package com.tivoli.agentmgr.util.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:installer/IY82930.jar:efixes/IY82930/components/tpm/update.jar:/apps/tcje.ear:lib/ep_common.jar:com/tivoli/agentmgr/util/security/CRLTrustManager.class */
public class CRLTrustManager implements X509TrustManager {
    private static final String CLASSNAME;
    private static final String COPYRIGHT = "\n\nLicensed Materials - Property of IBM\n(C)Copyright IBM Corporation 2004.\nAll Rights Reserved.\nUS Government Users Restricted Rights - Use, duplication \nor disclosure restricted by GSA ADP Schedule Contract with IBM Corp.\n\n";
    CRLProvider m_crlProvider;
    X509TrustManager m_trustMgr;
    private X509CRL m_CRL;
    private String m_crlFileName;
    static Class class$com$tivoli$agentmgr$util$security$CRLTrustManager;

    public CRLTrustManager(X509TrustManager x509TrustManager, CRLProvider cRLProvider, String str) {
        this.m_crlProvider = null;
        this.m_trustMgr = null;
        this.m_trustMgr = x509TrustManager;
        this.m_crlProvider = cRLProvider;
        this.m_crlFileName = str;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        X509CRL crl = getCRL();
        for (int i = 0; crl != null && i < x509CertificateArr.length; i++) {
            if (crl.isRevoked(x509CertificateArr[i])) {
                throw new CertificateException(new StringBuffer().append("Certificate Revoked ").append(x509CertificateArr[i].getSubjectDN()).toString());
            }
        }
        this.m_trustMgr.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        X509CRL crl = getCRL();
        for (int i = 0; crl != null && i < x509CertificateArr.length; i++) {
            if (crl.isRevoked(x509CertificateArr[i])) {
                throw new CertificateException(new StringBuffer().append("Certificate Revoked ").append(x509CertificateArr[i].getSubjectDN()).toString());
            }
        }
        this.m_trustMgr.checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.m_trustMgr.getAcceptedIssuers();
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:27:0x0094
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public synchronized java.security.cert.X509CRL getCRL() {
        /*
            Method dump skipped, instructions count: 287
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tivoli.agentmgr.util.security.CRLTrustManager.getCRL():java.security.cert.X509CRL");
    }

    public synchronized void clearCRL() {
        this.m_CRL = null;
        new File(this.m_crlFileName).delete();
        getCRL();
    }

    private void verifyCRLSignature(X509CRL x509crl) throws InvalidKeyException, CRLException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException {
        boolean z = false;
        X509Certificate[] acceptedIssuers = getAcceptedIssuers();
        for (int i = 0; i < acceptedIssuers.length && !z; i++) {
            if (x509crl.getIssuerDN().equals(acceptedIssuers[i].getSubjectDN())) {
                x509crl.verify(acceptedIssuers[i].getPublicKey());
                z = true;
            }
        }
        if (!z) {
            throw new SignatureException();
        }
    }

    public static TrustManager[] getTrustManagers(String str, char[] cArr, CRLProvider cRLProvider, String str2) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, FileNotFoundException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        if (str != null) {
            FileInputStream fileInputStream = new FileInputStream(str);
            KeyStore keyStore = KeyStore.getInstance("jks");
            keyStore.load(fileInputStream, cArr);
            fileInputStream.close();
            trustManagerFactory.init(keyStore);
        }
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                trustManagers[i] = new CRLTrustManager((X509TrustManager) trustManagers[i], cRLProvider, str2);
            }
        }
        return trustManagers;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$tivoli$agentmgr$util$security$CRLTrustManager == null) {
            cls = class$("com.tivoli.agentmgr.util.security.CRLTrustManager");
            class$com$tivoli$agentmgr$util$security$CRLTrustManager = cls;
        } else {
            cls = class$com$tivoli$agentmgr$util$security$CRLTrustManager;
        }
        CLASSNAME = cls.getName();
    }
}
