package com.tibco.security.ssl.oOOO;

import com.tibco.security.AXSecurityException;
import com.tibco.security.Cert;
import com.tibco.security.CertChainVerifier;
import com.tibco.security.CertUtils;
import com.tibco.security.TrustedCerts;
import com.tibco.security.ssl.CertificateVerifier;
import iaik.security.ssl.ChainVerifier;
import iaik.security.ssl.SSLTransport;
import java.io.ByteArrayInputStream;
import java.io.PrintStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

/* compiled from: EntrustVerifier.java */
/* renamed from: com.tibco.security.ssl.oOOO.super, reason: invalid class name */
/* loaded from: input_file:com/tibco/security/ssl/oOOO/super.class */
public class Csuper extends ChainVerifier {

    /* renamed from: super, reason: not valid java name */
    CertificateVerifier f208super;

    /* renamed from: Ò00000, reason: contains not printable characters */
    boolean f20900000;

    /* renamed from: class, reason: not valid java name */
    boolean f210class;

    /* renamed from: Ó00000, reason: contains not printable characters */
    PrintStream f21100000;

    /* renamed from: Ô00000, reason: contains not printable characters */
    private final TrustedCerts f21200000;

    public Csuper(CertificateVerifier certificateVerifier, PrintStream printStream, boolean z) throws AXSecurityException {
        this.f208super = certificateVerifier;
        this.f210class = z;
        this.f20900000 = certificateVerifier.performDefaultAuthentication();
        this.f21100000 = printStream;
        this.f21200000 = certificateVerifier.getTrustedCerts();
        if (certificateVerifier == null || this.f21200000 == null) {
            return;
        }
        for (Cert cert : this.f21200000.getCertificateList()) {
            addTrustedCertificate((X509Certificate) cert.getContents());
        }
    }

    protected boolean verifyClient(X509Certificate[] x509CertificateArr, SSLTransport sSLTransport) {
        try {
            if (x509CertificateArr == null) {
                if (this.f21100000 == null) {
                    return false;
                }
                this.f21100000.println("Error: expected a client certificate, no certificate received");
                return false;
            }
            if (CertChainVerifier.IMPLICIT_CA_CHAIN) {
                CertChainVerifier.chain_validate_jdk(x509CertificateArr, this.f21200000, false);
                return true;
            }
            Cert[] convertCertificateList = CertUtils.convertCertificateList(x509CertificateArr);
            if (this.f208super != null) {
                this.f208super.trace(convertCertificateList);
            }
            if (this.f20900000) {
                if (!super.verifyClient(x509CertificateArr, sSLTransport)) {
                    if (this.f21100000 == null) {
                        return false;
                    }
                    this.f21100000.println("Entrust chain verification failed for client");
                    return false;
                }
                if (this.f21100000 != null) {
                    this.f21100000.println("Entrust chain verification ok");
                }
            }
            if (this.f208super == null) {
                return true;
            }
            this.f208super.authenticateClient(convertCertificateList);
            if (this.f21100000 == null) {
                return true;
            }
            this.f21100000.println("client verification ok");
            return true;
        } catch (AXSecurityException e) {
            if (this.f21100000 == null) {
                return false;
            }
            this.f21100000.println("client verification failed:");
            e.printStackTrace(this.f21100000);
            return false;
        }
    }

    protected boolean verifyServer(X509Certificate[] x509CertificateArr, SSLTransport sSLTransport) {
        try {
            if (CertChainVerifier.IMPLICIT_CA_CHAIN) {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                System.out.println(certificateFactory.getProvider());
                X509Certificate[] x509CertificateArr2 = new X509Certificate[x509CertificateArr.length];
                for (int i = 0; i < x509CertificateArr.length; i++) {
                    x509CertificateArr2[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(x509CertificateArr[i].getEncoded()));
                }
                CertChainVerifier.chain_validate_jdk(x509CertificateArr2, this.f21200000, false);
                return true;
            }
            Cert[] convertCertificateList = CertUtils.convertCertificateList(x509CertificateArr);
            if (this.f208super != null) {
                this.f208super.trace(convertCertificateList);
            }
            if (this.f20900000) {
                if (!super.verifyServer(x509CertificateArr, sSLTransport)) {
                    if (this.f21100000 == null) {
                        return false;
                    }
                    this.f21100000.println("Entrust chain verification failed for client");
                    return false;
                }
                if (this.f21100000 != null) {
                    this.f21100000.println("Entrust chain verification ok");
                }
            }
            if (this.f208super == null) {
                return true;
            }
            this.f208super.authenticateServer(convertCertificateList);
            if (this.f21100000 == null) {
                return true;
            }
            this.f21100000.println("server verification ok");
            return true;
        } catch (AXSecurityException e) {
            if (this.f21100000 == null) {
                return false;
            }
            this.f21100000.println("server verification failed:");
            e.printStackTrace(this.f21100000);
            return false;
        } catch (CertificateException e2) {
            if (this.f21100000 == null) {
                return false;
            }
            this.f21100000.println("server verification failed:");
            e2.printStackTrace(this.f21100000);
            return false;
        }
    }

    public boolean verifyChain(X509Certificate[] x509CertificateArr, SSLTransport sSLTransport) {
        return this.f20900000 ? super.verifyChain(x509CertificateArr, sSLTransport) : this.f210class ? verifyServer(x509CertificateArr, sSLTransport) : verifyClient(x509CertificateArr, sSLTransport);
    }
}
