package com.solacesystems.jcsmp.secure;

import com.solacesystems.jcsmp.i18n.JCSMPRB;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/solacesystems/jcsmp/secure/AuthSSLX509TrustManager.class */
public class AuthSSLX509TrustManager implements X509TrustManager {
    private X509TrustManager defaultTrustManager;
    private SecureProperties mSecureProps;
    private static final Log LOG = LogFactory.getLog(AuthSSLX509TrustManager.class);

    public AuthSSLX509TrustManager(X509TrustManager x509TrustManager, SecureProperties secureProperties) {
        this.defaultTrustManager = null;
        if (x509TrustManager == null) {
            throw new IllegalArgumentException(JCSMPRB.BUNDLE.getStringSafely("AuthSSLX509TrustManager.trustManagerMayNotBeNull"));
        }
        this.defaultTrustManager = x509TrustManager;
        this.mSecureProps = secureProperties;
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.defaultTrustManager.getAcceptedIssuers();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (LOG.isDebugEnabled() && x509CertificateArr != null) {
            for (int i = 0; i < x509CertificateArr.length; i++) {
                X509Certificate x509Certificate = x509CertificateArr[i];
                LOG.debug(" Client certificate " + (i + 1) + ":");
                LOG.debug("  Subject DN: " + x509Certificate.getSubjectDN());
                LOG.debug("  Signature Algorithm: " + x509Certificate.getSigAlgName());
                LOG.debug("  Valid from: " + x509Certificate.getNotBefore());
                LOG.debug("  Valid until: " + x509Certificate.getNotAfter());
                LOG.debug("  Issuer: " + x509Certificate.getIssuerDN());
            }
        }
        this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
    }

    /* JADX WARN: Code restructure failed: missing block: B:41:0x0139, code lost:
    
        if (r5.mSecureProps.validateCertificateDate() == false) goto L25;
     */
    /* JADX WARN: Code restructure failed: missing block: B:43:0x0141, code lost:
    
        throw ((java.security.cert.CertificateException) r10);
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x0142, code lost:
    
        r9 = true;
     */
    @Override // javax.net.ssl.X509TrustManager
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void checkServerTrusted(java.security.cert.X509Certificate[] r6, java.lang.String r7) throws java.security.cert.CertificateException {
        /*
            Method dump skipped, instructions count: 401
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.solacesystems.jcsmp.secure.AuthSSLX509TrustManager.checkServerTrusted(java.security.cert.X509Certificate[], java.lang.String):void");
    }

    private void validateCommonName(X509Certificate[] x509CertificateArr) throws CertificateException {
        String[] commonNames = this.mSecureProps.getCommonNames();
        String parseCN = parseCN(x509CertificateArr[0].getSubjectX500Principal());
        if (parseCN != null) {
            for (String str : commonNames) {
                if (parseCN.equalsIgnoreCase(str)) {
                    return;
                }
            }
        }
        throw new CertificateException("Server not trusted - no common name match");
    }

    private String parseCN(X500Principal x500Principal) {
        String[] split;
        String name = x500Principal.getName();
        if (name != null && (split = name.split(",")) != null) {
            for (int i = 0; i < split.length; i++) {
                if (split[i].startsWith("CN=") && split[i].length() > 3) {
                    return split[i].substring(3);
                }
            }
        }
        return null;
    }
}
