package com.buildforge.services.common.ssl.config;

import com.buildforge.services.common.ServiceException;
import com.buildforge.services.common.config.BFClientConf;
import com.buildforge.services.common.dbo.GlobalSecurityDBO;
import com.buildforge.services.common.dbo.MessageDBO;
import com.buildforge.services.common.dbo.SSLDBO;
import com.buildforge.services.common.security.PasswordManager;
import com.buildforge.services.server.api.ServerContext;
import com.buildforge.services.server.manager.GlobalSecurityManager;
import com.buildforge.services.server.manager.SSLManager;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:com/buildforge/services/common/ssl/config/SSLConfigManager.class */
public class SSLConfigManager {
    private Map<String, SSLConfig> sslConfigsByUuid = new HashMap();
    private Map<String, SSLConfig> sslConfigsByAlias = new HashMap();
    private SSLConfig servicesLayerJSSEInbound = null;
    private SSLConfig ldapJSSEOutbound = null;
    private SSLConfig servicesLayerJSSEOutbound = null;
    private boolean serverSSLEnabled = false;
    private static final Logger log = Logger.getLogger(SSLConfigManager.class.getName());
    private static SSLConfigManager me = null;

    private SSLConfigManager() {
        try {
            if (PasswordManager.isServer()) {
                initializeServerConfig();
            } else {
                initializeClientConfig();
            }
        } catch (Exception e) {
            MessageDBO messageDBO = new MessageDBO(MessageDBO.Severity.WARNING, "SSLConfigMgrInitError", new String[0]);
            if (log.isLoggable(Level.WARNING)) {
                log.log(Level.WARNING, messageDBO.translate(), (Throwable) e);
            }
        }
    }

    public static SSLConfigManager getInstance() {
        if (me == null) {
            me = new SSLConfigManager();
        }
        return me;
    }

    public void initializeClientConfig() throws Exception {
        initializeClientConfig(null);
    }

    public void initializeClientConfig(String str) throws Exception {
        try {
            BFClientConf bFClientConf = BFClientConf.get();
            if (bFClientConf.getLoadedFromLocation() == null) {
                return;
            }
            SSLConfig sSLConfig = new SSLConfig();
            sSLConfig.setUuid("client");
            sSLConfig.setAlias("client");
            sSLConfig.setKeyStoreId(bFClientConf.getSSLKeyStoreRef());
            sSLConfig.setTrustStoreId(bFClientConf.getSSLTrustStoreRef());
            sSLConfig.setClientCertAlias(bFClientConf.getSSLCertAlias());
            sSLConfig.setProtocol(bFClientConf.getSSLProtocol());
            sSLConfig.setCipherSuiteGroup(bFClientConf.getSSLCipherGroup());
            sSLConfig.setEnabledCiphers(bFClientConf.getSSLCipherOverride());
            this.servicesLayerJSSEInbound = sSLConfig;
            this.servicesLayerJSSEOutbound = sSLConfig;
            this.sslConfigsByUuid.put("client", sSLConfig);
            this.sslConfigsByAlias.put("client", sSLConfig);
        } catch (Exception e) {
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "Could not get access to the SSL configuration due to the following error: " + e.getClass().getName(), (Throwable) e);
            }
        }
    }

    public void initializeServerConfig() throws Exception {
        ServerContext serverContext = new ServerContext();
        try {
            try {
                serverContext.getAuthContext().becomeSystem();
                List<SSLDBO> allSSLDBOs = getAllSSLDBOs(serverContext);
                if (allSSLDBOs == null || allSSLDBOs.size() == 0) {
                    log.info("There are no SSL configs configured.");
                    if (0 == 0) {
                        serverContext.commit();
                    } else {
                        serverContext.rollback();
                    }
                    serverContext.closeDBConnections();
                    return;
                }
                for (SSLDBO ssldbo : allSSLDBOs) {
                    try {
                        SSLConfig sSLConfig = new SSLConfig(ssldbo);
                        this.sslConfigsByUuid.put(sSLConfig.getUuid(), sSLConfig);
                        this.sslConfigsByAlias.put(sSLConfig.getAlias(), sSLConfig);
                    } catch (Exception e) {
                        if (log.isLoggable(Level.WARNING)) {
                            log.log(Level.WARNING, new MessageDBO(MessageDBO.Severity.WARNING, "SSLConfigInitError", ssldbo.getAlias()).translate(), (Throwable) e);
                        }
                    }
                }
                GlobalSecurityDBO globalSecurityDBO = getGlobalSecurityDBO(serverContext);
                if (globalSecurityDBO != null) {
                    this.servicesLayerJSSEInbound = this.sslConfigsByUuid.get(globalSecurityDBO.getSSLInJSSEServicesId());
                    this.servicesLayerJSSEOutbound = this.sslConfigsByUuid.get(globalSecurityDBO.getSSLOutJSSEServicesId());
                    this.ldapJSSEOutbound = this.sslConfigsByUuid.get(globalSecurityDBO.getSSLOutJSSELdapsId());
                    this.serverSSLEnabled = globalSecurityDBO.getSSLEnabled();
                    log.log(Level.FINE, "SSL enabled: " + this.serverSSLEnabled);
                    log.log(Level.FINE, "SSL SL inbound: " + this.servicesLayerJSSEInbound);
                    log.log(Level.FINE, "SSL SL outbound: " + this.servicesLayerJSSEOutbound);
                    log.log(Level.FINE, "SSL LDAPS outbound: " + this.ldapJSSEOutbound);
                }
            } catch (Exception e2) {
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, "Could not get access to the SSL configuration due to the following error: " + e2.getClass().getName(), (Throwable) e2);
                }
                throw e2;
            }
        } finally {
            if (0 == 0) {
                serverContext.commit();
            } else {
                serverContext.rollback();
            }
            serverContext.closeDBConnections();
        }
    }

