package oracle.net.nt;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Executable;
import java.net.Socket;
import java.nio.channels.Channels;
import java.nio.channels.FileChannel;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Objects;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import oracle.jdbc.OracleConnection;
import oracle.jdbc.driver.ClioSupport;
import oracle.jdbc.driver.DMSFactory;
import oracle.jdbc.internal.Monitor;
import oracle.jdbc.internal.OpaqueString;
import oracle.jdbc.logging.annotations.Blind;
import oracle.jdbc.logging.annotations.Log;
import oracle.jdbc.logging.annotations.PropertiesBlinder;
import oracle.net.jdbc.nl.NVFactory;
import oracle.net.jdbc.nl.NVNavigator;
import oracle.net.jdbc.nl.NVPair;
import oracle.net.ns.NetException;
import oracle.security.jps.service.keystore.KeyStoreServiceLoadStoreParameter;

/* loaded from: input_file:oracle/net/nt/CustomSSLSocketFactory.class */
public class CustomSSLSocketFactory {
    public static final String DEFAULT_SSO_WALLET_FILE_NAME = "cwallet.sso";
    public static final String DEFAULT_PKCS12_WALLET_FILE_NAME = "ewallet.p12";
    public static final String SSO_WALLET_TYPE = "SSO";
    public static final String PKCS12_WALLET_TYPE = "PKCS12";
    public static final String PKCS11_WALLET_TYPE = "PKCS11";
    public static final String WINDOWS_MY_WALLET_TYPE = "Windows-MY";
    public static final String JKS_TYPE = "JKS";
    public static final String KSS_TYPE = "KSS";
    public static final String SUPPORTED_METHOD_TYPE = "FILE";
    private static final String SSO_FILE_EXTENSION = ".sso";
    private static final String P12_FILE_EXTENSION = ".p12";
    private static final String PFX_FILE_EXTENSION = ".pfx";
    private static final String JKS_FILE_EXTENSION = ".jks";
    private static final String KSS_URI_SCHEME = "kss://";
    private static final String ORACLE_PKI_PROVIDER_CLASS = "oracle.security.pki.OraclePKIProvider";
    private static final String KSS_PROVIDER_CLASS = "oracle.security.jps.internal.keystore.provider.FarmKeyStoreProvider";
    public static SSLSocketFactory defSSLFactory;
    public static boolean initDefFactory;
    private static SSLContext defSSLContext;
    private static boolean initDefSSLContext;
    private static final SSLConfig DEF_CONTEXT_CONFIG;
    DMSFactory.DMSNoun dmsParent = null;
    private static final Monitor DEF_FACTORY_INIT_MONITOR = Monitor.newInstance();
    private static final Monitor DEF_CONTEXT_INIT_MONITOR = Monitor.newInstance();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:oracle/net/nt/CustomSSLSocketFactory$AliasKeyManager.class */
    public static class AliasKeyManager extends X509ExtendedKeyManager {
        private final String alias;
        private final X509KeyManager keyManager;

        AliasKeyManager(X509KeyManager x509KeyManager, String str) {
            this.keyManager = x509KeyManager;
            this.alias = str;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return chooseEngineClientAlias(strArr, principalArr, null);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
            for (String str : strArr) {
                if (isMatchFound(this.keyManager.getClientAliases(str, principalArr), this.alias)) {
                    return this.alias;
                }
            }
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return chooseEngineServerAlias(str, principalArr, null);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
            if (isMatchFound(this.keyManager.getServerAliases(str, principalArr), this.alias)) {
                return this.alias;
            }
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.keyManager.getCertificateChain(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.keyManager.getClientAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.keyManager.getPrivateKey(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.keyManager.getServerAliases(str, principalArr);
        }

        private boolean isMatchFound(String[] strArr, String str) {
            if (strArr == null) {
                return false;
            }
            for (String str2 : strArr) {
                if (str2.equalsIgnoreCase(str)) {
                    return true;
                }
            }
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:oracle/net/nt/CustomSSLSocketFactory$SSLConfig.class */
    public static final class SSLConfig {
        String keyStore;
        String keyStoreType;
        OpaqueString keyStorePassword;
        String certificateAlias;
        String keyManagerFacAlgo;
        String trustStore;
        String trustStoreType;
        OpaqueString trustStorePassword;
        String trustManagerFacAlgo;
        String sslContextProtocol;
        boolean isCaCertsTrusted;

