package org.owasp.webscarab.httpclient;

import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.owasp.webscarab.util.Encoding;
import org.owasp.webscarab.util.NullComparator;

/* loaded from: input_file:org/owasp/webscarab/httpclient/SSLContextManager.class */
public class SSLContextManager {
    private SSLContext _noClientCertContext;
    private static TrustManager[] _trustAllCerts = {new X509TrustManager() { // from class: org.owasp.webscarab.httpclient.SSLContextManager.1
        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }
    }};
    static Class class$java$io$InputStream;
    private Map _contextMaps = new TreeMap(new NullComparator());
    private String _defaultKey = null;
    private Map _aliasPasswords = new HashMap();
    private List _keyStores = new ArrayList();
    private Map _keyStoreDescriptions = new HashMap();
    private Logger _logger = Logger.getLogger(getClass().getName());

    public SSLContextManager() {
        try {
            this._noClientCertContext = SSLContext.getInstance("SSL");
            this._noClientCertContext.init(null, _trustAllCerts, new SecureRandom());
        } catch (KeyManagementException e) {
            this._logger.severe(new StringBuffer().append("Error initialising the SSL Context: ").append(e).toString());
        } catch (NoSuchAlgorithmException e2) {
            this._logger.severe(new StringBuffer().append("Could not get an instance of the SSL algorithm: ").append(e2.getMessage()).toString());
        }
        try {
            initMSCAPI();
        } catch (Exception e3) {
        }
    }

    public boolean isProviderAvailable(String str) {
        try {
            if (str.equals("PKCS11")) {
                Class.forName("sun.security.pkcs11.SunPKCS11");
            } else if (str.equals("msks")) {
                Class.forName("se.assembla.jce.provider.ms.MSProvider");
            }
            return true;
        } catch (Throwable th) {
            return false;
        }
    }

    private boolean isProviderLoaded(String str) {
        return Security.getProvider(str) != null;
    }

    private int addKeyStore(KeyStore keyStore, String str) {
        int indexOf = this._keyStores.indexOf(keyStore);
        if (indexOf == -1) {
            this._keyStores.add(keyStore);
            indexOf = this._keyStores.size() - 1;
        }
        this._keyStoreDescriptions.put(keyStore, str);
        return indexOf;
    }

    public int getKeyStoreCount() {
        return this._keyStores.size();
    }

    public String getKeyStoreDescription(int i) {
        return (String) this._keyStoreDescriptions.get(this._keyStores.get(i));
    }

    public int getAliasCount(int i) {
        return getAliases((KeyStore) this._keyStores.get(i)).length;
    }

    public String getAliasAt(int i, int i2) {
        return getAliases((KeyStore) this._keyStores.get(i))[i2];
    }

    private String[] getAliases(KeyStore keyStore) {
        ArrayList arrayList = new ArrayList();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    arrayList.add(nextElement);
                }
            }
        } catch (KeyStoreException e) {
            e.printStackTrace();
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    public Certificate getCertificate(int i, int i2) {
        try {
            return ((KeyStore) this._keyStores.get(i)).getCertificate(getAliasAt(i, i2));
        } catch (Exception e) {
            return null;
        }
    }

    public String getFingerPrint(Certificate certificate) throws KeyStoreException {
        if (!(certificate instanceof X509Certificate)) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer();
        X509Certificate x509Certificate = (X509Certificate) certificate;
        try {
            String hashMD5 = Encoding.hashMD5(certificate.getEncoded());
            for (int i = 0; i < hashMD5.length(); i += 2) {
                stringBuffer.append(hashMD5.substring(i, i + 1)).append(":");
            }
            stringBuffer.deleteCharAt(stringBuffer.length() - 1);
            String name = x509Certificate.getSubjectDN().getName();
            this._logger.info(new StringBuffer().append("Fingerprint is ").append(stringBuffer.toString().toUpperCase()).toString());
            return new StringBuffer().append(stringBuffer.toString().toUpperCase()).append(" ").append(name).toString();
        } catch (CertificateEncodingException e) {
            throw new KeyStoreException(e.getMessage());
        }
    }

    public boolean isKeyUnlocked(int i, int i2) {
        KeyStore keyStore = (KeyStore) this._keyStores.get(i);
        String aliasAt = getAliasAt(i, i2);
        Map map = (Map) this._aliasPasswords.get(keyStore);
        if (map == null) {
            return false;
        }
        return map.containsKey(aliasAt);
    }

