package com.avocent.kvm.base.util;

import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/avocent/kvm/base/util/SSLHelper.class */
public class SSLHelper {
    private static final String TRACE_CONTEXT = "SSLHelper";
    private static SecureRandom m_sr = new SecureRandom();
    private static final int MAX_CONTEXT_CACHE_SIZE = Integer.getInteger("SSLHelper.MAX_CONTEXT_CACHE_SIZE", 50).intValue();
    private static final int SSL_HANDSHAKE_TIMEOUT = Integer.getInteger("SSLHelper.SSL_HANDSHAKE_TIMEOUT", 5000).intValue();
    private static Map m_sslContextCache = Collections.synchronizedMap(new LinkedHashMap(16, 0.75f, true) { // from class: com.avocent.kvm.base.util.SSLHelper.1
        @Override // java.util.LinkedHashMap
        protected boolean removeEldestEntry(Map.Entry entry) {
            return size() >= SSLHelper.MAX_CONTEXT_CACHE_SIZE;
        }
    });
    private static final int TYPE_DNSNAME = 2;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/avocent/kvm/base/util/SSLHelper$SSLContextKey.class */
    public static class SSLContextKey {
        private int m_hashCode = 1431655765;
        private PrivateKey m_pkey;
        private X509Certificate[] m_clientCerts;
        private X509Certificate[] m_serverCerts;

        public SSLContextKey(PrivateKey privateKey, X509Certificate[] x509CertificateArr, X509Certificate[] x509CertificateArr2) {
            this.m_pkey = privateKey;
            this.m_clientCerts = x509CertificateArr;
            this.m_serverCerts = x509CertificateArr2;
            if (privateKey != null) {
                this.m_hashCode ^= privateKey.hashCode();
            }
            if (x509CertificateArr != null) {
                for (int i = 0; i < x509CertificateArr.length; i++) {
                    if (x509CertificateArr[i] != null) {
                        this.m_hashCode ^= x509CertificateArr[i].hashCode();
                    }
                }
            }
            if (x509CertificateArr2 != null) {
                for (int i2 = 0; i2 < x509CertificateArr2.length; i2++) {
                    if (x509CertificateArr2[i2] != null) {
                        this.m_hashCode ^= x509CertificateArr2[i2].hashCode();
                    }
                }
            }
        }

        public int hashCode() {
            return this.m_hashCode;
        }

        public boolean equals(Object obj) {
            SSLContextKey sSLContextKey = (SSLContextKey) obj;
            if (sSLContextKey.m_hashCode != this.m_hashCode) {
                return false;
            }
            if (this.m_pkey == null) {
                if (sSLContextKey.m_pkey != null) {
                    return false;
                }
            } else if (sSLContextKey.m_pkey == null || !this.m_pkey.equals(sSLContextKey.m_pkey)) {
                return false;
            }
            return Arrays.equals(this.m_clientCerts, sSLContextKey.m_clientCerts) && Arrays.equals(this.m_serverCerts, sSLContextKey.m_serverCerts);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/avocent/kvm/base/util/SSLHelper$SimpleKeyManager.class */
    public static class SimpleKeyManager implements X509KeyManager {
        private X509Certificate[] m_acertificate;
        private PrivateKey m_privateKey;

        private SimpleKeyManager(PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
            this.m_acertificate = x509CertificateArr;
            this.m_privateKey = privateKey;
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.m_acertificate == null ? new X509Certificate[0] : this.m_acertificate;
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.m_privateKey;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return "default";
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return "default";
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return new String[]{"default"};
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return new String[]{"default"};
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/avocent/kvm/base/util/SSLHelper$SimpleTrustManager.class */
    public static class SimpleTrustManager implements X509TrustManager {
        private X509Certificate[] m_ax509cTrusted;

        private SimpleTrustManager(X509Certificate[] x509CertificateArr) {
            if (x509CertificateArr == null || x509CertificateArr.length == 0) {
                return;
            }
            if (x509CertificateArr.length == 1 && x509CertificateArr[0] == null) {
                return;
            }
            this.m_ax509cTrusted = x509CertificateArr;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.m_ax509cTrusted == null) {
                return;
            }
            if (x509CertificateArr == null || x509CertificateArr.length == 0) {
                throw new CertificateException("Empty Certificate Chain");
            }
            for (int i = 0; i < this.m_ax509cTrusted.length; i++) {
                if (x509CertificateArr[0].equals(this.m_ax509cTrusted[i])) {
                    return;
                }
            }
            throw new CertificateException("Could Not Find Matching Certificate in Chain");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.m_ax509cTrusted;
        }
    }