        private SSLConfig() {
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof SSLConfig)) {
                return false;
            }
            SSLConfig sSLConfig = (SSLConfig) obj;
            return Objects.equals(this.keyStore, sSLConfig.keyStore) && Objects.equals(this.keyStoreType, sSLConfig.keyStoreType) && Objects.equals(this.keyStorePassword, sSLConfig.keyStorePassword) && Objects.equals(this.certificateAlias, sSLConfig.certificateAlias) && Objects.equals(this.keyManagerFacAlgo, sSLConfig.keyManagerFacAlgo) && Objects.equals(this.trustStore, sSLConfig.trustStore) && Objects.equals(this.trustStoreType, sSLConfig.trustStoreType) && Objects.equals(this.trustStorePassword, sSLConfig.trustStorePassword) && Objects.equals(this.trustManagerFacAlgo, sSLConfig.trustManagerFacAlgo) && Objects.equals(this.sslContextProtocol, sSLConfig.sslContextProtocol) && Objects.equals(Boolean.valueOf(this.isCaCertsTrusted), Boolean.valueOf(sSLConfig.isCaCertsTrusted));
        }
    }

    private CustomSSLSocketFactory() {
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v15, types: [javax.net.ssl.SSLSocketFactory] */
    public static SSLSocketFactory getSSLSocketFactory(Properties properties, DMSFactory.DMSNoun dMSNoun) throws IOException {
        MetricsEnabledSSLSocketFactoryWrapper metricsEnabledSSLSocketFactoryWrapper;
        SSLConfig readSSLConfig = readSSLConfig(properties);
        if ((readSSLConfig.keyStore != null && readSSLConfig.keyStore.equalsIgnoreCase("NONE")) || (readSSLConfig.trustStore != null && readSSLConfig.trustStore.equalsIgnoreCase("NONE"))) {
            return (SSLSocketFactory) SSLSocketFactory.getDefault();
        }
        SSLContext sSLContext = getSSLContext(readSSLConfig);
        if (sSLContext == defSSLContext) {
            if (!initDefFactory) {
                Monitor.CloseableLock acquireCloseableLock = DEF_FACTORY_INIT_MONITOR.acquireCloseableLock();
                Throwable th = null;
                try {
                    try {
                        if (!initDefFactory) {
                            defSSLFactory = sSLContext.getSocketFactory();
                            initDefFactory = true;
                        }
                        if (acquireCloseableLock != null) {
                            if (0 != 0) {
                                try {
                                    acquireCloseableLock.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                acquireCloseableLock.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (acquireCloseableLock != null) {
                        if (th != null) {
                            try {
                                acquireCloseableLock.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            acquireCloseableLock.close();
                        }
                    }
                    throw th3;
                }
            }
            metricsEnabledSSLSocketFactoryWrapper = defSSLFactory;
        } else {
            metricsEnabledSSLSocketFactoryWrapper = new MetricsEnabledSSLSocketFactoryWrapper(sSLContext.getSocketFactory(), dMSNoun);
        }
        return metricsEnabledSSLSocketFactoryWrapper;
    }

    public static SSLEngine getSSLSocketEngine(String str, int i, @Blind(PropertiesBlinder.class) Properties properties) throws IOException {
        SSLConfig readSSLConfig = readSSLConfig(properties);
        if ((readSSLConfig.keyStore == null || !readSSLConfig.keyStore.equalsIgnoreCase("NONE")) && (readSSLConfig.trustStore == null || !readSSLConfig.trustStore.equalsIgnoreCase("NONE"))) {
            SSLEngine createSSLEngine = getSSLContext(readSSLConfig).createSSLEngine(str, i);
            createSSLEngine.setUseClientMode(true);
            return createSSLEngine;
        }
        try {
            SSLEngine createSSLEngine2 = SSLContext.getDefault().createSSLEngine();
            createSSLEngine2.setUseClientMode(true);
            return createSSLEngine2;
        } catch (NoSuchAlgorithmException e) {
            throw new IOException(e);
        }
    }

