package edu.uiuc.ncsa.security.util.ssl;

import edu.uiuc.ncsa.security.core.configuration.Configurations;
import edu.uiuc.ncsa.security.core.util.MyLoggingFacade;
import java.io.Serializable;
import org.apache.commons.configuration.tree.ConfigurationNode;

/* loaded from: input_file:WEB-INF/lib/ncsa-security-util-3.3.jar:edu/uiuc/ncsa/security/util/ssl/SSLConfigurationUtil.class */
public class SSLConfigurationUtil implements Serializable {
    public static final String SSL_KEYSTORE_TAG = "keystore";
    public static final String SSL_TAG = "ssl";
    public static final String SSL_DEBUG_TAG = "debug";
    public static final String SSL_KEYSTORE_PATH = "path";
    public static final String SSL_KEYSTORE_PASSWORD = "password";
    public static final String SSL_KEYSTORE_TYPE = "type";
    public static final String SSL_KEYSTORE_FACTORY = "factory";
    public static final String SSL_TRUSTSTORE_USE_JAVA_TRUSTSTORE = "useJavaTrustStore";
    public static final String SSL_TRUSTSTORE_USE_JAVA_TRUSTSTORE_OLD = "useJavaKeystore";
    public static final String SSL_TRUSTSTORE_TAG = "trustStore";
    public static final String SSL_TRUSTSTORE_PATH = "path";
    public static final String SSL_TRUSTSTORE_PASSWORD = "password";
    public static final String SSL_TRUSTSTORE_TYPE = "type";

    protected static SSLConfiguration getOLDSSLConfiguration(MyLoggingFacade myLoggingFacade, ConfigurationNode configurationNode) {
        if (myLoggingFacade != null) {
            myLoggingFacade.info("Loading an (old) SSL configuration");
        }
        SSLConfiguration sSLConfiguration = new SSLConfiguration();
        if (configurationNode == null) {
            sSLConfiguration.setUseDefaultJavaTrustStore(true);
        } else {
            sSLConfiguration.setKeystore(Configurations.getFirstAttribute(configurationNode, "path"));
            sSLConfiguration.setKeystorePassword(Configurations.getFirstAttribute(configurationNode, "password"));
            sSLConfiguration.setKeyManagerFactory(Configurations.getFirstAttribute(configurationNode, "factory"));
            sSLConfiguration.setKeystoreType(Configurations.getFirstAttribute(configurationNode, "type"));
            String firstAttribute = Configurations.getFirstAttribute(configurationNode, "useJavaKeystore");
            if (firstAttribute == null) {
                sSLConfiguration.setUseDefaultJavaTrustStore(true);
            } else {
                sSLConfiguration.setUseDefaultJavaTrustStore(Boolean.parseBoolean(firstAttribute));
            }
        }
        return sSLConfiguration;
    }

    protected static SSLConfiguration getNEWSSLConfiguration(MyLoggingFacade myLoggingFacade, ConfigurationNode configurationNode) {
        if (myLoggingFacade != null) {
            myLoggingFacade.info("Loading an SSL configuration");
        }
        SSLConfiguration sSLConfiguration = new SSLConfiguration();
        if (configurationNode == null) {
            if (myLoggingFacade != null) {
                myLoggingFacade.info("Using default Java trust store only.");
            }
            sSLConfiguration.setUseDefaultJavaTrustStore(true);
        } else {
            String firstAttribute = Configurations.getFirstAttribute(configurationNode, "debug");
            if (firstAttribute != null) {
                try {
                    if (Boolean.parseBoolean(firstAttribute)) {
                        if (myLoggingFacade != null) {
                            myLoggingFacade.warn("Enabled full SSL debug mode.");
                        }
                        System.setProperty("javax.net.debug", SSL_TAG);
                    } else {
                        if (myLoggingFacade != null) {
                            myLoggingFacade.info("No SSL debug enabled.");
                        }
                        System.setProperty("javax.net.debug", null);
                    }
                } catch (Throwable th) {
                }
                String firstAttribute2 = Configurations.getFirstAttribute(configurationNode, SSL_TRUSTSTORE_USE_JAVA_TRUSTSTORE);
                if (firstAttribute2 == null) {
                    String firstAttribute3 = Configurations.getFirstAttribute(configurationNode, "useJavaKeystore");
                    if (firstAttribute3 == null) {
                        sSLConfiguration.setUseDefaultJavaTrustStore(true);
                    } else {
                        sSLConfiguration.setUseDefaultJavaTrustStore(Boolean.parseBoolean(firstAttribute3));
                    }
                } else {
                    sSLConfiguration.setUseDefaultJavaTrustStore(Boolean.parseBoolean(firstAttribute2));
                }
                ConfigurationNode firstNode = Configurations.getFirstNode(configurationNode, "keystore");
                if (firstNode != null) {
                    sSLConfiguration.setKeystore(Configurations.getNodeValue(firstNode, "path"));
                    sSLConfiguration.setKeystorePassword(Configurations.getNodeValue(firstNode, "password"));
                    sSLConfiguration.setKeyManagerFactory(Configurations.getNodeValue(firstNode, "factory"));
                    sSLConfiguration.setKeystoreType(Configurations.getNodeValue(firstNode, "type"));
                }
                ConfigurationNode firstNode2 = Configurations.getFirstNode(configurationNode, SSL_TRUSTSTORE_TAG);
                if (firstNode2 != null) {
                    sSLConfiguration.setTrustRootPath(Configurations.getNodeValue(firstNode2, "path"));
                    sSLConfiguration.setTrustRootPassword(Configurations.getNodeValue(firstNode2, "password"));
                    sSLConfiguration.setTrustRootType(Configurations.getNodeValue(firstNode2, "type"));
                }
            }
            if (myLoggingFacade != null) {
                myLoggingFacade.info("Done loading SSL configuration");
            }
        }
        return sSLConfiguration;
    }

    public static SSLConfiguration getSSLConfiguration(MyLoggingFacade myLoggingFacade, ConfigurationNode configurationNode) {
        ConfigurationNode firstNode = Configurations.getFirstNode(configurationNode, "keystore");
        return firstNode != null ? getOLDSSLConfiguration(myLoggingFacade, firstNode) : getNEWSSLConfiguration(myLoggingFacade, Configurations.getFirstNode(configurationNode, SSL_TAG));
    }
}
