package com.sybase.jdbc4.jdbc;

import com.sybase.jdbc4.utils.Debug;
import com.sybase.jdbc4.utils.JCEProviderUtil;
import com.sybase.jdbcx.SybSocketFactory;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Properties;
import java.util.Vector;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/sybase/jdbc4/jdbc/SybSSLSocketFactory.class */
public class SybSSLSocketFactory extends SSLSocketFactory implements SybSocketFactory {
    public static final String[] ASE_FIPS_ONLY_CIPHER_SUITES = {"TLS_RSA_WITH_AES_256_GCM_SHA384", "SSL_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "SSL_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA", "SSL_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "SSL_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "TLS_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "TLS_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA", "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", "SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA"};
    public static final String[] ASE_ALL_CIPHER_SUITES = {"TLS_RSA_WITH_AES_256_GCM_SHA384", "SSL_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "SSL_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA", "SSL_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "SSL_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_MD5", "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_DSS_WITH_RC4_128_SHA", "SSL_DHE_DSS_WITH_RC4_128_SHA", "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "TLS_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "TLS_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA", "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA", "SSL_RSA_EXPORT1024_WITH_RC4_56_SHA", "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA", "SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA", "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", "SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", "TLS_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"};

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        return createSocket(str, i, (Properties) null, 0);
    }

    @Override // com.sybase.jdbcx.SybSocketFactory
    public Socket createSocket(String str, int i, Properties properties) throws IOException, UnknownHostException {
        return createSocket(str, i, properties, 0);
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.sybase.jdbcx.SybSocketFactory
    public Socket createSocket(String str, int i, Properties properties, int i2) throws IOException, UnknownHostException {
        SSLSocket sSLSocket;
        Object obj = null;
        String str2 = null;
        boolean z = false;
        boolean z2 = false;
        String str3 = "TLSv1";
        if (properties != null) {
            str2 = properties.getProperty("SSL_HOSTNAME_IN_CERT");
            z = new Boolean(properties.getProperty("SSL_TRUST_ALL_CERTS", "false")).booleanValue();
            obj = properties.get("JCE_PROVIDER_CLASS");
            z2 = new Boolean(properties.getProperty("ENABLE_FIPS", "false")).booleanValue();
            str3 = properties.getProperty("SSL_MIN_PROTOCOL_VERSION", "TLSv1");
        }
        try {
            JCEProviderUtil.initProvider(obj, z2);
            if (z) {
                try {
                    String[] protocols = SSLContext.getDefault().getDefaultSSLParameters().getProtocols();
                    ArrayList arrayList = new ArrayList(SybProperty.SSL_VALID_PROROCOLS_LIST);
                    arrayList.retainAll(new ArrayList(Arrays.asList(protocols)));
                    SSLContext sSLContext = SSLContext.getInstance((String) arrayList.get(arrayList.size() - 1));
                    sSLContext.init(null, getTrustManager(), new SecureRandom());
                    sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, i);
                } catch (Exception e) {
                    throw new IOException(e);
                }
            } else {
                sSLSocket = (SSLSocket) SSLSocketFactory.getDefault().createSocket(str, i);
            }
            HttpsURLConnection.setDefaultHostnameVerifier(getHostnameVerifier(str2));
            Vector vector = new Vector();
            List asList = Arrays.asList(sSLSocket.getSupportedCipherSuites());
            Arrays.asList(sSLSocket.getEnabledCipherSuites());
            String[] strArr = z2 ? ASE_FIPS_ONLY_CIPHER_SUITES : ASE_ALL_CIPHER_SUITES;
            for (int i3 = 0; i3 < strArr.length; i3++) {
                if (asList.contains(strArr[i3])) {
                    vector.add(strArr[i3]);
                }
            }
            if (vector.size() != 0) {
                String[] strArr2 = new String[vector.size()];
                vector.copyInto(strArr2);
                sSLSocket.setEnabledCipherSuites(strArr2);
            }
            sSLSocket.setEnabledProtocols(enableSSLProtocols(sSLSocket, str3));
            boolean z3 = false;
            try {
                try {
                    sSLSocket.setSoTimeout(i2);
                    sSLSocket.startHandshake();
                    if (sSLSocket != null && 0 != 0) {
                        try {
                            sSLSocket.close();
                        } catch (IOException e2) {
                        }
                    }
                    return sSLSocket;
                } catch (Exception e3) {
                    z3 = true;
                    throw new IOException(ErrorMessage.ERR_READ_TIMEOUT, e3);
                }
            } catch (Throwable th) {
                if (sSLSocket != null && z3) {
                    try {
                        sSLSocket.close();
                    } catch (IOException e4) {
                        throw th;
                    }
                }
                throw th;
            }
        } catch (Exception e5) {
            throw new IOException(e5);
        }
    }

    protected void setProtocol(SSLSocket sSLSocket) {
        sSLSocket.setEnabledProtocols(enableSSLProtocols(sSLSocket, "TLSv1"));
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        Debug.notImplemented(this, "getDefaultCipherSuites()");
        return null;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        Debug.notImplemented(this, "getSupportedCipherSuites()");
        return null;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) {
        Debug.notImplemented(this, "java.net.Socket createSocket(java.lang.String host, int port, java.net.InetAddress clientAddress, int clientPort)");
        return null;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) {
        Debug.notImplemented(this, "java.net.Socket createSocket(java.net.InetAddress host, int port");
        return null;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) {
        Debug.notImplemented(this, "java.net.Socket createSocket(java.net.InetAddress host, int port, java.net.InetAddress clientAddress, int clientPort)");
        return null;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) {
        Debug.notImplemented(this, "java.net.Socket createSocket(String host, int port, boolean autoClose");
        return null;
    }

    private TrustManager[] getTrustManager() {
        return new TrustManager[]{new X509TrustManager() { // from class: com.sybase.jdbc4.jdbc.SybSSLSocketFactory.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }
        }};
    }

    private HostnameVerifier getHostnameVerifier(String str) {
        return new HostnameVerifier() { // from class: com.sybase.jdbc4.jdbc.SybSSLSocketFactory.2
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str2, SSLSession sSLSession) {
                return str2.equalsIgnoreCase(sSLSession.getPeerHost());
            }
        };
    }

    private String[] enableSSLProtocols(SSLSocket sSLSocket, String str) {
        String[] supportedProtocols = sSLSocket.getSupportedProtocols();
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList(supportedProtocols));
        int indexOf = SybProperty.SSL_VALID_PROROCOLS_LIST.indexOf(str);
        for (int i = 0; i < indexOf; i++) {
            arrayList.remove(SybProperty.SSL_VALID_PROROCOLS_LIST.get(i));
        }
        arrayList.retainAll(SybProperty.SSL_VALID_PROROCOLS_LIST);
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }
}