    public static Certificate[] getCertificateChain(String str, int i) throws Exception {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: com.avocent.kvm.base.util.SSLHelper.2
                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) {
                }
            }}, null);
            SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, i);
            sSLSocket.setSoTimeout(SSL_HANDSHAKE_TIMEOUT);
            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
            sSLSocket.close();
            return peerCertificates;
        } catch (Exception e) {
            throw new Exception(e);
        }
    }

    public static SSLSocket createSSLSocket(String str, int i, int i2, boolean z) throws Exception, SSLException {
        String[] strArr = z ? new String[]{"SSL_DH_anon_WITH_DES_CBC_SHA"} : new String[]{"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_WITH_RC4_128_MD5", "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5"};
        logInfo("SSLHelper:createSSLSocket", "createSSLSocket() About to get the SSLSocketFactory");
        return createSSLSocket(null, str, i, i2, strArr, (SSLSocketFactory) SSLSocketFactory.getDefault());
    }

    public static SSLSocket createSSLSocket(Socket socket, String str, int i, int i2, String str2, String str3, String str4) throws Exception, SSLException {
        return createSSLSocket(socket, str, i, i2, str2, str3, str4, false);
    }

    public static SSLSocket createSSLSocket(Socket socket, String str, int i, int i2, String str2, String str3, String str4, boolean z) throws Exception, SSLException {
        logInfo("SSLHelper:createSSLSocket", "Arguments given: socketTcpInetAddress=" + socket.getInetAddress() + ", nPort=" + i + ", nTimeout=" + i2 + ", szClientCertificateFile=" + str2 + ", szClientFilePassphrase=" + str3 + ", szCertAuthCertificateFile=" + str4 + " and bVerifyServerIpAddress=" + z);
        if (str == null || socket == null) {
            logError("SSLHelper:createSSLSocket", "Invalid arguments. ");
            throw new Exception("Invalid arguments.");
        }
        logInfo("SSLHelper:createSSLSocket", "createSSLSocket() Determining set cipher suites to enable");
        try {
            SSLSocket createSSLSocket = createSSLSocket(socket, str, i, i2, enableCipherSuites((str2 == null && str4 == null) ? false : true), getSslSocketFactory(str2, str3, str4));
            if (str4 != null && z) {
                verifyServerIpAddress(createSSLSocket, str);
            }
            return createSSLSocket;
        } catch (SSLException e) {
            logError("SSLHelper:createSSLSocket", "Failed to establish SSL connection ", e);
            throw e;
        } catch (Exception e2) {
            logError("SSLHelper:createSSLSocket", "Failed to establish SSL connection ", e2);
            throw new Exception("Unable to connect to host");
        }
    }

    public static SSLSocket createSSLSocket(Socket socket, String str, int i, int i2, String[] strArr, SSLSocketFactory sSLSocketFactory) throws Exception, SSLException {
        if (str == null || sSLSocketFactory == null || strArr == null) {
            logError("SSLHelper:createSSLSocket", "Invalid arguments. ");
            throw new Exception("Invalid arguments.");
        }
        if (socket == null) {
            try {
                logInfo("SSLHelper:createSSLSocket", "No TCP Socket passed, creating one");
                InetAddress byName = InetAddress.getByName(str);
                socket = new Socket();
                socket.connect(new InetSocketAddress(byName, i), i2);
                logInfo("SSLHelper:createSSLSocket", "TCP Socket created.");
            } catch (SSLException e) {
                logError("SSLHelper:createSSLSocket", "Failed to establish SSL connection ", e);
                throw e;
            } catch (Exception e2) {
                logError("SSLHelper:createSSLSocket", "Failed to establish SSL connection ", e2);
                throw new Exception("Unable to connect to host");
            }
        }
        logInfo("SSLHelper:createSSLSocket", "createSSLSocket() About to create an SSLSocket over existing TCP socket=" + socket + " to Address=" + str + " and Port=" + i);
        SSLSocket sSLSocket = (SSLSocket) sSLSocketFactory.createSocket(socket, str, i, true);
        sSLSocket.setEnabledCipherSuites(strArr);
        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
        logInfo("SSLHelper:createSSLSocket", "createSSLSocket() --- Enabled cipher suites list");
        for (String str2 : enabledCipherSuites) {
            logInfo("SSLHelper:createSSLSocket", "    " + str2);
        }
        sSLSocket.setSoTimeout(i2);
        SSLHandshakeCompletedListener sSLHandshakeCompletedListener = new SSLHandshakeCompletedListener();
        logInfo("SSLHelper:createSSLSocket", "createSSLSocket() SSLSocket created, about to listen for handshake");
        sSLSocket.addHandshakeCompletedListener(sSLHandshakeCompletedListener);
        sSLSocket.startHandshake();
        int i3 = i2 / 100;
        for (int i4 = 0; !sSLHandshakeCompletedListener.isHandshakeCompleted() && i4 < i3; i4++) {
            try {
                Thread.sleep(100L);
            } catch (InterruptedException e3) {
            }
        }
        if (sSLHandshakeCompletedListener.isHandshakeCompleted()) {
            sSLSocket.setSoTimeout(0);
            logInfo("SSLHelper:createSSLSocket", "The SSLSocket was created successfully and the handshake completed");
            return sSLSocket;
        }
        sSLSocket.close();
        logError("SSLHelper:createSSLSocket", "SSL handshake did not complete in timeout");
        throw new Exception();
    }

