package org.jcows.model.core;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.log4j.Logger;
import org.jcows.JCowsException;
import org.jcows.controller.DialogSSLController;
import org.jcows.system.Properties;

/* loaded from: input_file:org/jcows/model/core/JCowsX509TrustManager.class */
class JCowsX509TrustManager implements X509TrustManager {
    protected static final Logger LOGGER = Logger.getLogger(JCowsX509TrustManager.class);
    private KeyStore m_keystore;
    private String m_keystorePath;
    private String m_passphrase;
    private DialogSSLController m_dialogSSLController;
    private static boolean m_isTemporary;
    X509TrustManager sunJSSEX509TrustManager;

    public JCowsX509TrustManager(DialogSSLController dialogSSLController) throws JCowsException {
        this.m_dialogSSLController = dialogSSLController;
        init();
    }

    private void init() throws JCowsException {
        try {
            this.m_keystorePath = Properties.getConfig("network.keyStore");
            this.m_passphrase = "59_jcows@5932";
            if (m_isTemporary) {
                this.m_keystorePath = System.getProperty("java.io.tmpdir") + File.separator + this.m_keystorePath;
            }
            this.m_keystore = KeyStore.getInstance("JKS");
            if (!new File(this.m_keystorePath).exists()) {
                this.m_keystore.load(null, this.m_passphrase.toCharArray());
                this.m_keystore.store(new FileOutputStream(new File(this.m_keystorePath)), this.m_passphrase.toCharArray());
            }
            this.m_keystore.load(new FileInputStream(this.m_keystorePath), this.m_passphrase.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
            trustManagerFactory.init(this.m_keystore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            LOGGER.info("Number of Trustmanagers: " + trustManagers.length);
            for (int i = 0; i < trustManagers.length; i++) {
                if (trustManagers[i] instanceof X509TrustManager) {
                    this.sunJSSEX509TrustManager = (X509TrustManager) trustManagers[i];
                    return;
                }
            }
            throw new JCowsException(Properties.getMessage("error.x509InitializationError"));
        } catch (IOException e) {
            throw new JCowsException(Properties.getMessage("error.IOException"), e);
        } catch (KeyStoreException e2) {
            throw new JCowsException(Properties.getMessage("error.KeyStoreException"), e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new JCowsException(Properties.getMessage("error.NoSuchAlgorithmException"), e3);
        } catch (NoSuchProviderException e4) {
            throw new JCowsException(Properties.getMessage("error.NoSuchProviderException"), e4);
        } catch (CertificateException e5) {
            throw new JCowsException(Properties.getMessage("error.CertificateException"), e5);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.sunJSSEX509TrustManager.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            throw e;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        boolean z;
        try {
            this.sunJSSEX509TrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            X509Certificate cACert = getCACert(x509CertificateArr);
            StringBuffer stringBuffer = new StringBuffer("Certificate Subject\n");
            for (String str2 : cACert.getSubjectX500Principal().toString().split(", ")) {
                stringBuffer.append(str2);
                stringBuffer.append("\n");
            }
            stringBuffer.append("\nCertificate Issuer\n");
            for (String str3 : cACert.getIssuerX500Principal().toString().split(", ")) {
                stringBuffer.append(str3);
                stringBuffer.append("\n");
            }
            stringBuffer.append("\n\nSignature Algorithm: ");
            stringBuffer.append(cACert.getSigAlgName());
            stringBuffer.append("\n\nKey: ");
            String obj = cACert.getPublicKey().toString();
            stringBuffer.append(obj.substring(0, obj.indexOf("modulus")).trim());
            stringBuffer.append("\n\nIssued On: ");
            stringBuffer.append(cACert.getNotBefore());
            stringBuffer.append("\n\nExpires On: ");
            stringBuffer.append(cACert.getNotAfter());
            this.m_dialogSSLController.setText(stringBuffer.toString());
            int evaluateSSLDialog = this.m_dialogSSLController.evaluateSSLDialog();
            if (evaluateSSLDialog == DialogSSLController.MODE_ACCEPT_TEMPORARILY) {
                LOGGER.debug("Temporary Accepted Certificate");
                z = !m_isTemporary;
                m_isTemporary = true;
            } else {
                if (evaluateSSLDialog != DialogSSLController.MODE_ACCEPT_PERMANENTLY) {
                    throw e;
                }
                LOGGER.debug("Permanently Accepted Certificate");
                z = m_isTemporary;
                m_isTemporary = false;
            }
            try {
                if (z) {
                    try {
                        init();
                    } catch (JCowsException e2) {
                        throw new CertificateException(e2);
                    }
                }
                saveStore(cACert);
            } catch (KeyStoreException e3) {
                throw new CertificateException(Properties.getMessage("error.saveKeystoreFailed") + e3);
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.sunJSSEX509TrustManager.getAcceptedIssuers();
    }

    private X509Certificate getCACert(X509Certificate[] x509CertificateArr) {
        X509Certificate x509Certificate = x509CertificateArr[x509CertificateArr.length - 1];
        if (x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN())) {
            return x509Certificate;
        }
        return null;
    }

    private void saveStore(X509Certificate x509Certificate) throws KeyStoreException {
        try {
            this.m_keystore.setCertificateEntry(x509Certificate.getSubjectX500Principal() + " (" + x509Certificate.getSerialNumber().toString() + ")", x509Certificate);
            FileOutputStream fileOutputStream = new FileOutputStream(this.m_keystorePath);
            this.m_keystore.store(fileOutputStream, this.m_passphrase.toCharArray());
            fileOutputStream.close();
        } catch (IOException e) {
            KeyStoreException keyStoreException = new KeyStoreException("unable to access keystore file");
            keyStoreException.initCause(e);
            throw keyStoreException;
        } catch (GeneralSecurityException e2) {
            if (!(e2 instanceof KeyStoreException)) {
                throw new KeyStoreException("unable to save keystore " + this.m_keystorePath + " error was: " + e2);
            }
            throw ((KeyStoreException) e2);
        }
    }

    public String getkeystorePath() {
        return this.m_keystorePath;
    }
}
