package com.tibco.security.ssl.A;

import com.tibco.security.AXSecurityException;
import com.tibco.security.Cert;
import com.tibco.security.CertChainVerifier;
import com.tibco.security.CertUtils;
import com.tibco.security.TrustedCerts;
import com.tibco.security.ssl.CertificateVerifier;
import iaik.security.ssl.ChainVerifier;
import iaik.security.ssl.SSLTransport;
import java.io.ByteArrayInputStream;
import java.io.PrintStream;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;

/* compiled from: EntrustVerifier.java */
/* renamed from: com.tibco.security.ssl.A.oOOO, reason: case insensitive filesystem */
/* loaded from: input_file:com/tibco/security/ssl/A/oOOO.class */
public class C0006oOOO extends ChainVerifier {
    CertificateVerifier o00000;

    /* renamed from: Ò00000, reason: contains not printable characters */
    boolean f19500000;

    /* renamed from: Õ00000, reason: contains not printable characters */
    boolean f19600000;
    PrintStream Object;

    /* renamed from: Ô00000, reason: contains not printable characters */
    private final TrustedCerts f19700000;

    public C0006oOOO(CertificateVerifier certificateVerifier, PrintStream printStream, boolean z) throws AXSecurityException {
        this.o00000 = certificateVerifier;
        this.f19600000 = z;
        this.f19500000 = certificateVerifier.performDefaultAuthentication();
        this.Object = printStream;
        this.f19700000 = certificateVerifier.getTrustedCerts();
        if (certificateVerifier == null || this.f19700000 == null) {
            return;
        }
        for (Cert cert : this.f19700000.getCertificateList()) {
            addTrustedCertificate((X509Certificate) cert.getContents());
        }
    }

    public Enumeration<Principal> getTrustedPrincipals() {
        return C.o00000();
    }

    public Principal[] getTrustedPrincipalsArray() {
        return new Principal[0];
    }

    protected boolean verifyClient(X509Certificate[] x509CertificateArr, SSLTransport sSLTransport) {
        try {
            if (x509CertificateArr == null) {
                if (this.Object == null) {
                    return false;
                }
                this.Object.println("Error: expected a client certificate, no certificate received");
                return false;
            }
            if (CertChainVerifier.IMPLICIT_CA_CHAIN) {
                CertChainVerifier.chain_validate_jdk(x509CertificateArr, this.f19700000, false);
                return true;
            }
            Cert[] convertCertificateList = CertUtils.convertCertificateList(x509CertificateArr);
            if (this.o00000 != null) {
                this.o00000.trace(convertCertificateList);
            }
            if (this.f19500000) {
                if (!super.verifyClient(x509CertificateArr, sSLTransport)) {
                    if (this.Object == null) {
                        return false;
                    }
                    this.Object.println("Entrust chain verification failed for client");
                    return false;
                }
                if (this.Object != null) {
                    this.Object.println("Entrust chain verification ok");
                }
            }
            if (this.o00000 == null) {
                return true;
            }
            this.o00000.authenticateClient(convertCertificateList);
            if (this.Object == null) {
                return true;
            }
            this.Object.println("client verification ok");
            return true;
        } catch (AXSecurityException e) {
            if (this.Object == null) {
                return false;
            }
            this.Object.println("client verification failed:");
            e.printStackTrace(this.Object);
            return false;
        }
    }

    protected boolean verifyServer(X509Certificate[] x509CertificateArr, SSLTransport sSLTransport) {
        try {
            if (CertChainVerifier.IMPLICIT_CA_CHAIN) {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                System.out.println(certificateFactory.getProvider());
                X509Certificate[] x509CertificateArr2 = new X509Certificate[x509CertificateArr.length];
                for (int i = 0; i < x509CertificateArr.length; i++) {
                    x509CertificateArr2[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(x509CertificateArr[i].getEncoded()));
                }
                CertChainVerifier.chain_validate_jdk(x509CertificateArr2, this.f19700000, false);
                return true;
            }
            Cert[] convertCertificateList = CertUtils.convertCertificateList(x509CertificateArr);
            if (this.o00000 != null) {
                this.o00000.trace(convertCertificateList);
            }
            if (this.f19500000) {
                if (!super.verifyServer(x509CertificateArr, sSLTransport)) {
                    if (this.Object == null) {
                        return false;
                    }
                    this.Object.println("Entrust chain verification failed for client");
                    return false;
                }
                if (this.Object != null) {
                    this.Object.println("Entrust chain verification ok");
                }
            }
            if (this.o00000 == null) {
                return true;
            }
            this.o00000.authenticateServer(convertCertificateList);
            if (this.Object == null) {
                return true;
            }
            this.Object.println("server verification ok");
            return true;
        } catch (AXSecurityException e) {
            if (this.Object == null) {
                return false;
            }
            this.Object.println("server verification failed:");
            e.printStackTrace(this.Object);
            return false;
        } catch (CertificateException e2) {
            if (this.Object == null) {
                return false;
            }
            this.Object.println("server verification failed:");
            e2.printStackTrace(this.Object);
            return false;
        }
    }

    public boolean verifyChain(X509Certificate[] x509CertificateArr, SSLTransport sSLTransport) {
        return this.f19500000 ? super.verifyChain(x509CertificateArr, sSLTransport) : this.f19600000 ? verifyServer(x509CertificateArr, sSLTransport) : verifyClient(x509CertificateArr, sSLTransport);
    }
}
