package com.sun.deploy.config;

import com.sun.deploy.trace.Trace;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:jre/Home/jre/lib/deploy.jar:com/sun/deploy/config/ConfigTrustManager.class */
class ConfigTrustManager implements X509TrustManager {
    private static SSLSocketFactory ssf = null;
    private X509TrustManager defaultTM;
    private X509TrustManager nativeTM;

    public ConfigTrustManager() throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, CertificateException {
        this.defaultTM = null;
        this.nativeTM = null;
        TrustManager[] generateTrustManager = generateTrustManager(false);
        TrustManager[] generateTrustManager2 = generateTrustManager(true);
        if (generateTrustManager.length > 0) {
            this.defaultTM = (X509TrustManager) generateTrustManager[0];
        }
        if (generateTrustManager2.length > 0) {
            this.nativeTM = (X509TrustManager) generateTrustManager2[0];
        }
    }

    public static void resetHttpsFactory(HttpsURLConnection httpsURLConnection) {
        try {
            if (ssf == null) {
                TrustManager[] trustManagerArr = {new ConfigTrustManager()};
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, trustManagerArr, null);
                ssf = sSLContext.getSocketFactory();
            }
            if (ssf != null) {
                Trace.securityPrintln("Reset SSLSocketFactory using Config TrustManager");
                httpsURLConnection.setSSLSocketFactory(ssf);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Certificate[] acceptedIssuers = this.defaultTM.getAcceptedIssuers();
        X509Certificate[] acceptedIssuers2 = this.nativeTM.getAcceptedIssuers();
        X509Certificate[] x509CertificateArr = new X509Certificate[acceptedIssuers.length + acceptedIssuers2.length];
        System.arraycopy(acceptedIssuers, 0, x509CertificateArr, 0, acceptedIssuers.length);
        System.arraycopy(acceptedIssuers2, 0, x509CertificateArr, acceptedIssuers.length, acceptedIssuers2.length);
        return x509CertificateArr;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        boolean z = false;
        if (this.defaultTM == null && this.nativeTM == null) {
            throw new CertificateException("Both TrustManager are null");
        }
        if (this.defaultTM != null) {
            try {
                this.defaultTM.checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
                Trace.securityPrintln("Default TrustManager check failed");
                if (this.nativeTM == null) {
                    Trace.securityPrintln("No native TrustManager available");
                    throw e;
                }
                z = true;
            }
        }
        if (this.nativeTM != null) {
            if (z || this.defaultTM == null) {
                try {
                    Trace.securityPrintln("Using native TrustManager");
                    this.nativeTM.checkServerTrusted(x509CertificateArr, str);
                } catch (CertificateException e2) {
                    Trace.securityPrintln("Native(IE browser) TrustManager check failed");
                    throw e2;
                }
            }
        }
    }

    private TrustManager[] generateTrustManager(boolean z) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            if (z) {
                KeyStore keyStore = KeyStore.getInstance("Windows-ROOT");
                keyStore.load(null, "".toCharArray());
                trustManagerFactory.init(keyStore);
            } else {
                trustManagerFactory.init((KeyStore) null);
            }
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
}
