package org.pentaho.di.trans.steps.ldapinput.store;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.pentaho.di.core.Const;
import org.pentaho.di.core.exception.KettleException;
import org.pentaho.di.core.util.PluginProperty;
import org.pentaho.di.core.vfs.KettleVFS;
import org.pentaho.di.i18n.BaseMessages;
import org.pentaho.di.trans.steps.ldapinput.LDAPInputMeta;

/* loaded from: input_file:org/pentaho/di/trans/steps/ldapinput/store/KettleTrustManager.class */
public class KettleTrustManager implements X509TrustManager {
    private static Class<?> PKG = LDAPInputMeta.class;
    private X509TrustManager tm;

    public KettleTrustManager(KeyStore keyStore, String str, String str2) throws KettleException {
        InputStream inputStream = null;
        try {
            try {
                try {
                    InputStream inputStream2 = KettleVFS.getInputStream(str);
                    keyStore.load(inputStream2, Const.NVL(str2, PluginProperty.DEFAULT_STRING_VALUE).toCharArray());
                    if (inputStream2 != null) {
                        try {
                            inputStream2.close();
                        } catch (Exception e) {
                            throw new KettleException(BaseMessages.getString(PKG, "KettleTrustManager.Exception.CouldNotOpenCertStore", new String[0]), e);
                        }
                    }
                    try {
                        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                        trustManagerFactory.init(keyStore);
                        this.tm = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
                    } catch (Exception e2) {
                        throw new KettleException(BaseMessages.getString(PKG, "KettleTrustManager.Exception.CouldNotInitializeTrustManager", new String[0]), e2);
                    }
                } catch (Throwable th) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Exception e3) {
                            throw new KettleException(BaseMessages.getString(PKG, "KettleTrustManager.Exception.CouldNotOpenCertStore", new String[0]), e3);
                        }
                    }
                    throw th;
                }
            } catch (Exception e4) {
                throw new KettleException(BaseMessages.getString(PKG, "KettleTrustManager.Exception.CouldNotOpenCertStore", new String[0]), e4);
            }
        } catch (Exception e5) {
            throw new KettleException(BaseMessages.getString(PKG, "KettleTrustManager.Exception.CouldNotInitializeKettleTrustManager", new String[0]), e5);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        if (this.tm == null) {
            return null;
        }
        return this.tm.getAcceptedIssuers();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (this.tm == null) {
            return;
        }
        this.tm.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (this.tm == null) {
            return;
        }
        this.tm.checkServerTrusted(x509CertificateArr, str);
    }
}
