package com.tibco.security.ssl.D;

import com.tibco.security.AXSecurityException;
import com.tibco.security.Cert;
import com.tibco.security.CertUtils;
import com.tibco.security.TrustedCerts;
import com.tibco.security.TrustedCertsFactory;
import com.tibco.security.impl.j2se.CertImpl;
import com.tibco.security.ssl.CertificateVerifier;
import com.tibco.security.ssl.NullCertificateVerifier;
import java.io.PrintStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: TrustManagerImpl.java */
/* loaded from: input_file:com/tibco/security/ssl/D/A.class */
public class A implements X509TrustManager {
    CertificateVerifier o00000;

    /* renamed from: Ô00000, reason: contains not printable characters */
    X509Certificate[] f20000000;

    /* renamed from: Ò00000, reason: contains not printable characters */
    X509TrustManager f20100000;
    PrintStream Object;

    public A(CertificateVerifier certificateVerifier, PrintStream printStream) throws AXSecurityException {
        certificateVerifier = certificateVerifier == null ? new NullCertificateVerifier() : certificateVerifier;
        this.o00000 = certificateVerifier;
        this.Object = printStream;
        TrustedCerts trustedCerts = certificateVerifier.getTrustedCerts();
        trustedCerts = trustedCerts == null ? TrustedCertsFactory.createTrustedCerts(new CertImpl[0]) : trustedCerts;
        this.f20000000 = CertUtils.convertCertificateList(trustedCerts.getCertificateList());
        o00000(trustedCerts);
    }

    public void o00000(TrustedCerts trustedCerts) throws AXSecurityException {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            Cert[] certificateList = trustedCerts.getCertificateList();
            for (int i = 0; i < certificateList.length; i++) {
                keyStore.setCertificateEntry(new StringBuilder().append(i).append(1).toString(), certificateList[i].getCertificate());
            }
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            for (int i2 = 0; i2 < trustManagers.length; i2++) {
                if (trustManagers[i2] instanceof X509TrustManager) {
                    this.f20100000 = (X509TrustManager) trustManagers[i2];
                    return;
                }
            }
            throw new AXSecurityException("no suitable trust manager is available");
        } catch (Exception e) {
            throw new AXSecurityException(e);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            Cert[] convertCertificateList = CertUtils.convertCertificateList(x509CertificateArr);
            this.o00000.trace(convertCertificateList);
            if (this.o00000.performDefaultAuthentication()) {
                try {
                    this.f20100000.checkClientTrusted(x509CertificateArr, str);
                } catch (CertificateException e) {
                    if (this.Object != null) {
                        this.Object.println("JSSE client chain validation failed");
                    }
                    throw e;
                }
            }
            this.o00000.authenticateClient(convertCertificateList);
        } catch (AXSecurityException e2) {
            if (this.Object != null) {
                this.Object.print("client chain validation failed: ");
                e2.printStackTrace(this.Object);
            }
            throw new CertificateException(e2.toString());
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            Cert[] convertCertificateList = CertUtils.convertCertificateList(x509CertificateArr);
            this.o00000.trace(convertCertificateList);
            if (this.o00000.performDefaultAuthentication()) {
                try {
                    this.f20100000.checkServerTrusted(x509CertificateArr, str);
                } catch (CertificateException e) {
                    if (this.Object != null) {
                        this.Object.println("JSSE server chain validation failed");
                    }
                    throw e;
                }
            }
            this.o00000.authenticateServer(convertCertificateList);
        } catch (AXSecurityException e2) {
            if (this.Object != null) {
                this.Object.print("server chain validation failed: ");
                e2.printStackTrace(this.Object);
            }
            throw new CertificateException(e2.toString());
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.f20000000;
    }
}
