package com.ibm.bcg.util;

import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509TrustManager;
import org.apache.log4j.Category;

/* loaded from: input_file:com/ibm/bcg/util/WPGTrustManager.class */
public class WPGTrustManager implements X509TrustManager {
    public static final String copyright = "Licensed Material - Property of IBM , 5724-E75,5724-E87,5724-L68,5724-L69.  (C) Copyright IBM Corp. 2001,2004 - All Rights Reserved. The source code for this program is not published or otherwisedivested of its trade secrets, irrespective of what has beendeposited with the U.S. Copyright Office. ";
    private static final Category logger;
    static Class class$com$ibm$bcg$util$WPGTrustManager;

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        throw new UnsupportedOperationException("CheckClienttrusted method is not supported");
    }

    /* JADX WARN: Finally extract failed */
    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        logger.debug("Entered checkServerTrusted");
        logger.debug("Checking Certificate chain");
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            throw new IllegalArgumentException("Certificate chain is null or empty");
        }
        logger.debug("Checking authtype");
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException("Certificate chain is null or empty");
        }
        try {
            if (x509CertificateArr[0].getSubjectDN().equals(x509CertificateArr[0].getIssuerDN())) {
                try {
                    KeyStore trustStore = WBICSecurityManager.getInstance().getTrustStore();
                    if (trustStore == null) {
                        throw new BcgRuntimeException("There are no trusted root certificates!");
                    }
                    if (trustStore != null) {
                        try {
                            if (trustStore.getCertificateAlias(x509CertificateArr[0]) == null) {
                                throw new CertificateException("SSL Server Certificate is not found in the list of trusted root certificates.");
                            }
                        } catch (Exception e) {
                            throw new BcgRuntimeException("Exception while retrieving certificate alias", e);
                        }
                    }
                    logger.debug("checkServerTrusted has ended");
                    return;
                } catch (BcgException e2) {
                    logger.error("Certificate has expired or signature validation has failed1");
                    throw new BcgRuntimeException("Exception while verifying server certificate", (Exception) e2);
                }
            }
            try {
                try {
                } catch (BcgException e3) {
                    Throwable exception = e3.getException();
                    if (exception != null && (exception instanceof CertificateException)) {
                        throw ((CertificateException) exception);
                    }
                    if (exception != null) {
                        logger.error("Certificate has expired or signature validation has failed1");
                        throw new BcgRuntimeException("Exception while verifying server certificate", exception);
                    }
                    if (exception == null) {
                        throw new BcgRuntimeException("Exception while verifying server certificate", (Exception) e3);
                    }
                }
                if (CertPathUtil.validateCertPathWithReset(x509CertificateArr[0], true)) {
                    logger.debug("checkServerTrusted has ended");
                    return;
                } else {
                    logger.error("Certificate has expired or signature validation has failed");
                    throw new CertificateExpiredException("Certificate is expired or the signature could not be verified.");
                }
            } catch (Exception e4) {
                logger.error("Certificate has expired or signature validation has failed2");
                throw new BcgRuntimeException("Exception while verifying server certificate", e4);
            }
        } catch (Throwable th) {
            logger.debug("checkServerTrusted has ended");
            throw th;
        }
        logger.debug("checkServerTrusted has ended");
        throw th;
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        logger.debug("Entered getAcceptedIssuers");
        try {
            logger.debug("Obtaining trusted certficates from Security Manager");
            return WBICSecurityManager.getInstance().getAllTrustedCertificates();
        } catch (BcgException e) {
            logger.error("Error while getting trusted certficates ", e);
            return new X509Certificate[0];
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$bcg$util$WPGTrustManager == null) {
            cls = class$("com.ibm.bcg.util.WPGTrustManager");
            class$com$ibm$bcg$util$WPGTrustManager = cls;
        } else {
            cls = class$com$ibm$bcg$util$WPGTrustManager;
        }
        logger = Category.getInstance(cls.getName());
    }
}
