package org.eclipse.dstore.internal.core.util.ssl;

import java.io.File;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import org.eclipse.dstore.core.util.ssl.DStoreKeyStore;
import org.eclipse.dstore.core.util.ssl.IDataStoreTrustManager;

/* JADX WARN: Classes with same name are omitted:
  input_file:org/eclipse/dstore/internal/core/util/ssl/DataStoreTrustManager.class
 */
/* loaded from: input_file:dstore_core.jar:org/eclipse/dstore/internal/core/util/ssl/DataStoreTrustManager.class */
public class DataStoreTrustManager implements IDataStoreTrustManager {
    private KeyStore _keystore;
    private List<Certificate> _trustedCerts = new ArrayList();
    private List<Certificate> _untrustedCerts = new ArrayList();
    private List<Exception> _verifyExceptions = new ArrayList();

    @Override // org.eclipse.dstore.core.util.ssl.IDataStoreTrustManager
    public void setKeystore(String str, String str2) {
        try {
            this._keystore = DStoreKeyStore.getKeyStore(str, str2);
            loadTrustedCertificates();
            String str3 = String.valueOf(str) + "pkcs";
            if (new File(str3).exists()) {
                return;
            }
            KeyStore pKCSKeyStore = DStoreKeyStore.getPKCSKeyStore(str3, str2);
            Enumeration<String> aliases = this._keystore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                DStoreKeyStore.addCertificateToKeyStore(pKCSKeyStore, this._keystore.getCertificate(nextElement), nextElement);
            }
            DStoreKeyStore.persistKeyStore(pKCSKeyStore, str3, str2);
        } catch (Exception unused) {
        }
    }

    private void loadTrustedCertificates() {
        this._trustedCerts.clear();
        try {
            Enumeration<String> aliases = this._keystore.aliases();
            while (aliases.hasMoreElements()) {
                this._trustedCerts.add(this._keystore.getCertificate(aliases.nextElement()));
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override // org.eclipse.dstore.core.util.ssl.IDataStoreTrustManager
    public List<Certificate> getUntrustedCerts() {
        return this._untrustedCerts;
    }

    public List<Exception> getVerifyExceptions() {
        return this._verifyExceptions;
    }

    private void checkTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this._untrustedCerts.clear();
        this._verifyExceptions.clear();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            boolean z = false;
            if (this._trustedCerts.size() > 0) {
                for (int i = 0; i < this._trustedCerts.size() && !z; i++) {
                    try {
                        x509Certificate.verify(((X509Certificate) this._trustedCerts.get(i)).getPublicKey());
                        z = true;
                    } catch (Exception unused) {
                    }
                }
            }
            if (!z) {
                this._untrustedCerts.add(x509Certificate);
            }
        }
        if (this._trustedCerts.size() == 0 || this._untrustedCerts.size() > 0) {
            throw new CertificateException();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
}
