package com.ibm.mq.jmqi.remote.util;

import com.ibm.mq.jmqi.ConnectionName;
import com.ibm.mq.jmqi.JmqiEnvironment;
import com.ibm.mq.jmqi.JmqiException;
import com.ibm.mq.jmqi.JmqiObject;
import com.ibm.mq.jmqi.MQAIR;
import com.ibm.mq.jmqi.MQSCO;
import com.ibm.mq.jmqi.remote.impl.RemoteConnection;
import com.ibm.msg.client.commonservices.trace.Trace;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CRL;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.LDAPCertStoreParameters;
import java.security.cert.X509CRLSelector;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Vector;
import javax.naming.NamingException;
import javax.security.auth.x500.X500Principal;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:com/ibm/mq/jmqi/remote/util/RemoteSSLCRLHelper.class */
public class RemoteSSLCRLHelper extends JmqiObject {
    public static final String sccsid = "@(#) MQMBID sn=p800-005-160516.2 su=_oI_Zsxt-Eearh6Qyg9d9Dg pn=com.ibm.mq.jmqi.remote/src/com/ibm/mq/jmqi/remote/util/RemoteSSLCRLHelper.java";
    private RemoteConnection conn;

    public RemoteSSLCRLHelper(JmqiEnvironment jmqiEnvironment, RemoteConnection remoteConnection) {
        super(jmqiEnvironment);
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "<init>(JmqiEnvironment,RemoteConnection)", new Object[]{jmqiEnvironment, remoteConnection});
        }
        this.conn = remoteConnection;
        if (Trace.isOn) {
            Trace.exit(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "<init>(JmqiEnvironment,RemoteConnection)");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void checkCRL(X509Certificate x509Certificate, Collection<?> collection) throws JmqiException {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", new Object[]{x509Certificate, collection});
        }
        if (collection.size() == 0) {
            if (Trace.isOn) {
                Trace.exit(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", 1);
                return;
            }
            return;
        }
        Throwable th = null;
        boolean z = false;
        Iterator<?> it = collection.iterator();
        while (it.hasNext() && !z) {
            try {
                CertStore certStore = (CertStore) it.next();
                if (certStore != null) {
                    X509CRLSelector x509CRLSelector = new X509CRLSelector();
                    try {
                        x509CRLSelector.addIssuerName(new X500Principal(x509Certificate.getIssuerDN().getName()).getName("CANONICAL"));
                        Collection vector = new Vector();
                        try {
                            try {
                                vector = certStore.getCRLs(x509CRLSelector);
                            } catch (CertStoreException e) {
                                if (Trace.isOn) {
                                    Trace.catchBlock(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", e, 3);
                                }
                                NamingException cause = e.getCause();
                                if (!(cause instanceof NamingException)) {
                                    if (Trace.isOn) {
                                        Trace.throwing(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", e, 3);
                                    }
                                    throw e;
                                }
                                NamingException namingException = cause;
                                if (Trace.isOn) {
                                    Trace.traceData(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "Assuming Exception means no CRL was found, so nothing to check", namingException);
                                }
                            }
                            try {
                                Certificate generateCertificate = CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
                                if (vector.size() == 0) {
                                    z = true;
                                } else {
                                    Iterator it2 = vector.iterator();
                                    while (it2.hasNext()) {
                                        if (((CRL) it2.next()).isRevoked(generateCertificate)) {
                                            JmqiException jmqiException = new JmqiException(this.env, JmqiException.AMQ9633, new String[]{null, null, this.conn.getChannelName()}, 2, 2401, null);
                                            if (Trace.isOn) {
                                                Trace.throwing(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", jmqiException, 6);
                                            }
                                            throw jmqiException;
                                        }
                                        z = true;
                                    }
                                }
                            } catch (CertificateException e2) {
                                if (Trace.isOn) {
                                    Trace.catchBlock(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", e2, 4);
                                }
                                HashMap hashMap = new HashMap();
                                hashMap.put("CertificateException className", e2.getClass().getName());
                                hashMap.put("CertificateException message", e2.getMessage());
                                hashMap.put("Description", "A can't happen exception");
                                Trace.ffst(this, "checkCRL(X509Certificate,Collection<?>)", "01", (HashMap<String, ? extends Object>) hashMap, (Class<? extends Throwable>) null);
                                JmqiException jmqiException2 = new JmqiException(this.env, -1, null, 2, 2195, e2);
                                if (Trace.isOn) {
                                    Trace.throwing(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", jmqiException2, 4);
                                }
                                throw jmqiException2;
                            } catch (javax.security.cert.CertificateException e3) {
                                if (Trace.isOn) {
                                    Trace.catchBlock(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", e3, 5);
                                }
                                HashMap hashMap2 = new HashMap();
                                hashMap2.put("CertificateException className", e3.getClass().getName());
                                hashMap2.put("CertificateException message", e3.getMessage());
                                hashMap2.put("Description", "A can't happen exception");
                                Trace.ffst(this, "checkCRL(X509Certificate,Collection<?>)", "02", (HashMap<String, ? extends Object>) hashMap2, (Class<? extends Throwable>) null);
                                JmqiException jmqiException3 = new JmqiException(this.env, -1, null, 2, 2195, e3);
                                if (Trace.isOn) {
                                    Trace.throwing(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", jmqiException3, 5);
                                }
                                throw jmqiException3;
                            }
                        } catch (CertStoreException e4) {
                            if (Trace.isOn) {
                                Trace.catchBlock(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", e4, 6);
                            }
                            if (th == null) {
                                th = e4;
                            }
                        }
                    } catch (IOException e5) {
                        if (Trace.isOn) {
                            Trace.catchBlock(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", e5, 2);
                        }
                        JmqiException jmqiException4 = new JmqiException(this.env, -1, null, 2, 2397, e5);
                        if (Trace.isOn) {
                            Trace.throwing(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", jmqiException4, 1);
                        }
                        throw jmqiException4;
                    }
                } else if (th == null) {
                    th = new NullPointerException();
                }
            } catch (ClassCastException e6) {
                if (Trace.isOn) {
                    Trace.catchBlock(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", e6, 1);
                }
                if (th == null) {
                    th = e6;
                }
            }
        }
        if (z) {
            if (Trace.isOn) {
                Trace.exit(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", 2);
            }
        } else {
            JmqiException jmqiException5 = new JmqiException(this.env, JmqiException.AMQ9666, new String[]{null, null, this.conn.getChannelName()}, 2, 2402, th);
            if (Trace.isOn) {
                Trace.throwing(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "checkCRL(X509Certificate,Collection<?>)", jmqiException5, 7);
            }
            throw jmqiException5;
        }
    }

