package com.ibm.mq.ese.config;

import com.ibm.disthub2.impl.client.BaseConfig;
import com.ibm.mq.constants.MQPropertyIdentifiers;
import com.ibm.mq.ese.core.PkiSpec;
import com.ibm.mq.ese.nls.AmsErrorMessageInserts;
import com.ibm.mq.ese.nls.AmsErrorMessages;
import com.ibm.msg.client.commonservices.trace.Trace;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.Security;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;

/* loaded from: input_file:com/ibm/mq/ese/config/PkiConfig.class */
public class PkiConfig {
    public static final String sccsid = "@(#) MQMBID sn=p941-001-241129 su=_t1g7ca5ZEe-Gk5kuRFntVg pn=com.ibm.mq.ese/src/com/ibm/mq/ese/config/PkiConfig.java";
    public PkiSpec pkiSpec = new PkiSpec();
    private static final Set<String> TRUE;

    public PkiConfig(Properties properties) throws ConfigException {
        if (properties == null) {
            throw new IllegalArgumentException("null");
        }
        LinkedList linkedList = new LinkedList();
        LinkedList linkedList2 = new LinkedList();
        for (Map.Entry entry : properties.entrySet()) {
            String obj = entry.getKey().toString();
            if (obj.toUpperCase().startsWith("CRL.URI")) {
                linkedList.add(obj);
            } else if (obj.toUpperCase().startsWith("CRL.FILE")) {
                linkedList2.add(obj);
            } else if (obj.toUpperCase().startsWith("OCSP.ENABLE")) {
                String obj2 = entry.getValue().toString();
                if (obj2 == null || !TRUE.contains(obj2.toLowerCase())) {
                    disableOCSP();
                } else {
                    enableOCSP();
                }
            }
        }
        initCrlFiles(properties, linkedList2);
        initCrlUris(properties, linkedList);
        initCrlLdap(properties);
        if (TRUE.contains(getPropertyCaseInsensitive(properties, "CRL.CDP"))) {
            this.pkiSpec.checkCDP = true;
        }
    }

    protected void enableOCSP() {
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.mq.ese.config.PkiConfig.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                Security.setProperty("ocsp.enable", "true");
                return null;
            }
        });
    }

    protected void disableOCSP() {
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.mq.ese.config.PkiConfig.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                Security.setProperty("ocsp.enable", "false");
                return null;
            }
        });
    }

    private void initCrlLdap(Properties properties) {
        String propertyCaseInsensitive = getPropertyCaseInsensitive(properties, "CRL.LDAP.HOST");
        String propertyCaseInsensitive2 = getPropertyCaseInsensitive(properties, "CRL.LDAP.PORT");
        if (propertyCaseInsensitive != null) {
            this.pkiSpec.ldapConfig.connections.add(0, new PkiSpec.ConnectionConfig(-1, propertyCaseInsensitive, propertyCaseInsensitive2));
        }
        for (int i = 1; i < 10; i++) {
            String propertyCaseInsensitive3 = getPropertyCaseInsensitive(properties, "CRL.LDAP.HOST." + i);
            String propertyCaseInsensitive4 = getPropertyCaseInsensitive(properties, "CRL.LDAP.PORT." + i);
            if (propertyCaseInsensitive3 != null) {
                this.pkiSpec.ldapConfig.connections.add(new PkiSpec.ConnectionConfig(i, propertyCaseInsensitive3, propertyCaseInsensitive4));
            }
        }
    }

    private String getPropertyCaseInsensitive(Properties properties, String str) {
        String property = properties.getProperty(str);
        if (property != null) {
            return property.trim();
        }
        String property2 = properties.getProperty(str.toLowerCase());
        if (property2 != null) {
            return property2.trim();
        }
        String property3 = properties.getProperty(str.toUpperCase());
        if (property3 != null) {
            return property3.trim();
        }
        for (String str2 : properties.keySet()) {
            if (str.equalsIgnoreCase(str2)) {
                String property4 = properties.getProperty(str2);
                if (property4 == null) {
                    return null;
                }
                return property4.trim();
            }
        }
        return null;
    }