    public static SSLSocket createSSLSocket(Socket socket, String str, int i, int i2, PrivateKey privateKey, X509Certificate x509Certificate, X509Certificate x509Certificate2, boolean z) throws Exception, SSLException {
        if (str == null || socket == null) {
            logError("SSLHelper:createSSLSocket", "Invalid arguments. ");
            throw new Exception("Invalid arguments.");
        }
        logInfo("SSLHelper:createSSLSocket", "Arguments given: socketTcpInetAddress=" + socket.getInetAddress() + ", nPort=" + i + ", nTimeout=" + i2 + ", pkClientPrivateKey=" + privateKey + ", x509ClientCertificate=" + x509Certificate + ", x509ServerCertificate=" + x509Certificate2 + " and bVerifyServerIpAddress=" + z);
        logInfo("SSLHelper:createSSLSocket", "createSSLSocket() Determining set cipher suites to enable");
        try {
            SSLSocket createSSLSocket = createSSLSocket(socket, str, i, i2, enableCipherSuites((privateKey == null && x509Certificate == null && x509Certificate2 == null) ? false : true), getSSLSocketFactory(privateKey, new X509Certificate[]{x509Certificate}, x509Certificate2));
            if (x509Certificate2 != null && z) {
                verifyServerIpAddress(createSSLSocket, str);
            }
            return createSSLSocket;
        } catch (SSLException e) {
            logError("SSLHelper:createSSLSocket", "Failed to establish SSL connection ", e);
            throw e;
        } catch (Exception e2) {
            logError("SSLHelper:createSSLSocket", "Failed to establish SSL connection ", e2);
            throw new Exception("Unable to connect to host");
        }
    }

    public static SSLSocket createSSLSocket(Socket socket, String str, int i, int i2, String str2, byte[] bArr, X509Certificate x509Certificate, boolean z) throws Exception, SSLException {
        if (str == null || socket == null) {
            logError("SSLHelper:createSSLSocket", "Invalid arguments. ");
            throw new Exception("Invalid arguments.");
        }
        logInfo("SSLHelper:createSSLSocket", "Arguments given: socketTcpInetAddress=" + socket.getInetAddress() + ", nPort=" + i + ", nTimeout=" + i2 + ", szPassPhrase=" + str2 + ", abyClientCertificate=" + bArr + ", x509ServerCertificate=" + x509Certificate + " and bVerifyServerIpAddress=" + z);
        logInfo("SSLHelper:createSSLSocket", "createSSLSocket() Determining set cipher suites to enable");
        try {
            SSLSocket createSSLSocket = createSSLSocket(socket, str, i, i2, enableCipherSuites((bArr == null && x509Certificate == null) ? false : true), getSslSocketFactory(str2, bArr, x509Certificate));
            if (x509Certificate != null && z) {
                verifyServerIpAddress(createSSLSocket, str);
            }
            return createSSLSocket;
        } catch (SSLException e) {
            logError("SSLHelper:createSSLSocket", "Failed to establish SSL connection ", e);
            throw e;
        } catch (Exception e2) {
            logError("SSLHelper:createSSLSocket", "Failed to establish SSL connection ", e2);
            throw new Exception("Unable to connect to host");
        }
    }

    private static String[] enableCipherSuites(boolean z) {
        return z ? new String[]{"SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5"} : new String[]{"SSL_DH_anon_WITH_RC4_128_MD5", "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_WITH_DES_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"};
    }

