package com.urbancode.commons.util.ssl;

import com.urbancode.commons.util.Check;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.log4j.Logger;

/* loaded from: input_file:lib/udclient.jar:com/urbancode/commons/util/ssl/LoggingX509TrustManager.class */
public class LoggingX509TrustManager implements X509TrustManager {
    private static final Logger defaultLog = Logger.getLogger((Class<?>) LoggingX509TrustManager.class);
    private final X509TrustManager delegate;
    private final String delegateName;
    private final Logger log;

    public static TrustManager[] wrap(TrustManager[] trustManagerArr) {
        return wrap(trustManagerArr, defaultLog);
    }

    public static TrustManager[] wrap(TrustManager[] trustManagerArr, Logger logger) {
        if (trustManagerArr != null) {
            for (int i = 0; i < trustManagerArr.length; i++) {
                TrustManager trustManager = trustManagerArr[i];
                if (trustManager instanceof X509TrustManager) {
                    trustManagerArr[i] = new LoggingX509TrustManager((X509TrustManager) trustManager, logger);
                }
            }
        }
        return trustManagerArr;
    }

    public LoggingX509TrustManager(X509TrustManager x509TrustManager) {
        this(x509TrustManager, defaultLog);
    }

    public LoggingX509TrustManager(X509TrustManager x509TrustManager, Logger logger) {
        this.delegate = (X509TrustManager) Check.nonNull(x509TrustManager, "delegate");
        this.log = (Logger) Check.nonNull(logger, "log");
        this.delegateName = x509TrustManager.getClass().getName();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (this.log.isDebugEnabled()) {
            this.log.debug(this.delegateName + ".checkClientTrusted(" + extractNames(x509CertificateArr) + ", " + str + ")");
        }
        try {
            this.delegate.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            if (this.log.isDebugEnabled()) {
                this.log.debug(this.delegateName + ".checkClientTrusted() rejected certificate chain", e);
            }
            throw e;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (this.log.isDebugEnabled()) {
            this.log.debug(this.delegateName + ".checkServerTrusted(" + extractNames(x509CertificateArr) + ", " + str + ")");
        }
        try {
            this.delegate.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            if (this.log.isDebugEnabled()) {
                this.log.debug(this.delegateName + ".checkServerTrusted() rejected certificate chain", e);
            }
            throw e;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Certificate[] acceptedIssuers = this.delegate.getAcceptedIssuers();
        if (this.log.isDebugEnabled()) {
            if (acceptedIssuers == null) {
                this.log.debug(this.delegateName + ".getAcceptedIssuers() = null");
            } else {
                this.log.debug(this.delegateName + ".getAcceptedIssuers() = " + extractNames(acceptedIssuers));
            }
        }
        return acceptedIssuers;
    }

    private List<String> extractNames(X509Certificate[] x509CertificateArr) {
        String name;
        ArrayList arrayList = new ArrayList();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            String str = "null";
            if (x509Certificate != null) {
                String str2 = "<unknown>";
                Principal subjectDN = x509Certificate.getSubjectDN();
                if (subjectDN != null && (name = subjectDN.getName()) != null) {
                    str2 = name;
                }
                str = str2;
            }
            arrayList.add(str);
        }
        return arrayList;
    }
}