    private void initCrlUris(Properties properties, List<String> list) throws ConfigException {
        String str;
        String str2;
        int i = 0;
        Collections.sort(list);
        this.pkiSpec.crlUris = new URI[list.size()];
        try {
            String str3 = (String) AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.mq.ese.config.PkiConfig.3
                @Override // java.security.PrivilegedExceptionAction
                public Object run() {
                    return System.getProperty("file.encoding");
                }
            });
            for (String str4 : list) {
                String property = properties.getProperty(str4);
                if (property != null) {
                    String trim = property.trim();
                    if (str3 == null) {
                        str3 = "UTF-8";
                    }
                    try {
                        String[] split = trim.split("://");
                        if (split.length > 1) {
                            str = split[0];
                            str2 = split[1];
                        } else {
                            str = "file";
                            str2 = split[0];
                        }
                        if (!str2.startsWith(BaseConfig.SUBTOPIC_SEPARATOR)) {
                            HashMap hashMap = new HashMap();
                            hashMap.put(AmsErrorMessageInserts.AMS_INSERT_FILENAME, str4);
                            throw new ConfigException(AmsErrorMessages.mqo_s_usermap_error_relative_path, (HashMap<String, ? extends Object>) hashMap);
                        }
                        int i2 = i;
                        i++;
                        this.pkiSpec.crlUris[i2] = new URI(str, str2, null);
                    } catch (URISyntaxException e) {
                        throw new ConfigException(AmsErrorMessages.mqo_s_usermap_error_parsing_config_file);
                    }
                }
            }
        } catch (PrivilegedActionException e2) {
            throw new ConfigException(e2.getException());
        }
    }

    private void initCrlFiles(Properties properties, List<String> list) {
        Collections.sort(list);
        this.pkiSpec.crlFiles = new String[list.size()];
        int i = 0;
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String property = properties.getProperty(it.next());
            if (property != null) {
                int i2 = i;
                i++;
                this.pkiSpec.crlFiles[i2] = property.trim();
            }
        }
    }

    public void validate(List<String> list) {
        for (int i = 0; i < this.pkiSpec.crlUris.length; i++) {
            String scheme = this.pkiSpec.crlUris[i].getScheme();
            if (scheme == null || !(scheme == null || scheme.equals("file"))) {
                list.add("CRL.URI");
                break;
            }
        }
        for (int i2 = 0; i2 < this.pkiSpec.crlFiles.length; i2++) {
            String str = this.pkiSpec.crlFiles[i2];
            if (str == null || str.length() == 0) {
                list.add("CRL.FILE");
                break;
            }
        }
        for (PkiSpec.ConnectionConfig connectionConfig : this.pkiSpec.ldapConfig.connections) {
            if (connectionConfig.port == null || connectionConfig.port.length() == 0) {
                addConnError(list, "CRL.LDAP.PORT", connectionConfig.index);
            }
            try {
                connectionConfig.portNum = Integer.valueOf(connectionConfig.port).intValue();
            } catch (Exception e) {
                addConnError(list, "CRL.LDAP.PORT", connectionConfig.index);
            }
        }
    }

    private void addConnError(List<String> list, String str, int i) {
        if (i == -1) {
            list.add(str);
        } else {
            list.add(str + MQPropertyIdentifiers.RFH2_FOLDER_SEPARATOR + i);
        }
    }

    static {
        if (Trace.isOn) {
            Trace.data("com.ibm.mq.ese.config.PkiConfig", "static", "SCCS id", (Object) sccsid);
        }
        TRUE = new HashSet();
        TRUE.addAll(Arrays.asList("true", "TRUE", "on", "ON", "1", "yes"));
    }
}
