package com.ibm.rational.dataservices.client.auth.oauth;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/ibm/rational/dataservices/client/auth/oauth/JfsX509TrustManager.class */
public class JfsX509TrustManager implements X509TrustManager {
    private final X509TrustManager ibmJSSEX509TrustManager;
    private final ICertificationHandler certificationHandler;
    private final KeyStore trustStore;

    public JfsX509TrustManager(ICertificationHandler iCertificationHandler) throws OAuthCommunicatorException {
        TrustManagerFactory trustManagerFactory;
        try {
            this.certificationHandler = iCertificationHandler;
            this.trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream = new FileInputStream(new File(String.valueOf(System.getProperty("java.home")) + File.separatorChar + "lib" + File.separatorChar + "security" + File.separatorChar + "cacerts"));
            this.trustStore.load(fileInputStream, "changeit".toCharArray());
            fileInputStream.close();
            try {
                trustManagerFactory = TrustManagerFactory.getInstance("IbmX509", "IBMJSSE2");
            } catch (NoSuchAlgorithmException unused) {
                trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            } catch (NoSuchProviderException unused2) {
                trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            }
            trustManagerFactory.init(this.trustStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            for (int i = 0; i < trustManagers.length; i++) {
                if (trustManagers[i] instanceof X509TrustManager) {
                    this.ibmJSSEX509TrustManager = (X509TrustManager) trustManagers[i];
                    return;
                }
            }
            throw new OAuthCommunicatorException("OAuthCommunicator could not initialize!");
        } catch (IOException e) {
            throw new OAuthCommunicatorException(e);
        } catch (KeyStoreException e2) {
            throw new OAuthCommunicatorException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new OAuthCommunicatorException(e3);
        } catch (CertificateException e4) {
            throw new OAuthCommunicatorException(e4);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.ibmJSSEX509TrustManager.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            throw e;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.ibmJSSEX509TrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            if (!this.certificationHandler.acceptCertificate(x509CertificateArr)) {
                throw e;
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.ibmJSSEX509TrustManager.getAcceptedIssuers();
    }
}