    private static SSLContext getSSLContext(SSLConfig sSLConfig) throws IOException {
        if (!sSLConfig.equals(DEF_CONTEXT_CONFIG)) {
            return createSSLContext(sSLConfig);
        }
        if (!initDefSSLContext) {
            Monitor.CloseableLock acquireCloseableLock = DEF_CONTEXT_INIT_MONITOR.acquireCloseableLock();
            Throwable th = null;
            try {
                if (!initDefSSLContext) {
                    defSSLContext = createSSLContext(sSLConfig);
                    initDefSSLContext = true;
                }
            } finally {
                if (acquireCloseableLock != null) {
                    if (0 != 0) {
                        try {
                            acquireCloseableLock.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        acquireCloseableLock.close();
                    }
                }
            }
        }
        return defSSLContext;
    }

    private static SSLContext createSSLContext(SSLConfig sSLConfig) throws NetException {
        try {
            KeyManager[] keyManagerArr = null;
            TrustManager[] trustManagerArr = null;
            if (sSLConfig.keyStore != null) {
                keyManagerArr = getKeyManagerArray(sSLConfig.keyStore, sSLConfig.keyStorePassword, sSLConfig.keyStoreType, sSLConfig.keyManagerFacAlgo);
            }
            if (sSLConfig.certificateAlias != null && sSLConfig.certificateAlias.trim().length() != 0 && keyManagerArr != null) {
                keyManagerArr = wrapWithAliasKeyManager(keyManagerArr, sSLConfig.certificateAlias);
            }
            if (sSLConfig.trustStore != null) {
                trustManagerArr = getTrustManagerArray(sSLConfig.trustStore, sSLConfig.trustStorePassword, sSLConfig.trustStoreType, sSLConfig.trustManagerFacAlgo, sSLConfig.isCaCertsTrusted);
            }
            SSLContext sSLContext = SSLContext.getInstance(sSLConfig.sslContextProtocol);
            sSLContext.init(keyManagerArr, trustManagerArr, null);
            return sSLContext;
        } catch (Exception e) {
            throw ((NetException) new NetException(410).initCause(e));
        }
    }

    private static X509ExtendedKeyManager[] wrapWithAliasKeyManager(KeyManager[] keyManagerArr, String str) {
        X509ExtendedKeyManager[] x509ExtendedKeyManagerArr = new X509ExtendedKeyManager[keyManagerArr.length];
        for (int i = 0; i < keyManagerArr.length; i++) {
            x509ExtendedKeyManagerArr[i] = new AliasKeyManager((X509KeyManager) keyManagerArr[i], str);
        }
        return x509ExtendedKeyManagerArr;
    }

    private static SSLConfig readSSLConfig(@Blind(PropertiesBlinder.class) Properties properties) throws NetException {
        SSLConfig readJavaxNetSSLConfig = ((String) properties.get(5)) == null ? readJavaxNetSSLConfig(properties) : readWalletSSLConfig(properties);
        readJavaxNetSSLConfig.sslContextProtocol = (String) properties.getOrDefault(38, OracleConnection.CONNECTION_PROPERTY_SSL_CONTEXT_PROTOCOL_DEFAULT);
        readJavaxNetSSLConfig.isCaCertsTrusted = Boolean.valueOf((String) properties.get(41)).booleanValue();
        return readJavaxNetSSLConfig;
    }

    private static SSLConfig readJavaxNetSSLConfig(@Blind(PropertiesBlinder.class) Properties properties) {
        SSLConfig sSLConfig = new SSLConfig();
        sSLConfig.keyStore = (String) properties.get(8);
        sSLConfig.certificateAlias = (String) properties.get(29);
        if (sSLConfig.keyStore != null) {
            sSLConfig.keyStoreType = (String) properties.get(9);
            if (sSLConfig.keyStoreType == null) {
                sSLConfig.keyStoreType = resolveKeyStoreType(sSLConfig.keyStore);
            }
            sSLConfig.keyStorePassword = (OpaqueString) properties.get(10);
            if (sSLConfig.keyStorePassword == null || sSLConfig.keyStorePassword == OpaqueString.NULL) {
                sSLConfig.keyStorePassword = OpaqueString.EMPTY;
            }
            sSLConfig.keyManagerFacAlgo = (String) properties.get(14);
            if (sSLConfig.keyManagerFacAlgo == null) {
                sSLConfig.keyManagerFacAlgo = Security.getProperty("ssl.keyManagerFactory.algorithm");
            }
            if (sSLConfig.keyManagerFacAlgo == null) {
                sSLConfig.keyManagerFacAlgo = KeyManagerFactory.getDefaultAlgorithm();
            }
        }
        sSLConfig.trustStore = (String) properties.get(11);
        if (sSLConfig.trustStore != null) {
            sSLConfig.trustStoreType = (String) properties.get(12);
            if (sSLConfig.trustStoreType == null) {
                sSLConfig.trustStoreType = resolveKeyStoreType(sSLConfig.trustStore);
            }
            sSLConfig.trustStorePassword = (OpaqueString) properties.get(13);
            if (sSLConfig.trustStorePassword == null || sSLConfig.trustStorePassword == OpaqueString.NULL) {
                sSLConfig.trustStorePassword = OpaqueString.EMPTY;
            }
            sSLConfig.trustManagerFacAlgo = (String) properties.get(15);
            if (sSLConfig.trustManagerFacAlgo == null) {
                sSLConfig.trustManagerFacAlgo = Security.getProperty("ssl.trustManagerFactory.algorithm");
            }
            if (sSLConfig.trustManagerFacAlgo == null) {
                sSLConfig.trustManagerFacAlgo = TrustManagerFactory.getDefaultAlgorithm();
            }
        }
        return sSLConfig;
    }