    public Collection<CertStore> processAuthInfoRecords(MQSCO mqsco) throws JmqiException {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "processAuthInfoRecords(MQSCO)", new Object[]{mqsco});
        }
        ArrayList arrayList = new ArrayList();
        MQAIR[] authInfoRecords = mqsco.getAuthInfoRecords();
        for (int i = 0; i < mqsco.getAuthInfoRecCount(); i++) {
            ConnectionName connectionName = new ConnectionName(authInfoRecords[i].getAuthInfoConnName(), 389);
            try {
                arrayList.add(CertStore.getInstance("LDAP", new LDAPCertStoreParameters(connectionName.getMachine(), connectionName.getPort())));
            } catch (InvalidAlgorithmParameterException e) {
                if (Trace.isOn) {
                    Trace.catchBlock(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "processAuthInfoRecords(MQSCO)", e, 1);
                }
            } catch (Exception e2) {
                if (Trace.isOn) {
                    Trace.catchBlock(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "processAuthInfoRecords(MQSCO)", e2, 2);
                }
                JmqiException jmqiException = new JmqiException(this.env, JmqiException.AMQ9666, new String[]{null, null, this.conn.getChannelName()}, 2, 2402, e2);
                if (Trace.isOn) {
                    Trace.throwing(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "processAuthInfoRecords(MQSCO)", jmqiException);
                }
                throw jmqiException;
            }
        }
        if (Trace.isOn) {
            Trace.exit(this, "com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "processAuthInfoRecords(MQSCO)", arrayList);
        }
        return arrayList;
    }

    static {
        if (Trace.isOn) {
            Trace.data("com.ibm.mq.jmqi.remote.util.RemoteSSLCRLHelper", "static", "SCCS id", (Object) sccsid);
        }
    }
}
