package com.sun.enterprise.admin.server.core;

import com.sun.enterprise.admin.jmx.remote.IStringManager;
import com.sun.enterprise.admin.jmx.remote.StringManagerFactory;
import com.sun.enterprise.security.SecurityUtil;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/sun/enterprise/admin/server/core/InMemoryX509TrustManager.class */
public class InMemoryX509TrustManager implements X509TrustManager {
    private static IStringManager _strMgr = null;
    private KeyStore mTrustStore;

    public InMemoryX509TrustManager(String str) {
        this.mTrustStore = null;
        try {
            if (this.mTrustStore == null) {
                this.mTrustStore = getCertTrustore(str);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (_strMgr == null) {
            _strMgr = StringManagerFactory.getClientStringManager(InMemoryX509TrustManager.class, (Map) null);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        throw new UnsupportedOperationException("Not Implemented for Client Trust Management");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            checkCertificate(x509CertificateArr);
        } catch (CertificateException e) {
            throw e;
        }
    }

    protected void checkCertificate(X509Certificate[] x509CertificateArr) throws CertificateException, IllegalArgumentException {
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            throw new IllegalArgumentException(_strMgr.getString("emptyServerCertificate"));
        }
        for (X509Certificate x509Certificate : x509CertificateArr) {
            x509Certificate.checkValidity();
        }
        try {
            if (!certificateExists(x509CertificateArr[0])) {
                throw new CertificateException(_strMgr.getString("serverCertificateNotTrusted"));
            }
        } catch (Exception e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }

    private KeyStore getCertTrustore(String str) throws KeyStoreException {
        KeyStore[] trustStores = SecurityUtil.getSecuritySupport().getTrustStores();
        int i = 0;
        boolean z = false;
        while (true) {
            if (i >= trustStores.length) {
                break;
            }
            if (trustStores[i].getCertificate(str) != null) {
                z = true;
                break;
            }
            i++;
        }
        if (!z || trustStores == null) {
            return null;
        }
        return trustStores[i];
    }

    private boolean certificateExists(X509Certificate x509Certificate) throws KeyStoreException {
        return (this.mTrustStore == null || this.mTrustStore.getCertificateAlias(x509Certificate) == null) ? false : true;
    }
}
