package com.ibm.team.repository.transport.client;

import com.ibm.team.repository.common.transport.ICertificateValidator;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/ibm/team/repository/transport/client/ValidatingX509TrustManager.class */
public class ValidatingX509TrustManager implements X509TrustManager {
    private X509TrustManager baseTrustManager;
    private ICertificateValidator validator;
    private ITrustStoreProvider trustStoreProvider;
    private static /* synthetic */ int[] $SWITCH_TABLE$com$ibm$team$repository$common$transport$ICertificateValidator$Trust;

    private void initializeBaseTrustManager() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(this.trustStoreProvider.getRuntimeTrustStore().getKeyStore());
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        int length = trustManagers.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            TrustManager trustManager = trustManagers[i];
            if (trustManager instanceof X509TrustManager) {
                this.baseTrustManager = (X509TrustManager) trustManager;
                break;
            }
            i++;
        }
        if (this.baseTrustManager == null) {
            throw new IllegalStateException("Couldn't find JRE's X509TrustManager");
        }
    }

    public ValidatingX509TrustManager(ICertificateValidator iCertificateValidator) {
        this(iCertificateValidator, new SharedTrustStoreProvider());
    }

    public ValidatingX509TrustManager(ICertificateValidator iCertificateValidator, ITrustStoreProvider iTrustStoreProvider) {
        this.validator = iCertificateValidator;
        this.trustStoreProvider = iTrustStoreProvider;
        try {
            initializeBaseTrustManager();
        } catch (IOException e) {
        } catch (KeyStoreException e2) {
        } catch (NoSuchAlgorithmException e3) {
        } catch (CertificateException e4) {
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.baseTrustManager.getAcceptedIssuers();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.baseTrustManager.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        X509Certificate x509Certificate = x509CertificateArr[0];
        try {
            if (this.trustStoreProvider.getSessionTrustStore().containsCertificate(x509Certificate)) {
                return;
            }
        } catch (KeyStoreException e) {
        }
        try {
            this.baseTrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e2) {
            if (this.validator == null) {
                throw e2;
            }
            switch ($SWITCH_TABLE$com$ibm$team$repository$common$transport$ICertificateValidator$Trust()[this.validator.validate(x509Certificate, e2).ordinal()]) {
                case 1:
                    throw e2;
                case 2:
                    return;
                case 3:
                    try {
                        this.trustStoreProvider.getSessionTrustStore().enterCertificate(x509Certificate);
                        return;
                    } catch (KeyStoreException e3) {
                        return;
                    }
                case 4:
                    try {
                        this.trustStoreProvider.getSessionTrustStore().enterCertificate(x509Certificate);
                        this.trustStoreProvider.installCertificate(x509Certificate);
                        return;
                    } catch (IOException e4) {
                        return;
                    } catch (KeyStoreException e5) {
                        return;
                    } catch (NoSuchAlgorithmException e6) {
                        return;
                    }
                default:
                    return;
            }
        }
    }

    static /* synthetic */ int[] $SWITCH_TABLE$com$ibm$team$repository$common$transport$ICertificateValidator$Trust() {
        int[] iArr = $SWITCH_TABLE$com$ibm$team$repository$common$transport$ICertificateValidator$Trust;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[ICertificateValidator.Trust.values().length];
        try {
            iArr2[ICertificateValidator.Trust.ACCEPT_CONNECTION.ordinal()] = 2;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[ICertificateValidator.Trust.ACCEPT_PERMANENT.ordinal()] = 4;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[ICertificateValidator.Trust.ACCEPT_SESSION.ordinal()] = 3;
        } catch (NoSuchFieldError unused3) {
        }
        try {
            iArr2[ICertificateValidator.Trust.REJECT.ordinal()] = 1;
        } catch (NoSuchFieldError unused4) {
        }
        $SWITCH_TABLE$com$ibm$team$repository$common$transport$ICertificateValidator$Trust = iArr2;
        return iArr2;
    }
}