    private static SSLSocketFactory getSslSocketFactory(String str, String str2, String str3) throws Exception {
        SSLSocketFactory socketFactory;
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        if (str == null && str3 == null) {
            logInfo("SSLHelper:getSslSocketFactory", "createSSLSocket() About to get the default SSLSocketFactory");
            socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
        } else {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            KeyManagerFactory keyManagerFactory = null;
            TrustManagerFactory trustManagerFactory = null;
            if (str != null) {
                logInfo("SSLHelper:getSslSocketFactory", "Using client certificate to create KeyManager keystore.");
                char[] cArr = null;
                if (str2 != null) {
                    cArr = str2.toCharArray();
                }
                FileInputStream fileInputStream = new FileInputStream(str);
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                keyStore.load(fileInputStream, cArr);
                keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, cArr);
                logInfo("SSLHelper:getSslSocketFactory", "Closing client cert file input stream.");
                fileInputStream.close();
            }
            if (str3 != null) {
                logInfo("SSLHelper:getSslSocketFactory", "Using cert auth certificate to create TrustManager keystore.");
                FileInputStream fileInputStream2 = new FileInputStream(str3);
                Certificate generateCertificate = certificateFactory.generateCertificate(fileInputStream2);
                KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
                keyStore2.load(null, null);
                keyStore2.setCertificateEntry("CA alias", generateCertificate);
                trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore2);
                logInfo("SSLHelper:getSslSocketFactory", "Closing cert auth file input stream.");
                fileInputStream2.close();
            }
            logInfo("SSLHelper:getSslSocketFactory", "Initializing SSL context with KeyManagerFactory=" + keyManagerFactory + " and TrustManagerFactory=" + trustManagerFactory + ".");
            sSLContext.init(keyManagerFactory == null ? null : keyManagerFactory.getKeyManagers(), trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(), null);
            logInfo("SSLHelper:getSslSocketFactory", "createSSLSocket() About to get the SSLSocketFactory");
            socketFactory = sSLContext.getSocketFactory();
        }
        return socketFactory;
    }

    private static SSLSocketFactory getSslSocketFactory(String str, byte[] bArr, X509Certificate x509Certificate) throws Exception {
        SSLSocketFactory socketFactory;
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        if (bArr == null && x509Certificate == null) {
            logInfo("SSLHelper:getSslSocketFactory", "createSSLSocket() About to get the default SSLSocketFactory");
            socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
        } else {
            CertificateFactory.getInstance("X.509");
            KeyManagerFactory keyManagerFactory = null;
            TrustManagerFactory trustManagerFactory = null;
            if (bArr != null) {
                logInfo("SSLHelper:getSslSocketFactory", "Using client cert bytes to create KeyManager keystore.");
                char[] cArr = null;
                if (str != null) {
                    cArr = str.toCharArray();
                }
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                keyStore.load(byteArrayInputStream, cArr);
                keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, cArr);
            }
            if (x509Certificate != null) {
                logInfo("SSLHelper:getSslSocketFactory", "Using cert auth certificate to create TrustManager keystore.");
                KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
                keyStore2.load(null, null);
                keyStore2.setCertificateEntry("CA alias", x509Certificate);
                trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore2);
            }
            logInfo("SSLHelper:getSslSocketFactory", "Initializing SSL context with KeyManagerFactory=" + keyManagerFactory + " and TrustManagerFactory=" + trustManagerFactory + ".");
            sSLContext.init(keyManagerFactory == null ? null : keyManagerFactory.getKeyManagers(), trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(), null);
            logInfo("SSLHelper:getSslSocketFactory", "createSSLSocket() About to get the SSLSocketFactory");
            socketFactory = sSLContext.getSocketFactory();
        }
        return socketFactory;
    }

    private static void verifyServerIpAddress(SSLSocket sSLSocket, String str) throws Exception {
        SSLSession session = sSLSocket.getSession();
        if (session != null) {
            logInfo("SSLHelper:verifyServerIpAddress", "Server authentication required.  Getting the server certificate chain from the SSL context, then verifying IP Address in the certificate matches the one we connected to...");
            Certificate[] peerCertificates = session.getPeerCertificates();
            logInfo("SSLHelper:verifyServerIpAddress", "aPeerCerts=" + peerCertificates);
            if (peerCertificates == null || peerCertificates.length <= 0) {
                return;
            }
            X509Certificate x509Certificate = (X509Certificate) peerCertificates[0];
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            logInfo("SSLHelper:verifyServerIpAddress", "serverCert=" + x509Certificate + ", parsedServerCert=" + subjectAlternativeNames);
            if (subjectAlternativeNames != null) {
                for (List<?> list : subjectAlternativeNames) {
                    if (((Integer) list.get(0)).longValue() == 2) {
                        String str2 = (String) list.get(1);
                        logInfo("SSLHelper:verifyServerIpAddress", "Found  IP Address=" + str2 + " inside server certificate.");
                        if (str2.equals(str)) {
                            logError("SSLHelper:verifyServerIpAddress", "Server IP Address inside certificate matches the IP Address we connected to.  SSL Connection Succeeded.");
                            return;
                        } else {
                            logError("SSLHelper:verifyServerIpAddress", "Server IP Address inside certificate does not match the IP Address we connected to--dropping the connection.");
                            throw new Exception();
                        }
                    }
                }
            }
        }
    }

