package weblogic.security.SSL.jsseadapter;

import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import weblogic.management.provider.CommandLine;
import weblogic.security.SSL.SSLEnabledProtocolVersions;
import weblogic.security.SSL.SSLEnabledProtocolVersionsLogging;
import weblogic.security.SSL.jsseadapter.JaLogger;
import weblogic.security.utils.SSLSetup;
import weblogic.utils.encoders.BASE64Decoder;

/* loaded from: input_file:weblogic/security/SSL/jsseadapter/JaSSLSupport.class */
public final class JaSSLSupport {
    private static final String TLS_ONLY = "TLS";
    private static final String ALL_KEY = "ALL";
    private static final String SSL3_TLS = "SSL3_TLS";
    static final String CERT_BEGIN_HEADER = "-----BEGIN CERTIFICATE-----";
    static final String CERT_END_HEADER = "-----END CERTIFICATE-----";
    private static final String SSL3 = "SSLv3";
    private static final String[] SSL3_ONLY = {SSL3};
    private static volatile Map<String, String[]> SUPPORTED_PROTOCOLS = null;
    private static final boolean disableNullCipher = Boolean.getBoolean("weblogic.security.disableNullCipher");
    private static boolean allowUnencryptedNullCipher = Boolean.getBoolean("weblogic.ssl.AllowUnencryptedNullCipher");
    private static boolean sendEmptyCAList = false;
    private static volatile boolean x509BasicConstraintsStrict = false;
    private static volatile boolean noV1CAs = false;
    private static boolean anonymousCipherAllowed = Boolean.getBoolean("weblogic.security.SSL.AllowAnonymousCipher");

    private static void initSupportedProtocols(String[] strArr) {
        if (SUPPORTED_PROTOCOLS == null) {
            HashMap hashMap = new HashMap(4);
            hashMap.put(SSL3, SSL3_ONLY);
            String[] grabTLSProtocols = grabTLSProtocols(strArr);
            String[] strArr2 = new String[grabTLSProtocols.length + 1];
            System.arraycopy(SSL3_ONLY, 0, strArr2, 0, SSL3_ONLY.length);
            System.arraycopy(grabTLSProtocols, 0, strArr2, 1, grabTLSProtocols.length);
            hashMap.put(TLS_ONLY, grabTLSProtocols);
            hashMap.put(SSL3_TLS, strArr2);
            hashMap.put(ALL_KEY, strArr);
            SUPPORTED_PROTOCOLS = hashMap;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String[] getEnabledProtocols(String[] strArr) {
        String sSLMinimumProtocolVersion = CommandLine.getCommandLine().getSSLMinimumProtocolVersion();
        if (null != sSLMinimumProtocolVersion) {
            return SSLEnabledProtocolVersions.getJSSEProtocolVersions(sSLMinimumProtocolVersion, strArr, new SSLEnabledProtocolVersionsLogging());
        }
        initSupportedProtocols(strArr);
        Object obj = null;
        switch (SSLSetup.getProtocolVersion()) {
            case 0:
                obj = TLS_ONLY;
                break;
            case 1:
                obj = SSL3;
                break;
            case 2:
                obj = SSL3_TLS;
                break;
            case 3:
                obj = ALL_KEY;
                break;
        }
        String[] strArr2 = null;
        String[] strArr3 = null;
        if (obj != null) {
            strArr3 = SUPPORTED_PROTOCOLS.get(obj);
        }
        if (strArr3 != null) {
            strArr2 = new String[strArr3.length];
            System.arraycopy(strArr3, 0, strArr2, 0, strArr3.length);
        }
        return strArr2;
    }

    public static String[] combineCiphers(String[] strArr, String[] strArr2) {
        int length = strArr != null ? 0 + strArr.length : 0;
        if (strArr2 != null) {
            length += strArr2.length;
        }
        ArrayList arrayList = new ArrayList(length);
        if (strArr != null && strArr.length > 0) {
            for (String str : strArr) {
                arrayList.add(str);
            }
        }
        if (strArr2 != null && strArr2.length > 0) {
            for (String str2 : strArr2) {
                arrayList.add(str2);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public static synchronized boolean isUnEncrytedNullCipherAllowed() {
        if (!disableNullCipher) {
            return allowUnencryptedNullCipher;
        }
        if (allowUnencryptedNullCipher) {
            throw new IllegalArgumentException("Can not start SSL due to conflicting configuration - System configure parameter of weblogic.security.disableNullCipher = true, and configure parameter weblogic.security.ssl.allowUnencryptedNullCipher = true");
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isAnonymousCipherAllowed() {
        return anonymousCipherAllowed;
    }

    public static synchronized void setSendEmptyCAList(boolean z) {
        sendEmptyCAList = z;
    }

    public static synchronized boolean isSendEmptyCAListEnabled() {
        return sendEmptyCAList;
    }

    public static PrivateKey getLocalIdentityPrivateKey(InputStream inputStream, char[] cArr) throws KeyManagementException {
        return RSAPKFactory.getPrivateKey(inputStream, cArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] readFully(InputStream inputStream) throws IOException {
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        byte[] bArr = new byte[dataInputStream.available()];
        dataInputStream.readFully(bArr);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] decodeData(String str) throws IOException {
        return new BASE64Decoder().decodeBuffer(str);
    }

    static void loadCerts(KeyStore keyStore, Certificate[] certificateArr) {
        for (Certificate certificate : certificateArr) {
            try {
                keyStore.setCertificateEntry(certificate.toString(), certificate);
            } catch (KeyStoreException e) {
                if (JaLogger.isLoggable(Level.SEVERE)) {
                    JaLogger.log(Level.SEVERE, JaLogger.Component.TRUSTSTORE_MANAGER, e, "Error loading CAs into trust KeyStore.", new Object[0]);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setX509BasicConstraintsStrict(boolean z) {
        x509BasicConstraintsStrict = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isX509BasicConstraintsStrict() {
        return x509BasicConstraintsStrict;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setNoV1CAs(boolean z) {
        noV1CAs = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isNoV1CAs() {
        return noV1CAs;
    }

    private static String[] grabTLSProtocols(String[] strArr) {
        String[] strArr2 = new String[0];
        if (strArr != null && strArr.length > 0) {
            ArrayList arrayList = new ArrayList();
            for (String str : strArr) {
                if (str.startsWith(TLS_ONLY)) {
                    arrayList.add(str);
                }
            }
            if (arrayList.size() > 0) {
                strArr2 = (String[]) arrayList.toArray(strArr2);
            }
        }
        return strArr2;
    }
}