    private static SSLConfig readWalletSSLConfig(@Blind(PropertiesBlinder.class) Properties properties) throws NetException {
        String substring;
        SSLConfig sSLConfig = new SSLConfig();
        sSLConfig.certificateAlias = (String) properties.get(29);
        boolean z = false;
        String str = (String) properties.get(5);
        if (str.startsWith("(")) {
            substring = processWalletLocation(str);
        } else {
            substring = str.startsWith("file:") ? str.substring("file:".length()) : str;
            File file = new File(substring);
            if (!file.exists()) {
                throw new NetException(407, "Couldn't find file at " + substring);
            }
            if (!file.isDirectory()) {
                z = true;
            }
        }
        OpaqueString opaqueString = (OpaqueString) properties.get(16);
        if (opaqueString == null || opaqueString == OpaqueString.NULL) {
            if (z) {
                sSLConfig.keyStore = substring;
            } else {
                sSLConfig.keyStore = substring + System.getProperty("file.separator") + DEFAULT_SSO_WALLET_FILE_NAME;
            }
            sSLConfig.keyStoreType = SSO_WALLET_TYPE;
            sSLConfig.keyStorePassword = OpaqueString.EMPTY;
            sSLConfig.keyManagerFacAlgo = KeyManagerFactory.getDefaultAlgorithm();
            sSLConfig.trustStore = sSLConfig.keyStore;
            sSLConfig.trustStoreType = SSO_WALLET_TYPE;
            sSLConfig.trustStorePassword = OpaqueString.EMPTY;
            sSLConfig.trustManagerFacAlgo = TrustManagerFactory.getDefaultAlgorithm();
        } else {
            if (z) {
                sSLConfig.keyStore = substring;
            } else {
                sSLConfig.keyStore = substring + System.getProperty("file.separator") + DEFAULT_PKCS12_WALLET_FILE_NAME;
            }
            sSLConfig.keyStoreType = PKCS12_WALLET_TYPE;
            sSLConfig.keyStorePassword = opaqueString;
            sSLConfig.keyManagerFacAlgo = KeyManagerFactory.getDefaultAlgorithm();
            sSLConfig.trustStore = sSLConfig.keyStore;
            sSLConfig.trustStoreType = PKCS12_WALLET_TYPE;
            sSLConfig.trustStorePassword = opaqueString;
            sSLConfig.trustManagerFacAlgo = TrustManagerFactory.getDefaultAlgorithm();
        }
        return sSLConfig;
    }

    public static KeyManager[] getKeyManagerArray(String str, OpaqueString opaqueString, String str2, String str3) throws IOException {
        try {
            KeyStore loadKeyStore = loadKeyStore(str, str2, opaqueString);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(str3);
            char[] chars = opaqueString.getChars();
            try {
                keyManagerFactory.init(loadKeyStore, chars);
                if (chars != null) {
                    for (int i = 0; i < chars.length; i++) {
                        chars[i] = 0;
                    }
                }
                return keyManagerFactory.getKeyManagers();
            } catch (Throwable th) {
                if (chars != null) {
                    for (int i2 = 0; i2 < chars.length; i2++) {
                        chars[i2] = 0;
                    }
                }
                throw th;
            }
        } catch (Exception e) {
            throw ((NetException) new NetException(408).initCause(e));
        }
    }

