package com.buildforge.services.common.ssl.core;

import com.buildforge.services.common.dbo.MessageDBO;
import com.buildforge.services.common.dbo.UserDBO;
import com.buildforge.services.common.ssl.config.KeyStoreManager;
import com.buildforge.services.common.ssl.config.SSLConfig;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/buildforge/services/common/ssl/core/BFX509TrustManager.class */
public final class BFX509TrustManager implements X509TrustManager {
    private static final Logger log = Logger.getLogger(BFX509TrustManager.class.getName());
    private TrustManager[] tm;
    private KeyStore ts;
    private SSLConfig config;

    public BFX509TrustManager(TrustManager[] trustManagerArr, SSLConfig sSLConfig, KeyStore keyStore) {
        this.tm = null;
        this.ts = null;
        this.config = null;
        this.tm = trustManagerArr;
        this.ts = keyStore;
        this.config = sSLConfig;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            if (log.isLoggable(Level.FINE)) {
                for (int i = 0; i < x509CertificateArr.length; i++) {
                    log.log(Level.FINE, "chain[" + i + "]: " + x509CertificateArr[i].getSubjectDN());
                }
            }
            for (int i2 = 0; i2 < this.tm.length; i2++) {
                if (this.tm[i2] != null && (this.tm[i2] instanceof X509TrustManager)) {
                    if (log.isLoggable(Level.FINE)) {
                        log.log(Level.FINE, "Delegating to X509TrustManager: " + this.tm[i2].getClass().getName());
                    }
                    ((X509TrustManager) this.tm[i2]).checkClientTrusted(x509CertificateArr, str);
                }
            }
        } catch (Throwable th) {
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, "Caught exception in checkClientTrusted.", new Object[]{th});
            }
            String message = th.getMessage();
            String obj = x509CertificateArr[0].getSubjectDN().toString();
            com.buildforge.services.common.ssl.config.KeyStore keyStoreByUuid = KeyStoreManager.getInstance().getKeyStoreByUuid(this.config.getTrustStoreId());
            MessageDBO messageDBO = new MessageDBO(MessageDBO.Severity.WARNING, "SSLHandshakeFailed", obj, keyStoreByUuid != null ? keyStoreByUuid.getLocation() : null, this.config.getAlias(), message);
            if (log.isLoggable(Level.WARNING)) {
                log.log(Level.WARNING, messageDBO.translate());
            }
            if (th instanceof RuntimeException) {
                throw ((RuntimeException) th);
            }
            if (!(th instanceof CertificateException)) {
                throw new CertificateException(th);
            }
            throw ((CertificateException) th);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (log.isLoggable(Level.FINE)) {
            for (int i = 0; i < x509CertificateArr.length; i++) {
                log.log(Level.FINE, "Certificate information:");
                log.log(Level.FINE, "  Subject DN: " + x509CertificateArr[i].getSubjectDN());
                log.log(Level.FINE, "  Issuer DN: " + x509CertificateArr[i].getIssuerDN());
                log.log(Level.FINE, "  Serial number: " + x509CertificateArr[i].getSerialNumber());
                log.log(Level.FINE, UserDBO.UID_SYSTEM);
            }
        }
        for (int i2 = 0; i2 < this.tm.length; i2++) {
            if (this.tm[i2] != null && (this.tm[i2] instanceof X509TrustManager)) {
                try {
                    if (log.isLoggable(Level.FINE)) {
                        log.log(Level.FINE, "Delegating to X509TrustManager: " + this.tm[i2].getClass().getName());
                    }
                    ((X509TrustManager) this.tm[i2]).checkServerTrusted(x509CertificateArr, str);
                } catch (CertificateException e) {
                    if (log.isLoggable(Level.FINE)) {
                        log.log(Level.FINE, "Certificate Exception occurred: " + e.getMessage());
                    }
                    String message = e.getMessage();
                    String obj = x509CertificateArr[0].getSubjectDN().toString();
                    com.buildforge.services.common.ssl.config.KeyStore keyStoreByUuid = KeyStoreManager.getInstance().getKeyStoreByUuid(this.config.getTrustStoreId());
                    MessageDBO messageDBO = new MessageDBO(MessageDBO.Severity.WARNING, "SSLHandshakeFailed", obj, keyStoreByUuid != null ? keyStoreByUuid.getLocation() : null, this.config.getAlias(), message);
                    if (log.isLoggable(Level.WARNING)) {
                        log.log(Level.WARNING, messageDBO.translate());
                    }
                    throw e;
                }
            }
        }
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, "Server is trusted by all X509TrustManagers.");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < this.tm.length; i++) {
            if (this.tm[i] instanceof X509TrustManager) {
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, "Delegating to X509TrustManager: " + this.tm[i].getClass().getName());
                }
                X509Certificate[] acceptedIssuers = ((X509TrustManager) this.tm[i]).getAcceptedIssuers();
                if (acceptedIssuers != null) {
                    for (int i2 = 0; i2 < acceptedIssuers.length; i2++) {
                        if (!arrayList.contains(acceptedIssuers[i2])) {
                            arrayList.add(acceptedIssuers[i2]);
                        }
                    }
                }
            }
        }
        if (arrayList.size() > 0) {
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        }
        return null;
    }
}
