package org.openliberty.wsc;

import com.google.common.io.Closeables;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509TrustManager;
import net.shibboleth.utilities.java.support.xml.SerializeSupport;
import org.apache.commons.io.IOUtils;
import org.apache.commons.ssl.KeyMaterial;
import org.apache.commons.ssl.SSL;
import org.apache.commons.ssl.SSLClient;
import org.apache.commons.ssl.TrustMaterial;
import org.openliberty.LibConstants;
import org.openliberty.LibUtils;
import org.opensaml.soap.client.http.HttpSOAPRequestParameters;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/idwsfconsumer-2.1.0.jar:org/openliberty/wsc/SSLUtilities.class */
public class SSLUtilities {
    private static final String SSL_RSA_WITH_RC4_128_MD5 = "SSL_RSA_WITH_RC4_128_MD5";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SSLUtilities.class);

    @Deprecated
    public static boolean useOldStyleSSL = false;

    @Deprecated
    public static X509TrustManager xtm = new X509TrustManager() { // from class: org.openliberty.wsc.SSLUtilities.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    };

    @Deprecated
    public static HostnameVerifier hnv = new HostnameVerifier() { // from class: org.openliberty.wsc.SSLUtilities.2
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    };

    public static X509Certificate loadX509Certificate(String str) {
        X509Certificate x509Certificate = null;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            File file = new File(str);
            if (file.exists()) {
                try {
                    x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new FileInputStream(file));
                } catch (FileNotFoundException e) {
                    log.error("Failed to load certificate from file " + file.getPath());
                    e.printStackTrace();
                }
            } else {
                x509Certificate = (X509Certificate) certificateFactory.generateCertificate(SSLUtilities.class.getResourceAsStream(str));
            }
        } catch (CertificateException e2) {
            log.error("Failed to load certificate: " + str);
            e2.printStackTrace();
        }
        if (null != x509Certificate) {
            OpenLibertyBootstrap.getTrustedCertificates().add(x509Certificate);
        }
        return x509Certificate;
    }

    public static String postSOAPMessageNOTLS(String str, Element element) {
        String nodeToString = SerializeSupport.nodeToString(element);
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
            httpURLConnection.setDoOutput(true);
            httpURLConnection.setDoInput(true);
            httpURLConnection.setRequestMethod("POST");
            httpURLConnection.setRequestProperty(HttpSOAPRequestParameters.SOAP_ACTION_HEADER, "");
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(httpURLConnection.getOutputStream());
            outputStreamWriter.write(nodeToString);
            outputStreamWriter.flush();
            outputStreamWriter.close();
            return IOUtils.toString(httpURLConnection.getInputStream(), StandardCharsets.UTF_8);
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static String postSOAPMessage(String str, Element element, boolean z) throws GeneralSecurityException, IOException {
        String str2;
        boolean isDebugEnabled = log.isDebugEnabled();
        if (useOldStyleSSL) {
            initializeSSLProtocol();
            return postSOAPMessageViaHttpURLConnection(str, element);
        }
        SSLClient sSLClient = new SSLClient();
        Iterator it = SSL.SUPPORTED_CIPHERS_SET.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (SSL_RSA_WITH_RC4_128_MD5.equals(it.next())) {
                String[] enabledCiphers = sSLClient.getEnabledCiphers();
                String[] strArr = new String[enabledCiphers.length + 1];
                for (int i = 0; i < enabledCiphers.length; i++) {
                    strArr[i] = enabledCiphers[i];
                }
                strArr[strArr.length - 1] = SSL_RSA_WITH_RC4_128_MD5;
                sSLClient.setEnabledCiphers(strArr);
                if (isDebugEnabled) {
                    log.debug("Cyphers Enabled:");
                    for (String str3 : sSLClient.getEnabledCiphers()) {
                        log.debug("  > " + str3);
                    }
                }
            }
        }
        sSLClient.addTrustMaterial(TrustMaterial.DEFAULT);
        Iterator<X509Certificate> it2 = OpenLibertyBootstrap.getTrustedCertificates().iterator();
        while (it2.hasNext()) {
            sSLClient.addTrustMaterial(new TrustMaterial(it2.next()));
        }
        sSLClient.setCheckHostname(OpenLibertyBootstrap.isCheckHostName());
        sSLClient.setCheckExpiry(OpenLibertyBootstrap.isCheckExpiry());
        if (z) {
            sSLClient.setKeyMaterial(new KeyMaterial(OpenLibertyBootstrap.getDefaultClientTLSPKSPath(), OpenLibertyBootstrap.getDefaultClientTLSPKSPassword().toCharArray()));
        }
        URL url = new URL(str);
        if (isDebugEnabled) {
            log.debug("ClientTLS: " + z + " host: " + url.getHost() + " port: " + url.getPort() + " query: " + url.getPath());
        }
        SSLSocket sSLSocket = (SSLSocket) sSLClient.createSocket(url.getHost(), url.getPort());
        if (isDebugEnabled) {
            log.debug("Socket created");
        }
        PrintWriter printWriter = new PrintWriter(new BufferedWriter(new OutputStreamWriter(sSLSocket.getOutputStream())));
        String nodeToString = SerializeSupport.nodeToString(element);
        if (LibConstants.USE_AXIS_1_3_GREGORIAN_CALENDAR_SERIALIZATION_BUG_WORKAROUND) {
            nodeToString = LibUtils.fixAxisGCSBug(nodeToString);
        }
        printWriter.println("POST " + url.getPath() + " HTTP/1.1");
        printWriter.println("Host: " + url.getHost());
        printWriter.println("Content-Type: text/soap+xml; charset=utf-8");
        printWriter.println("Content-Length: " + nodeToString.length());
        printWriter.println("Connection: close");
        printWriter.println("SOAPAction: \"\"\n");
        printWriter.println(nodeToString);
        printWriter.println();
        printWriter.flush();
        if (isDebugEnabled) {
            log.debug("SOAP Message Sent");
        }
        InputStream inputStream = sSLSocket.getInputStream();
        if (isDebugEnabled) {
            log.debug("input stream created");
        }
        if (null == inputStream) {
            sSLSocket.close();
            return "";
        }
        String iOUtils = IOUtils.toString(inputStream, StandardCharsets.UTF_8);
        if (LibConstants.USE_AXIS_1_3_GREGORIAN_CALENDAR_SERIALIZATION_BUG_WORKAROUND) {
            iOUtils = LibUtils.fixAxisGCSBug(iOUtils);
        }
        sSLSocket.close();
        Closeables.closeQuietly(inputStream);
        if (isDebugEnabled) {
            log.debug("input stream closed");
        }
        int indexOf = iOUtils.indexOf("<");
        if (indexOf != -1) {
            int lastIndexOf = iOUtils.lastIndexOf(62);
            str2 = lastIndexOf < iOUtils.length() - 1 ? iOUtils.substring(indexOf, lastIndexOf + 1) : iOUtils.substring(indexOf);
        } else {
            log.error("BAD RESPONSE FROM SERVER, EXPECTED SOAP");
            log.error(iOUtils);
            str2 = "";
        }
        if (isDebugEnabled) {
            log.debug("RESPONSE:");
            log.debug(str2);
        }
        return str2;
    }