    public static TrustManager[] getTrustManagerArray(String str, OpaqueString opaqueString, String str2, String str3, boolean z) throws IOException {
        try {
            KeyStore loadKeyStore = loadKeyStore(str, str2, opaqueString);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(str3);
            trustManagerFactory.init(z ? mergeCaCerts(loadKeyStore) : loadKeyStore);
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e) {
            throw ((NetException) new NetException(409).initCause(e));
        }
    }

    private static KeyStore mergeCaCerts(KeyStore keyStore) throws IOException, GeneralSecurityException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        try {
            trustManagerFactory.init((KeyStore) null);
        } catch (NullPointerException | KeyStoreException e) {
            trustManagerFactory.init(loadCaCerts());
        }
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                for (X509Certificate x509Certificate : ((X509TrustManager) trustManager).getAcceptedIssuers()) {
                    String name = x509Certificate.getIssuerX500Principal().getName();
                    if (!keyStore.containsAlias(name)) {
                        keyStore.setCertificateEntry(name, x509Certificate);
                    }
                }
            }
        }
        return keyStore;
    }

    private static KeyStore loadCaCerts() throws IOException, GeneralSecurityException {
        try {
            return loadCaCerts(PKCS12_WALLET_TYPE, "SUN");
        } catch (IOException | GeneralSecurityException e) {
            try {
                return loadCaCerts(JKS_TYPE, "SUN");
            } catch (IOException | GeneralSecurityException e2) {
                e2.addSuppressed(e);
                throw e2;
            }
        }
    }

    private static KeyStore loadCaCerts(String str, String str2) throws IOException, GeneralSecurityException {
        InputStream newInputStream = Files.newInputStream(Paths.get(System.getProperty("java.home"), "lib", "security", "cacerts"), new OpenOption[0]);
        Throwable th = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(str, str2);
                keyStore.load(newInputStream, null);
                if (newInputStream != null) {
                    if (0 != 0) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
                return keyStore;
            } finally {
            }
        } catch (Throwable th3) {
            if (newInputStream != null) {
                if (th != null) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    newInputStream.close();
                }
            }
            throw th3;
        }
    }

    public static String processWalletLocation(String str) throws NetException {
        try {
            NVNavigator nVNavigator = new NVNavigator();
            NVPair createNVPair = new NVFactory().createNVPair(str);
            NVPair findNVPair = nVNavigator.findNVPair(createNVPair, "METHOD");
            NVPair findNVPair2 = nVNavigator.findNVPair(nVNavigator.findNVPair(createNVPair, "METHOD_DATA"), "DIRECTORY");
            String atom = findNVPair.getAtom();
            if (atom.equalsIgnoreCase(SUPPORTED_METHOD_TYPE)) {
                return findNVPair2.getAtom();
            }
            throw new NetException(412, atom);
        } catch (Exception e) {
            throw ((NetException) new NetException(407).initCause(e));
        }
    }

    private static KeyStore getKeyStoreInstance(String str) throws KeyStoreException {
        try {
            return KeyStore.getInstance(str);
        } catch (KeyStoreException e) {
            try {
                Provider loadKnownProvider = loadKnownProvider(str);
                if (loadKnownProvider == null) {
                    throw e;
                }
                return KeyStore.getInstance(str, loadKnownProvider);
            } catch (Exception e2) {
                throw e;
            }
        }
    }

    private static Provider loadKnownProvider(String str) throws Exception {
        String str2;
        Class<?> cls;
        Provider provider = null;
        String upperCase = str.toUpperCase();
        boolean z = -1;
        switch (upperCase.hashCode()) {
            case 74731:
                if (upperCase.equals(KSS_TYPE)) {
                    z = true;
                    break;
                }
                break;
            case 82415:
                if (upperCase.equals(SSO_WALLET_TYPE)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                str2 = ORACLE_PKI_PROVIDER_CLASS;
                break;
            case true:
                str2 = KSS_PROVIDER_CLASS;
                break;
            default:
                str2 = null;
                break;
        }
        if (str2 != null && (cls = Class.forName(str2)) != null && Provider.class.isAssignableFrom(cls)) {
            provider = (Provider) AccessController.doPrivileged(() -> {
                return (Provider) cls.newInstance();
            });
        }
        return provider;
    }