    public void setDefaultKey(String str) {
        this._defaultKey = str;
    }

    public String getDefaultKey() {
        return this._defaultKey;
    }

    private void initMSCAPI() throws KeyStoreException, NoSuchProviderException, IOException, NoSuchAlgorithmException, CertificateException {
        try {
            if (isProviderAvailable("msks")) {
                Security.addProvider((Provider) Class.forName("se.assembla.jce.provider.ms.MSProvider").newInstance());
                KeyStore keyStore = KeyStore.getInstance("msks", "assembla");
                keyStore.load(null, null);
                addKeyStore(keyStore, "Microsoft CAPI Store");
            }
        } catch (Exception e) {
            System.err.println("Error instantiating the MSCAPI provider");
            e.printStackTrace();
        }
    }

    public int initPKCS11(String str, String str2, String str3) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        Class<?> cls;
        try {
            if (!isProviderAvailable("PKCS11")) {
                return -1;
            }
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("name = ").append(str).append("\n");
            stringBuffer.append("library = ").append(str2).append("\n");
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(stringBuffer.toString().getBytes());
            Class<?> cls2 = Class.forName("sun.security.pkcs11.SunPKCS11");
            Class<?>[] clsArr = new Class[1];
            if (class$java$io$InputStream == null) {
                cls = class$("java.io.InputStream");
                class$java$io$InputStream = cls;
            } else {
                cls = class$java$io$InputStream;
            }
            clsArr[0] = cls;
            Security.addProvider((Provider) cls2.getConstructor(clsArr).newInstance(byteArrayInputStream));
            KeyStore keyStore = KeyStore.getInstance("PKCS11");
            keyStore.load(null, str3 == null ? null : str3.toCharArray());
            return addKeyStore(keyStore, "PKCS#11");
        } catch (Exception e) {
            System.err.println("Error instantiating the PKCS11 provider");
            e.printStackTrace();
            return -1;
        }
    }

    public int loadPKCS12Certificate(String str, String str2) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        FileInputStream fileInputStream = new FileInputStream(str);
        if (fileInputStream == null) {
            throw new FileNotFoundException(new StringBuffer().append(str).append(" could not be found").toString());
        }
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(fileInputStream, str2 == null ? null : str2.toCharArray());
        return addKeyStore(keyStore, new StringBuffer().append("PKCS#12 - ").append(str).toString());
    }

    private void saveKey(KeyStore keyStore, String str, String str2) {
        Map map = (Map) this._aliasPasswords.get(keyStore);
        if (map == null) {
            map = new TreeMap(new NullComparator());
            this._aliasPasswords.put(keyStore, map);
        }
        map.put(str, str2);
    }

    public void unlockKey(int i, int i2, String str) throws KeyStoreException, KeyManagementException {
        AliasKeyManager aliasKeyManager = new AliasKeyManager((KeyStore) this._keyStores.get(i), getAliasAt(i, i2), str);
        String fingerPrint = getFingerPrint(getCertificate(i, i2));
        if (fingerPrint == null) {
            this._logger.severe("No fingerprint found");
            return;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(new KeyManager[]{aliasKeyManager}, _trustAllCerts, new SecureRandom());
            String str2 = fingerPrint;
            if (str2.indexOf(" ") > 0) {
                str2 = str2.substring(0, str2.indexOf(" "));
            }
            this._contextMaps.put(str2, sSLContext);
        } catch (NoSuchAlgorithmException e) {
            this._logger.severe(new StringBuffer().append("Could not get an instance of the SSL algorithm: ").append(e.getMessage()).toString());
        }
    }

    public void invalidateSessions() {
        invalidateSession(this._noClientCertContext);
        Iterator it = this._contextMaps.keySet().iterator();
        while (it.hasNext()) {
            invalidateSession((SSLContext) this._contextMaps.get(it.next()));
        }
    }

    private void invalidateSession(SSLContext sSLContext) {
        SSLSessionContext clientSessionContext = sSLContext.getClientSessionContext();
        if (clientSessionContext != null) {
            int sessionTimeout = clientSessionContext.getSessionTimeout();
            clientSessionContext.setSessionTimeout(1);
            clientSessionContext.setSessionTimeout(sessionTimeout);
        }
        SSLSessionContext serverSessionContext = sSLContext.getServerSessionContext();
        if (serverSessionContext != null) {
            int sessionTimeout2 = serverSessionContext.getSessionTimeout();
            serverSessionContext.setSessionTimeout(1);
            serverSessionContext.setSessionTimeout(sessionTimeout2);
        }
    }

    public SSLContext getSSLContext(String str) {
        this._logger.info(new StringBuffer().append("Requested SSLContext for ").append(str).toString());
        if (str == null || str.equals("none")) {
            return this._noClientCertContext;
        }
        if (str.indexOf(" ") > 0) {
            str = str.substring(0, str.indexOf(" "));
        }
        return (SSLContext) this._contextMaps.get(str);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
