package Altibase.jdbc.driver.cm;

import Altibase.jdbc.driver.ex.Error;
import Altibase.jdbc.driver.ex.ErrorDef;
import Altibase.jdbc.driver.util.AltibaseProperties;
import Altibase.jdbc.driver.util.StringUtils;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.SocketAddress;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.sql.SQLException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:Altibase/jdbc/driver/cm/CmSecureSocket.class */
public class CmSecureSocket extends CmTcpSocket {
    private static final String DEFAULT_KEYSTORE_TYPE = "JKS";
    private SSLProperties mSslProps;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CmSecureSocket(AltibaseProperties altibaseProperties) {
        super(altibaseProperties);
        this.mSslProps = new SSLProperties(altibaseProperties);
    }

    @Override // Altibase.jdbc.driver.cm.CmTcpSocket
    public CmConnType getConnType() {
        return CmConnType.SSL;
    }

    @Override // Altibase.jdbc.driver.cm.CmTcpSocket, Altibase.jdbc.driver.cm.CmSocket
    public void open(SocketAddress socketAddress) throws SQLException {
        try {
            this.mSocket = getSslSocketFactory(this.mSslProps).createSocket();
            if (this.mSslProps.getCipherSuiteList() != null) {
                ((SSLSocket) this.mSocket).setEnabledCipherSuites(this.mSslProps.getCipherSuiteList());
            }
            connectTcpSocket(socketAddress);
            String[] protocols = this.mSslProps.getProtocols();
            if (protocols != null) {
                ((SSLSocket) this.mSocket).setEnabledProtocols(protocols);
            }
            ((SSLSocket) this.mSocket).startHandshake();
        } catch (Exception e) {
            Error.throwCommunicationErrorException(e);
        }
    }

    private SSLSocketFactory getSslSocketFactory(SSLProperties sSLProperties) throws SQLException {
        String keyStoreUrl = sSLProperties.getKeyStoreUrl();
        String keyStorePassword = sSLProperties.getKeyStorePassword();
        String keyStoreType = sSLProperties.getKeyStoreType();
        String trustStoreUrl = sSLProperties.getTrustStoreUrl();
        String trustStorePassword = sSLProperties.getTrustStorePassword();
        String trustStoreType = sSLProperties.getTrustStoreType();
        TrustManagerFactory trustManagerFactory = null;
        KeyManagerFactory keyManagerFactory = null;
        try {
            trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        } catch (NoSuchAlgorithmException e) {
            Error.throwSQLException(ErrorDef.DEFAULT_ALGORITHM_DEFINITION_INVALID, e);
        }
        loadKeyStore(keyStoreUrl, keyStorePassword, keyStoreType, keyManagerFactory);
        if (sSLProperties.verifyServerCertificate()) {
            loadKeyStore(trustStoreUrl, trustStorePassword, trustStoreType, trustManagerFactory);
        }
        return createAndInitSslContext(sSLProperties, keyStoreUrl, trustStoreUrl, trustManagerFactory, keyManagerFactory).getSocketFactory();
    }

    private SSLContext createAndInitSslContext(SSLProperties sSLProperties, String str, String str2, TrustManagerFactory trustManagerFactory, KeyManagerFactory keyManagerFactory) throws SQLException {
        TrustManager[] trustManagerArr;
        SSLContext sSLContext = null;
        try {
            sSLContext = SSLContext.getInstance("TLS");
            KeyManager[] keyManagers = StringUtils.isEmpty(str) ? null : keyManagerFactory.getKeyManagers();
            if (sSLProperties.verifyServerCertificate()) {
                trustManagerArr = StringUtils.isEmpty(str2) ? null : trustManagerFactory.getTrustManagers();
            } else {
                trustManagerArr = new X509TrustManager[]{BlindTrustManager.getInstance()};
            }
            sSLContext.init(keyManagers, trustManagerArr, null);
        } catch (KeyManagementException e) {
            Error.throwSQLException(ErrorDef.KEY_MANAGEMENT_EXCEPTION_OCCURRED, e.getMessage(), e);
        } catch (NoSuchAlgorithmException e2) {
            Error.throwSQLException(ErrorDef.UNSUPPORTED_KEYSTORE_ALGORITHM, e2.getMessage(), e2);
        }
        return sSLContext;
    }

    private void loadKeyStore(String str, String str2, String str3, Object obj) throws SQLException {
        if (StringUtils.isEmpty(str)) {
            return;
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                KeyStore keyStore = KeyStore.getInstance(StringUtils.isEmpty(str3) ? DEFAULT_KEYSTORE_TYPE : str3);
                                FileInputStream fileInputStream2 = new FileInputStream(StringUtils.validateFilePath(str));
                                char[] charArray = str2 == null ? new char[0] : str2.toCharArray();
                                keyStore.load(fileInputStream2, charArray);
                                if (obj instanceof KeyManagerFactory) {
                                    ((KeyManagerFactory) obj).init(keyStore, charArray);
                                } else if (obj instanceof TrustManagerFactory) {
                                    ((TrustManagerFactory) obj).init(keyStore);
                                }
                                if (fileInputStream2 != null) {
                                    try {
                                        fileInputStream2.close();
                                    } catch (IOException e) {
                                        Error.throwSQLExceptionForIOException(e);
                                    }
                                }
                            } catch (Throwable th) {
                                if (0 != 0) {
                                    try {
                                        fileInputStream.close();
                                    } catch (IOException e2) {
                                        Error.throwSQLExceptionForIOException(e2);
                                        throw th;
                                    }
                                }
                                throw th;
                            }
                        } catch (NoSuchAlgorithmException e3) {
                            Error.throwSQLException(ErrorDef.UNSUPPORTED_KEYSTORE_ALGORITHM, e3.getMessage(), e3);
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (IOException e4) {
                                    Error.throwSQLExceptionForIOException(e4);
                                }
                            }
                        }
                    } catch (CertificateException e5) {
                        Error.throwSQLException(ErrorDef.CAN_NOT_LOAD_KEYSTORE, str3, e5);
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e6) {
                                Error.throwSQLExceptionForIOException(e6);
                            }
                        }
                    }
                } catch (IOException e7) {
                    Error.throwSQLException(ErrorDef.CAN_NOT_OPEN_KEYSTORE, e7);
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e8) {
                            Error.throwSQLExceptionForIOException(e8);
                        }
                    }
                }
            } catch (KeyStoreException e9) {
                Error.throwSQLException(ErrorDef.CAN_NOT_CREATE_KEYSTORE_INSTANCE, e9.getMessage(), e9);
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e10) {
                        Error.throwSQLExceptionForIOException(e10);
                    }
                }
            }
        } catch (UnrecoverableKeyException e11) {
            Error.throwSQLException(ErrorDef.CAN_NOT_RETREIVE_KEY_FROM_KEYSTORE, e11);
            if (0 != 0) {
                try {
                    fileInputStream.close();
                } catch (IOException e12) {
                    Error.throwSQLExceptionForIOException(e12);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getEnabledCipherSuites() {
        return ((SSLSocket) this.mSocket).getEnabledCipherSuites();
    }
}