    private static String resolveKeyStoreType(String str) {
        if (str == null || str.length() == 0) {
            return KeyStore.getDefaultType();
        }
        String lowerCase = str.toLowerCase();
        return lowerCase.endsWith(SSO_FILE_EXTENSION) ? SSO_WALLET_TYPE : (lowerCase.endsWith(P12_FILE_EXTENSION) || lowerCase.endsWith(PFX_FILE_EXTENSION)) ? PKCS12_WALLET_TYPE : lowerCase.endsWith(JKS_FILE_EXTENSION) ? JKS_TYPE : lowerCase.startsWith(KSS_URI_SCHEME) ? KSS_TYPE : KeyStore.getDefaultType();
    }

    @Log
    protected static void debug(Logger logger, Level level, Executable executable, String str) {
        ClioSupport.log(logger, level, CustomSSLSocketFactory.class, executable, str);
    }

    private static KeyStore loadKeyStore(String str, String str2, OpaqueString opaqueString) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
        KeyStore keyStoreInstance = getKeyStoreInstance(str2);
        if (KSS_TYPE.equals(str2)) {
            loadKSSKeyStore(keyStoreInstance, str, opaqueString);
        } else {
            loadFileBasedKeyStore(keyStoreInstance, str, opaqueString);
        }
        return keyStoreInstance;
    }

    private static void loadFileBasedKeyStore(KeyStore keyStore, String str, OpaqueString opaqueString) throws IOException, NoSuchAlgorithmException, CertificateException {
        InputStream newInputStream = Channels.newInputStream(FileChannel.open(Paths.get(str, new String[0]), StandardOpenOption.READ));
        Throwable th = null;
        try {
            char[] chars = opaqueString.getChars();
            try {
                keyStore.load(newInputStream, chars);
                if (chars != null) {
                    for (int i = 0; i < chars.length; i++) {
                        chars[i] = 0;
                    }
                }
                if (newInputStream != null) {
                    if (0 == 0) {
                        newInputStream.close();
                        return;
                    }
                    try {
                        newInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                if (chars != null) {
                    for (int i2 = 0; i2 < chars.length; i2++) {
                        chars[i2] = 0;
                    }
                }
                throw th3;
            }
        } catch (Throwable th4) {
            if (newInputStream != null) {
                if (0 != 0) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    newInputStream.close();
                }
            }
            throw th4;
        }
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [oracle.net.nt.CustomSSLSocketFactory$1KSSLoader] */
    private static void loadKSSKeyStore(KeyStore keyStore, String str, OpaqueString opaqueString) throws IOException, NoSuchAlgorithmException, CertificateException {
        new Object() { // from class: oracle.net.nt.CustomSSLSocketFactory.1KSSLoader
            /* JADX INFO: Access modifiers changed from: private */
            /* JADX WARN: Finally extract failed */
            public final void load(KeyStore keyStore2, String str2, OpaqueString opaqueString2) throws IOException, NoSuchAlgorithmException, CertificateException {
                KeyStoreServiceLoadStoreParameter keyStoreServiceLoadStoreParameter = new KeyStoreServiceLoadStoreParameter();
                if (opaqueString2 != null && opaqueString2 != OpaqueString.NULL) {
                    char[] chars = opaqueString2.getChars();
                    try {
                        keyStoreServiceLoadStoreParameter.setProtectionParameter(new KeyStore.PasswordProtection(chars));
                        for (int i = 0; i < chars.length; i++) {
                            chars[i] = 0;
                        }
                    } catch (Throwable th) {
                        for (int i2 = 0; i2 < chars.length; i2++) {
                            chars[i2] = 0;
                        }
                        throw th;
                    }
                }
                keyStoreServiceLoadStoreParameter.setKssUri(str2);
                keyStore2.load(keyStoreServiceLoadStoreParameter);
            }
        }.load(keyStore, str, opaqueString);
    }

    static {
        SSLConfig sSLConfig;
        try {
            Properties properties = new Properties();
            ConnStrategy.createSocketOptions(System.getProperties(), properties);
            sSLConfig = readSSLConfig(properties);
        } catch (NetException e) {
            sSLConfig = new SSLConfig();
        }
        DEF_CONTEXT_CONFIG = sSLConfig;
    }
}
