package com.ibm.ws.sip.stack.network;

import com.ibm.ws.sip.stack.config.Configuration;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:sipstack.jar:com/ibm/ws/sip/stack/network/SipSecurity.class */
public class SipSecurity {
    private static final Logger s_log = com.ibm.ws.sip.stack.logging.Logger.getLogger(SipSecurity.class);
    private static SSLContext s_tlsContext = null;

    private static void init(Configuration configuration) {
        SSLContext sSLContext;
        Provider provider;
        String tlsProtocol = configuration.getTlsProtocol();
        String tlsProvider = configuration.getTlsProvider();
        String tlsKeyManager = configuration.getTlsKeyManager();
        String tlsKeyStoreType = configuration.getTlsKeyStoreType();
        String tlsKeyStoreFile = configuration.getTlsKeyStoreFile();
        String tlsKeyStorePassword = configuration.getTlsKeyStorePassword();
        String tlsTrustManager = configuration.getTlsTrustManager();
        String tlsTrustStoreType = configuration.getTlsTrustStoreType();
        String tlsTrustStoreFile = configuration.getTlsTrustStoreFile();
        String tlsTrustStorePassword = configuration.getTlsTrustStorePassword();
        try {
            provider = Security.getProvider(tlsProvider);
        } catch (Exception e) {
            if (s_log.isLoggable(Level.SEVERE)) {
                s_log.log(Level.SEVERE, "Error initializing TLS", (Throwable) e);
            }
            sSLContext = null;
        }
        if (provider == null) {
            throw new IllegalArgumentException("no such provider [" + tlsProvider + ']');
        }
        if (tlsKeyManager == null) {
            tlsKeyManager = KeyManagerFactory.getDefaultAlgorithm();
        }
        if (tlsTrustManager == null) {
            tlsTrustManager = TrustManagerFactory.getDefaultAlgorithm();
        }
        sSLContext = SSLContext.getInstance(tlsProtocol, provider);
        KeyStore keyStore = KeyStore.getInstance(tlsKeyStoreType);
        InputStream systemResourceAsStream = ClassLoader.getSystemResourceAsStream(tlsKeyStoreFile);
        if (systemResourceAsStream == null && s_log.isLoggable(Level.WARNING)) {
            s_log.log(Level.WARNING, "could not find key file [" + tlsKeyStoreFile + ']');
        }
        keyStore.load(systemResourceAsStream, tlsKeyStorePassword.toCharArray());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(tlsKeyManager, provider);
        keyManagerFactory.init(keyStore, tlsKeyStorePassword.toCharArray());
        KeyStore keyStore2 = KeyStore.getInstance(tlsTrustStoreType);
        InputStream systemResourceAsStream2 = ClassLoader.getSystemResourceAsStream(tlsTrustStoreFile);
        if (systemResourceAsStream2 == null && s_log.isLoggable(Level.WARNING)) {
            s_log.log(Level.WARNING, "could not find trust file [" + tlsTrustStoreFile + ']');
        }
        keyStore2.load(systemResourceAsStream2, tlsTrustStorePassword.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(tlsTrustManager, provider);
        trustManagerFactory.init(keyStore2);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        s_tlsContext = sSLContext;
    }

    public static void term(Configuration configuration) {
        if (configuration.getTlsContextReuse()) {
            return;
        }
        s_tlsContext = null;
    }

    public static SSLContext getTlsContext(Configuration configuration) {
        if (s_tlsContext == null) {
            synchronized (SipSecurity.class) {
                if (s_tlsContext == null) {
                    init(configuration);
                }
            }
            if (s_tlsContext == null) {
                throw new RuntimeException("TLS failed to initialize");
            }
        }
        return s_tlsContext;
    }
}