    public static SSLSocketFactory getSSLSocketFactory() throws IOException {
        return getSSLContext(null, null, null).getSocketFactory();
    }

    public static SSLSocketFactory getSSLSocketFactory(X509Certificate x509Certificate) throws IOException {
        return getSSLContext(null, null, new X509Certificate[]{x509Certificate}).getSocketFactory();
    }

    public static SSLSocketFactory getSSLSocketFactory(X509Certificate[] x509CertificateArr) throws IOException {
        return getSSLContext(null, null, x509CertificateArr).getSocketFactory();
    }

    public static SSLSocketFactory getSSLSocketFactory(PrivateKey privateKey, X509Certificate[] x509CertificateArr) throws IOException {
        return getSSLContext(privateKey, x509CertificateArr, null).getSocketFactory();
    }

    public static SSLSocketFactory getSSLSocketFactory(PrivateKey privateKey, X509Certificate[] x509CertificateArr, X509Certificate x509Certificate) throws IOException {
        return getSSLContext(privateKey, x509CertificateArr, new X509Certificate[]{x509Certificate}).getSocketFactory();
    }

    public static SSLSocketFactory getSSLSocketFactory(PrivateKey privateKey, X509Certificate[] x509CertificateArr, X509Certificate[] x509CertificateArr2) throws IOException {
        return getSSLContext(privateKey, x509CertificateArr, x509CertificateArr2).getSocketFactory();
    }

    public static SSLServerSocketFactory getSSLServerSocketFactory(PrivateKey privateKey, X509Certificate[] x509CertificateArr) throws IOException {
        return getSSLContext(privateKey, x509CertificateArr, null).getServerSocketFactory();
    }

    public static SSLServerSocketFactory getSSLServerSocketFactory(PrivateKey privateKey, X509Certificate[] x509CertificateArr, X509Certificate x509Certificate) throws IOException {
        return getSSLContext(privateKey, x509CertificateArr, new X509Certificate[]{x509Certificate}).getServerSocketFactory();
    }

    public static SSLServerSocketFactory getSSLServerSocketFactory(PrivateKey privateKey, X509Certificate[] x509CertificateArr, X509Certificate[] x509CertificateArr2) throws IOException {
        return getSSLContext(privateKey, x509CertificateArr, x509CertificateArr2).getServerSocketFactory();
    }

    private static SSLContext getSSLContext(PrivateKey privateKey, X509Certificate[] x509CertificateArr, X509Certificate[] x509CertificateArr2) throws IOException {
        SSLContextKey sSLContextKey = new SSLContextKey(privateKey, x509CertificateArr, x509CertificateArr2);
        SSLContext sSLContext = (SSLContext) m_sslContextCache.get(sSLContextKey);
        if (sSLContext == null) {
            try {
                sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(new KeyManager[]{new SimpleKeyManager(privateKey, x509CertificateArr)}, new TrustManager[]{new SimpleTrustManager(x509CertificateArr2)}, m_sr);
                m_sslContextCache.put(sSLContextKey, sSLContext);
            } catch (KeyManagementException e) {
                logError(TRACE_CONTEXT, "Unable to create SSL Context", e);
                throw new IOException("KeyManagementException: " + e);
            } catch (NoSuchAlgorithmException e2) {
                logError(TRACE_CONTEXT, "Unable to create SSL Context", e2);
                throw new IOException("NoSuchAlgorithmException: " + e2);
            }
        }
        return sSLContext;
    }

    static void logInfo(String str, String str2) {
        LogPrintStream.getDefaultInstance().println(str + ": " + str2);
    }

    static void logError(String str, String str2) {
        LogPrintStream.getDefaultInstance().println(str + ": " + str2);
    }

    static void logError(String str, String str2, Throwable th) {
        LogPrintStream.getDefaultInstance().println(str + ": " + str2);
        th.printStackTrace();
    }
}
