package com.ibm.xtools.rmpx.oauth;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.UUID;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.eclipse.core.runtime.ILog;
import org.eclipse.core.runtime.Status;

/* loaded from: input_file:com/ibm/xtools/rmpx/oauth/JfsX509TrustManager.class */
public class JfsX509TrustManager implements X509TrustManager {
    private static final String userTrustStoreLocation = String.valueOf(System.getProperty("user.home")) + "/.jazzcerts".replace('/', File.separatorChar);
    private static final String userTrustStorePassword = "ibmrationaljazz";
    private X509TrustManager delegateTrustManager;
    private ICertificationHandler certificationHandler;
    private static KeyStore permanentTrustStore;
    private static KeyStore sessionTrustStore;
    private ICertificateValidator validator;
    private static /* synthetic */ int[] $SWITCH_TABLE$com$ibm$xtools$rmpx$oauth$JfsX509TrustManager$Trust;

    /* loaded from: input_file:com/ibm/xtools/rmpx/oauth/JfsX509TrustManager$Trust.class */
    public enum Trust {
        REJECT,
        ACCEPT_CONNECTION,
        ACCEPT_SESSION,
        ACCEPT_PERMANENT;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static Trust[] valuesCustom() {
            Trust[] valuesCustom = values();
            int length = valuesCustom.length;
            Trust[] trustArr = new Trust[length];
            System.arraycopy(valuesCustom, 0, trustArr, 0, length);
            return trustArr;
        }
    }

    private static ILog getLog() {
        return Activator.getDefault().getLog();
    }

    private static synchronized KeyStore loadPermanentKeyStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore createKeyStore = createKeyStore();
        String property = System.getProperty("java.home");
        addCertificatesFromStore(createKeyStore, System.getProperty("javax.net.ssl.trustStore"), System.getProperty("javax.net.ssl.trustStorePassword"));
        addCertificatesFromStore(createKeyStore, (String.valueOf(property) + "/lib/security/cacerts").replace('/', File.separatorChar), null);
        addCertificatesFromStore(createKeyStore, (String.valueOf(property) + "/lib/security/jssecacerts").replace('/', File.separatorChar), null);
        addCertificatesFromStore(createKeyStore, userTrustStoreLocation, userTrustStorePassword);
        return createKeyStore;
    }

    private static synchronized void addCertificatesFromStore(KeyStore keyStore, String str, String str2) {
        char[] charArray;
        if (str == null || str.length() < 1 || !new File(str).canRead()) {
            return;
        }
        try {
            KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream = new FileInputStream(str);
            if (str2 == null) {
                charArray = null;
            } else {
                try {
                    try {
                        charArray = str2.toCharArray();
                    } catch (IOException unused) {
                        keyStore2.load(null, null);
                        fileInputStream.close();
                    }
                } finally {
                    fileInputStream.close();
                }
            }
            keyStore2.load(fileInputStream, charArray);
            Enumeration<String> aliases = keyStore2.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore2.isCertificateEntry(nextElement)) {
                    Certificate certificate = keyStore2.getCertificate(nextElement);
                    if (keyStore.getCertificate(nextElement) == null) {
                        keyStore.setCertificateEntry(nextElement, certificate);
                    }
                }
            }
        } catch (Exception unused2) {
        }
    }

    private static KeyStore createKeyStore() throws NoSuchAlgorithmException, CertificateException, IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            return keyStore;
        } catch (KeyStoreException e) {
            throw new RuntimeException("KeyStoreException: [" + e.getLocalizedMessage() + "]. Likely cause is that the Java Cryptography Extension libraries are missing from the JRE classpath.  Make sure %JAVA_HOME%/lib/ext is specified in your JVM's java.ext.dirs system property.");
        }
    }

    public JfsX509TrustManager(ICertificationHandler iCertificationHandler) throws OAuthCommunicatorException {
        this((ICertificateValidator) null);
        this.certificationHandler = iCertificationHandler;
    }

