package net.suberic.pooka.ssl;

import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.FileInputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Set;
import javax.mail.internet.MimeUtility;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.swing.SwingUtilities;
import net.suberic.pooka.Pooka;

/* loaded from: input_file:net/suberic/pooka/ssl/PookaTrustManager.class */
public class PookaTrustManager implements X509TrustManager {
    X509TrustManager wrappedManager;
    String certificateRepositoryFile;
    Set rejectedCerts;
    Set trustedCerts;
    boolean mUseCertFile;

    public PookaTrustManager(TrustManager[] trustManagerArr, String str) {
        this(trustManagerArr, str, true);
    }

    public PookaTrustManager(TrustManager[] trustManagerArr, String str, boolean z) {
        this.wrappedManager = null;
        this.certificateRepositoryFile = null;
        this.rejectedCerts = new HashSet();
        this.trustedCerts = new HashSet();
        this.mUseCertFile = true;
        this.mUseCertFile = z;
        if (this.mUseCertFile) {
            this.certificateRepositoryFile = str;
        }
        for (int i = 0; i < trustManagerArr.length; i++) {
            if (trustManagerArr[i] instanceof X509TrustManager) {
                this.wrappedManager = (X509TrustManager) trustManagerArr[i];
            }
        }
        loadAccepted();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (this.wrappedManager == null) {
            if (!localIsTrusted(x509CertificateArr)) {
                throw new CertificateException("Certificate not trusted.");
            }
            return;
        }
        CertificateException certificateException = null;
        try {
            this.wrappedManager.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            certificateException = e;
        }
        if (certificateException != null && !localIsTrusted(x509CertificateArr)) {
            throw certificateException;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (this.wrappedManager == null) {
            if (!localIsTrusted(x509CertificateArr)) {
                throw new CertificateException("Certificate not trusted.");
            }
            return;
        }
        CertificateException certificateException = null;
        try {
            this.wrappedManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            certificateException = e;
        }
        if (certificateException != null && !localIsTrusted(x509CertificateArr)) {
            throw certificateException;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.wrappedManager.getAcceptedIssuers();
    }

    public boolean localIsTrusted(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr == null || x509CertificateArr.length < 1) {
            return false;
        }
        boolean z = false;
        boolean z2 = false;
        for (int i = 0; !z && !z2 && i < x509CertificateArr.length; i++) {
            if (this.trustedCerts.contains(x509CertificateArr[i])) {
                z = true;
            } else if (this.rejectedCerts.contains(x509CertificateArr[i])) {
                z2 = true;
            }
        }
        if (z) {
            return true;
        }
        if (z2) {
            return false;
        }
        boolean askIsTrusted = askIsTrusted(x509CertificateArr);
        if (askIsTrusted) {
            addToTrusted(x509CertificateArr);
        } else {
            addToRejected(x509CertificateArr);
        }
        return askIsTrusted;
    }

    public boolean askIsTrusted(X509Certificate[] x509CertificateArr) {
        int showConfirmDialog;
        X509Certificate x509Certificate = null;
        for (int i = 0; i < x509CertificateArr.length && x509Certificate == null; i++) {
            if (x509CertificateArr[i] != null) {
                x509Certificate = x509CertificateArr[i];
            }
        }
        if (x509Certificate != null) {
            StringBuffer stringBuffer = new StringBuffer("The following certificates are not trusted.  Accpet them anyway?\n\n");
            stringBuffer.append("Issuer:  ");
            stringBuffer.append(x509Certificate.getIssuerDN().getName());
            stringBuffer.append("\n");
            showConfirmDialog = Pooka.getUIFactory().showConfirmDialog(stringBuffer.toString(), "Accpet SSL certificate?", 0);
        } else {
            showConfirmDialog = Pooka.getUIFactory().showConfirmDialog("The certificate(s) for this server are not trusted.  Accpet them anyway?", "Accpet SSL certificate?", 0);
        }
        return showConfirmDialog == 0;
    }

    public void addToTrusted(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr != null) {
            BufferedWriter bufferedWriter = null;
            if (this.mUseCertFile) {
                if (this.certificateRepositoryFile == null || this.certificateRepositoryFile.equals("")) {
                    SwingUtilities.invokeLater(new Runnable() { // from class: net.suberic.pooka.ssl.PookaTrustManager.2
                        @Override // java.lang.Runnable
                        public void run() {
                            Pooka.getUIFactory().showError("Warning:  no certificate file set.\nCertificate will only be accepted for this session.\nGo to Configuation->Preferences->SSL to set a certificate file.");
                        }
                    });
                } else {
                    try {
                        bufferedWriter = new BufferedWriter(new FileWriter(this.certificateRepositoryFile, true));
                    } catch (IOException e) {
                        SwingUtilities.invokeLater(new Runnable() { // from class: net.suberic.pooka.ssl.PookaTrustManager.1
                            @Override // java.lang.Runnable
                            public void run() {
                                Pooka.getUIFactory().showError("Error opening SSL certificate file:  " + PookaTrustManager.this.certificateRepositoryFile, e);
                            }
                        });
                    }
                }
            }
            for (int i = 0; i < x509CertificateArr.length; i++) {
                try {
                    if (x509CertificateArr[i] != null) {
                        this.trustedCerts.add(x509CertificateArr[i]);
                        if (bufferedWriter != null) {
                            bufferedWriter.write("-----BEGIN CERTIFICATE-----");
                            bufferedWriter.newLine();
                            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                            MimeUtility.encode(byteArrayOutputStream, "base64").write(x509CertificateArr[i].getEncoded());
                            bufferedWriter.write(byteArrayOutputStream.toString());
                            bufferedWriter.newLine();
                            bufferedWriter.write("-----END CERTIFICATE-----");
                            bufferedWriter.newLine();
                        }
                    }
                } catch (Exception e2) {
                    if (bufferedWriter != null) {
                        try {
                            bufferedWriter.close();
                            return;
                        } catch (Exception e3) {
                            return;
                        }
                    }
                    return;
                } catch (Throwable th) {
                    if (bufferedWriter != null) {
                        try {
                            bufferedWriter.close();
                        } catch (Exception e4) {
                        }
                    }
                    throw th;
                }
            }
            bufferedWriter.flush();
            if (bufferedWriter != null) {
                try {
                    bufferedWriter.close();
                } catch (Exception e5) {
                }
            }
        }
    }

    public void addToRejected(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr != null) {
            for (int i = 0; i < x509CertificateArr.length; i++) {
                if (x509CertificateArr[i] != null) {
                    this.rejectedCerts.add(x509CertificateArr[i]);
                }
            }
        }
    }

    public void loadAccepted() {
        FileInputStream fileInputStream = null;
        if (!this.mUseCertFile || this.certificateRepositoryFile == null) {
            return;
        }
        try {
            fileInputStream = new FileInputStream(this.certificateRepositoryFile);
            DataInputStream dataInputStream = new DataInputStream(fileInputStream);
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            byte[] bArr = new byte[dataInputStream.available()];
            dataInputStream.readFully(bArr);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            while (byteArrayInputStream.available() > 0) {
                this.trustedCerts.add(certificateFactory.generateCertificate(byteArrayInputStream));
            }
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e) {
                }
            }
        } catch (Exception e2) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e3) {
                }
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e4) {
                    throw th;
                }
            }
            throw th;
        }
    }
}