    public static void clearCachedObjects() {
        me = null;
    }

    public SSLConfig getSSLConfigByUuid(String str) {
        return this.sslConfigsByUuid.get(str);
    }

    public SSLConfig getSSLConfigByAlias(String str) {
        return this.sslConfigsByAlias.get(str);
    }

    public Map<String, SSLConfig> getSSLConfigMap() {
        return this.sslConfigsByAlias;
    }

    public boolean isServerSSLEnabled() {
        return this.serverSSLEnabled;
    }

    public SSLConfig getServicesLayerInboundSSLConfig() {
        return this.servicesLayerJSSEInbound;
    }

    public SSLConfig getServicesLayerOutboundSSLConfig() {
        return this.servicesLayerJSSEOutbound;
    }

    public SSLConfig getLDAPOutboundSSLConfig() {
        return this.ldapJSSEOutbound;
    }

    public static String[] adjustSupportedCiphersToSecurityLevel(String[] strArr, SSLDBO.CipherGroup cipherGroup) {
        if (strArr == null || strArr.length <= 0) {
            return strArr;
        }
        ArrayList arrayList = new ArrayList();
        if (cipherGroup == null) {
            cipherGroup = SSLDBO.CipherGroup.MEDIUM;
        }
        if (cipherGroup.equals(SSLDBO.CipherGroup.LOW)) {
            for (int i = 0; i < strArr.length; i++) {
                if ((strArr[i].indexOf("_anon_") != -1 || strArr[i].indexOf("_NULL_") != -1) && strArr[i].indexOf("_KRB5_") == -1) {
                    arrayList.add(strArr[i]);
                }
            }
            String[] strArr2 = (String[]) arrayList.toArray(new String[0]);
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "LOW: adjustSupportedCiphersToSecurityLevel -> " + convertCipherListToString(strArr2));
            }
            return strArr2;
        }
        if (cipherGroup.equals(SSLDBO.CipherGroup.MEDIUM)) {
            for (int i2 = 0; i2 < strArr.length; i2++) {
                if ((strArr[i2].indexOf("40_") != -1 || strArr[i2].indexOf("_DES_") != -1) && strArr[i2].indexOf("_anon_") == -1 && strArr[i2].indexOf("_NULL_") == -1 && strArr[i2].indexOf("_KRB5_") == -1) {
                    arrayList.add(strArr[i2]);
                }
            }
            String[] strArr3 = (String[]) arrayList.toArray(new String[0]);
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "MEDIUM: adjustSupportedCiphersToSecurityLevel -> " + convertCipherListToString(strArr3));
            }
            return strArr3;
        }
        if (!cipherGroup.equals(SSLDBO.CipherGroup.HIGH)) {
            for (int i3 = 0; i3 < strArr.length; i3++) {
                if (strArr[i3].indexOf("_anon_") == -1 && strArr[i3].indexOf("_NULL_") == -1 && strArr[i3].indexOf("_KRB5_") == -1) {
                    arrayList.add(strArr[i3]);
                }
            }
            String[] strArr4 = (String[]) arrayList.toArray(new String[0]);
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "ALL: adjustSupportedCiphersToSecurityLevel -> " + convertCipherListToString(strArr4));
            }
            return strArr4;
        }
        for (int i4 = 0; i4 < strArr.length; i4++) {
            if ((strArr[i4].indexOf("128_") != -1 || strArr[i4].indexOf("_3DES_") != -1) && strArr[i4].indexOf("_anon_") == -1 && strArr[i4].indexOf("_NULL_") == -1 && strArr[i4].indexOf("_KRB5_") == -1) {
                arrayList.add(strArr[i4]);
            }
        }
        String[] strArr5 = (String[]) arrayList.toArray(new String[0]);
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, "HIGH: adjustSupportedCiphersToSecurityLevel -> " + convertCipherListToString(strArr5));
        }
        return strArr5;
    }

    public static String convertCipherListToString(String[] strArr) {
        if (strArr == null || strArr.length == 0) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (String str : strArr) {
            stringBuffer.append(str);
            stringBuffer.append(" ");
        }
        return stringBuffer.toString();
    }

    public static String[] convertCipherStringToList(String str) {
        if (str == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str);
        while (stringTokenizer.hasMoreTokens()) {
            arrayList.add(stringTokenizer.nextToken());
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    private static List<SSLDBO> getAllSSLDBOs(ServerContext serverContext) throws ServiceException {
        return SSLManager.findAll(serverContext);
    }

    private static GlobalSecurityDBO getGlobalSecurityDBO(ServerContext serverContext) throws ServiceException {
        return GlobalSecurityManager.find(serverContext);
    }
}