    public JfsX509TrustManager(ICertificateValidator iCertificateValidator) {
        try {
            this.validator = iCertificateValidator;
            if (permanentTrustStore == null) {
                permanentTrustStore = loadPermanentKeyStore();
            }
            if (sessionTrustStore == null) {
                sessionTrustStore = createKeyStore();
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(permanentTrustStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    this.delegateTrustManager = (X509TrustManager) trustManager;
                    break;
                }
                i++;
            }
            if (this.delegateTrustManager == null) {
                throw new IllegalStateException("Couldn't find JRE's X509TrustManager");
            }
        } catch (IOException e) {
            getLog().log(new Status(4, Activator.PLUGIN_ID, e.getMessage(), e));
        } catch (KeyStoreException e2) {
            getLog().log(new Status(4, Activator.PLUGIN_ID, e2.getMessage(), e2));
        } catch (NoSuchAlgorithmException e3) {
            getLog().log(new Status(4, Activator.PLUGIN_ID, e3.getMessage(), e3));
        } catch (CertificateException e4) {
            getLog().log(new Status(4, Activator.PLUGIN_ID, e4.getMessage(), e4));
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.delegateTrustManager.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            throw e;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        X509Certificate x509Certificate = x509CertificateArr[0];
        try {
            if (sessionTrustStore.getCertificateAlias(x509Certificate) != null) {
                return;
            }
        } catch (KeyStoreException unused) {
        }
        try {
            this.delegateTrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            if (this.certificationHandler == null || !this.certificationHandler.acceptCertificate(x509CertificateArr)) {
                if (this.validator == null) {
                    throw e;
                }
                switch ($SWITCH_TABLE$com$ibm$xtools$rmpx$oauth$JfsX509TrustManager$Trust()[this.validator.validate(x509Certificate, e).ordinal()]) {
                    case 1:
                        throw e;
                    case 2:
                        return;
                    case 3:
                        try {
                            if (sessionTrustStore.getCertificateAlias(x509Certificate) == null) {
                                sessionTrustStore.setCertificateEntry(UUID.randomUUID().toString(), x509Certificate);
                                return;
                            }
                            return;
                        } catch (KeyStoreException unused2) {
                            return;
                        }
                    case 4:
                        try {
                            if (sessionTrustStore.getCertificateAlias(x509Certificate) == null) {
                                sessionTrustStore.setCertificateEntry(UUID.randomUUID().toString(), x509Certificate);
                            }
                            File file = new File(userTrustStoreLocation);
                            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                            char[] charArray = userTrustStorePassword.toCharArray();
                            if (file.exists()) {
                                FileInputStream fileInputStream = new FileInputStream(file);
                                try {
                                    try {
                                        keyStore.load(fileInputStream, charArray);
                                        fileInputStream.close();
                                    } catch (IOException unused3) {
                                        keyStore.load(null, null);
                                        fileInputStream.close();
                                    }
                                } catch (Throwable th) {
                                    fileInputStream.close();
                                    throw th;
                                }
                            } else {
                                keyStore.load(null, null);
                            }
                            keyStore.setCertificateEntry(UUID.randomUUID().toString(), x509Certificate);
                            FileOutputStream fileOutputStream = new FileOutputStream(file);
                            try {
                                keyStore.store(fileOutputStream, charArray);
                                fileOutputStream.close();
                                return;
                            } catch (Throwable th2) {
                                fileOutputStream.close();
                                throw th2;
                            }
                        } catch (IOException e2) {
                            getLog().log(new Status(2, Activator.PLUGIN_ID, e2.getMessage(), e2));
                            return;
                        } catch (KeyStoreException e3) {
                            getLog().log(new Status(2, Activator.PLUGIN_ID, e3.getMessage(), e3));
                            return;
                        } catch (NoSuchAlgorithmException e4) {
                            getLog().log(new Status(2, Activator.PLUGIN_ID, e4.getMessage(), e4));
                            return;
                        }
                    default:
                        return;
                }
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.delegateTrustManager.getAcceptedIssuers();
    }

    static /* synthetic */ int[] $SWITCH_TABLE$com$ibm$xtools$rmpx$oauth$JfsX509TrustManager$Trust() {
        int[] iArr = $SWITCH_TABLE$com$ibm$xtools$rmpx$oauth$JfsX509TrustManager$Trust;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[Trust.valuesCustom().length];
        try {
            iArr2[Trust.ACCEPT_CONNECTION.ordinal()] = 2;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[Trust.ACCEPT_PERMANENT.ordinal()] = 4;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[Trust.ACCEPT_SESSION.ordinal()] = 3;
        } catch (NoSuchFieldError unused3) {
        }
        try {
            iArr2[Trust.REJECT.ordinal()] = 1;
        } catch (NoSuchFieldError unused4) {
        }
        $SWITCH_TABLE$com$ibm$xtools$rmpx$oauth$JfsX509TrustManager$Trust = iArr2;
        return iArr2;
    }
}