    @Deprecated
    public static void initializeSSLProtocol() {
        SSLContext sSLContext = null;
        try {
            sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new X509TrustManager[]{xtm}, new SecureRandom());
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
        }
        if (sSLContext != null) {
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        }
        HttpsURLConnection.setDefaultHostnameVerifier(hnv);
    }

    @Deprecated
    public static String postSOAPMessageViaHttpURLConnection(String str, Element element) throws IOException {
        try {
            HttpURLConnection createConnection = createConnection(str);
            OutputStream outputStream = createConnection.getOutputStream();
            IOUtils.write(SerializeSupport.nodeToString(element), outputStream);
            outputStream.flush();
            IOUtils.closeQuietly(outputStream);
            InputStream inputStream = createConnection.getResponseCode() == 200 ? createConnection.getInputStream() : createConnection.getErrorStream();
            if (null == inputStream) {
                return "";
            }
            String iOUtils = IOUtils.toString(inputStream);
            IOUtils.closeQuietly(inputStream);
            return iOUtils;
        } catch (IOException e) {
            throw e;
        }
    }

    @Deprecated
    public static String postSOAPFileViaHttpURLConnection(String str, String str2) throws IOException {
        try {
            HttpURLConnection createConnection = createConnection(str);
            InputStream resourceAsStream = SSLUtilities.class.getResourceAsStream(str2);
            String iOUtils = IOUtils.toString(resourceAsStream);
            IOUtils.closeQuietly(resourceAsStream);
            OutputStream outputStream = createConnection.getOutputStream();
            IOUtils.write(iOUtils, outputStream);
            outputStream.flush();
            IOUtils.closeQuietly(outputStream);
            InputStream inputStream = createConnection.getInputStream();
            String iOUtils2 = IOUtils.toString(inputStream);
            IOUtils.closeQuietly(inputStream);
            return iOUtils2;
        } catch (IOException e) {
            throw e;
        }
    }

    @Deprecated
    public static String postSOAPMessageViaHttpURLConnection(String str, String str2) throws IOException {
        try {
            HttpURLConnection createConnection = createConnection(str);
            OutputStream outputStream = createConnection.getOutputStream();
            IOUtils.write(str2, outputStream);
            outputStream.flush();
            IOUtils.closeQuietly(outputStream);
            InputStream inputStream = createConnection.getInputStream();
            String iOUtils = IOUtils.toString(inputStream);
            IOUtils.closeQuietly(inputStream);
            return iOUtils;
        } catch (IOException e) {
            throw e;
        }
    }

    @Deprecated
    public static InputStream postSOAPMessageViaHttpURLConnectionIS(String str, String str2) throws IOException {
        try {
            HttpURLConnection createConnection = createConnection(str);
            OutputStream outputStream = createConnection.getOutputStream();
            IOUtils.write(str2, outputStream);
            outputStream.flush();
            IOUtils.closeQuietly(outputStream);
            return createConnection.getInputStream();
        } catch (IOException e) {
            throw e;
        }
    }

    @Deprecated
    private static HttpURLConnection createConnection(String str) throws IOException {
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setDoOutput(true);
        httpURLConnection.setDoInput(true);
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        httpURLConnection.setRequestProperty(HttpSOAPRequestParameters.SOAP_ACTION_HEADER, "");
        httpURLConnection.setInstanceFollowRedirects(false);
        httpURLConnection.setUseCaches(false);
        return httpURLConnection;
    }
}
