdentityPartial.size()];
        for (int i = 0; i < x509CertificateArr.length; i++) {
            x509CertificateArr[i] = SSLCertUtility.toJavaX509((java.security.cert.X509Certificate) localIdentityPartial.elementAt(i));
        }
        return x509CertificateArr;
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void loadLocalIdentity(InputStream inputStream, char[] cArr) throws KeyManagementException {
        this.sslCtx.loadLocalIdentity(inputStream, cArr);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void loadTrustedCerts(InputStream inputStream) throws CertificateException, KeyManagementException {
        this.sslCtx.loadTrustedCertificates(inputStream);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void addIdentity(X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
        this.sslCtx.addAuthChain(x509CertificateArr, privateKey);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public boolean doKeysMatch(PublicKey publicKey, PrivateKey privateKey) throws KeyManagementException {
        return ((TLSSystem) this.sslCtx.getWLSInfo()).getCertificateSupport().CheckIfKeyMatch(publicKey, privateKey);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void generateExportKeys() {
        try {
            this.sslCtx.addRSAExportKey(this.sslCtx.generateRSAExportKey(512, TLSSystem.getRandomNumberGenerator()));
        } catch (InvalidKeyException e) {
        } catch (NoSuchAlgorithmException e2) {
        }
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void setExportRefreshCount(int i) {
        TLSSystem tLSSystem = (TLSSystem) this.sslCtx.getWLSInfo();
        tLSSystem.getCertificateSupport().setExportKeyRefreshCountLimit(i, tLSSystem);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void setProtocolVersion(int i) throws IllegalArgumentException {
        switch (i) {
            case 0:
                this.sslCtx.setHelloProtocol("TLS1-ONLY");
                return;
            case 1:
                this.sslCtx.setHelloProtocol("SSL3-ONLY");
                return;
            case 2:
                this.sslCtx.setHelloProtocol("TLS");
                return;
            case 3:
                this.sslCtx.setHelloProtocol("TLS1/2HI");
                return;
            case 4:
                this.sslCtx.setHelloProtocol("SSL3/2HI");
                return;
            default:
                throw new IllegalArgumentException();
        }
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public SSLServerSocketFactory getSSLServerSocketFactory() {
        return this.sslCtx.getServerSocketFactory();
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public SSLSocketFactory getSSLSocketFactory() {
        return this.sslCtx.getSocketFactory();
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void setTrustManager(SSLTruster sSLTruster) {
        ((TLSSystem) this.sslCtx.getWLSInfo()).getCertificateSupport().setWLSTruster(sSLTruster);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public SSLTruster getTrustManager() {
        return ((TLSSystem) this.sslCtx.getWLSInfo()).getCertificateSupport().getWLSTruster();
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void setHostnameVerifier(SSLHostnameVerifier sSLHostnameVerifier) {
        ((TLSSystem) this.sslCtx.getWLSInfo()).getCertificateSupport().setWLSVerifier(sSLHostnameVerifier);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public SSLHostnameVerifier getHostnameVerifier() {
        return ((TLSSystem) this.sslCtx.getWLSInfo()).getCertificateSupport().getWLSVerifier();
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public X509Certificate[] getAuthChain(String str, int i) {
        return this.sslCtx.getAuthChain(str, i);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void setSecureRandom(SecureRandom secureRandom) {
        this.sslCtx.setRNG(secureRandom);
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void forceHandshakeOnAcceptedSocket(SSLSocket sSLSocket) throws IOException {
        TLSConnectionImpl connectionImpl = ((SSLSocketImpl) sSLSocket).getConnectionImpl();
        if (connectionImpl.isClosed()) {
            throw new IOException("Attempt to force handshake on closed connection");
        }
        if (connectionImpl.isHandshakeComplete()) {
            return;
        }
        connectionImpl.completeHandshake();
    }

    @Override // weblogic.security.utils.SSLContextWrapper
    public void enforceConstraints(int i) {
        if (i == SSLSetup.CONSTRAINTS_STRONG) {
            this.sslCtx.setX509BasicConstraintBug(false);
            this.sslCtx.setX509StrictConstraints(false);
        } else if (i == SSLSetup.CONSTRAINTS_STRICT) {
            this.sslCtx.setX509BasicConstraintBug(false);
            this.sslCtx.setX509StrictConstraints(true);
        } else if (i == SSLSetup.CONSTRAINTS_OFF) {
            this.sslCtx.setX509BasicConstraintBug(true);
            this.sslCtx.setX509StrictConstraints(false);
        }
    }
}
