package de.contecon.base.net;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.X509TrustManager;
import net.essc.util.RmiUtilLoader;

/* loaded from: input_file:de/contecon/base/net/CcX509TrustManagerWithTrace.class */
public class CcX509TrustManagerWithTrace implements X509TrustManager {
    private static final List<X509Certificate> newCerts = new ArrayList();
    private final boolean server;
    private final X509TrustManager x509TrustManager;
    private final int sslType;
    private final String tsName;

    public CcX509TrustManagerWithTrace(boolean z, X509TrustManager x509TrustManager, int i, String str) {
        if (RmiUtilLoader.GenLog.isTracelevel(3)) {
            RmiUtilLoader.GenLog.dumpInfoMessage("CcX509TrustManagerWithTrace: server=" + z + " x509TrustManager=" + x509TrustManager + " sslType=" + i + " name=" + str);
        }
        this.server = z;
        this.x509TrustManager = x509TrustManager;
        this.sslType = i;
        this.tsName = str;
    }

    public static void add(X509Certificate x509Certificate) {
        synchronized (newCerts) {
            newCerts.add(x509Certificate);
        }
    }

    private String getType() {
        return this.server ? "SERVER" : "CLIENT";
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        String certificateChainAsText = CcX509TraceUtils.getCertificateChainAsText(x509CertificateArr);
        if (System.getProperty("de.contecon.base.net.CcX509TrustManagerWithTrace.EnableFullTrace") == null) {
            if (RmiUtilLoader.GenLog.isTracelevel(4)) {
                RmiUtilLoader.GenLog.dumpDebugMessage("CcX509TrustManagerWithTrace.checkClientTrusted: " + getType() + " try chain=" + certificateChainAsText + " authType=" + str + " sslType=" + this.sslType + " name=" + this.tsName);
            }
        } else if (RmiUtilLoader.GenLog.isTracelevel(3)) {
            RmiUtilLoader.GenLog.dumpInfoMessage("CcX509TrustManagerWithTrace.checkClientTrusted: " + getType() + " try chain=" + certificateChainAsText + " authType=" + str + " sslType=" + this.sslType + " name=" + this.tsName);
        }
        if (!searchAtNewCerts(x509CertificateArr)) {
            try {
                this.x509TrustManager.checkClientTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                RmiUtilLoader.GenLog.dumpExceptionError("CcX509TrustManagerWithTrace.checkClientTrusted", e);
                throw e;
            }
        }
        if (x509CertificateArr != null && x509CertificateArr.length > 0) {
            CcX509CertificateManager.put(x509CertificateArr[0]);
        }
        if (System.getProperty("de.contecon.base.net.CcX509TrustManagerWithTrace.EnableFullTrace") == null) {
            if (RmiUtilLoader.GenLog.isTracelevel(4)) {
                RmiUtilLoader.GenLog.dumpDebugMessage("CcX509TrustManagerWithTrace.checkClientTrusted: " + getType() + " ok. chain=" + certificateChainAsText + " authType=" + str + " sslType=" + this.sslType + " name=" + this.tsName);
            }
        } else if (RmiUtilLoader.GenLog.isTracelevel(3)) {
            RmiUtilLoader.GenLog.dumpInfoMessage("CcX509TrustManagerWithTrace.checkClientTrusted: " + getType() + " ok. chain=" + certificateChainAsText + " authType=" + str + " sslType=" + this.sslType + " name=" + this.tsName);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        String certificateChainAsText = CcX509TraceUtils.getCertificateChainAsText(x509CertificateArr);
        if (System.getProperty("de.contecon.base.net.CcX509TrustManagerWithTrace.EnableFullTrace") == null) {
            if (RmiUtilLoader.GenLog.isTracelevel(4)) {
                RmiUtilLoader.GenLog.dumpDebugMessage("CcX509TrustManagerWithTrace.checkServerTrusted: " + getType() + " try chain=" + certificateChainAsText + " authType=" + str + " sslType=" + this.sslType + " name=" + this.tsName);
            }
        } else if (RmiUtilLoader.GenLog.isTracelevel(3)) {
            RmiUtilLoader.GenLog.dumpInfoMessage("CcX509TrustManagerWithTrace.checkServerTrusted: " + getType() + " try chain=" + certificateChainAsText + " authType=" + str + " sslType=" + this.sslType + " name=" + this.tsName);
        }
        if (!searchAtNewCerts(x509CertificateArr)) {
            try {
                this.x509TrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                RmiUtilLoader.GenLog.dumpExceptionError("CcX509TrustManagerWithTrace.checkServerTrusted", e);
                throw e;
            }
        }
        if (System.getProperty("de.contecon.base.net.CcX509TrustManagerWithTrace.EnableFullTrace") == null) {
            if (RmiUtilLoader.GenLog.isTracelevel(4)) {
                RmiUtilLoader.GenLog.dumpDebugMessage("CcX509TrustManagerWithTrace.checkServerTrusted: " + getType() + " ok. chain=" + certificateChainAsText + " authType=" + str + " sslType=" + this.sslType + " name=" + this.tsName);
            }
        } else if (RmiUtilLoader.GenLog.isTracelevel(3)) {
            RmiUtilLoader.GenLog.dumpInfoMessage("CcX509TrustManagerWithTrace.checkServerTrusted: " + getType() + " ok. chain=" + certificateChainAsText + " authType=" + str + " sslType=" + this.sslType + " name=" + this.tsName);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Certificate[] acceptedIssuers = this.x509TrustManager.getAcceptedIssuers();
        String certificateChainAsText = CcX509TraceUtils.getCertificateChainAsText(acceptedIssuers);
        if (System.getProperty("de.contecon.base.net.CcX509TrustManagerWithTrace.EnableFullTrace") == null) {
            if (RmiUtilLoader.GenLog.isTracelevel(4)) {
                RmiUtilLoader.GenLog.dumpDebugMessage("CcX509TrustManagerWithTrace.getAcceptedIssuers: " + getType() + " sslType=" + this.sslType + " name=" + this.tsName + " " + certificateChainAsText);
            }
        } else if (RmiUtilLoader.GenLog.isTracelevel(3)) {
            RmiUtilLoader.GenLog.dumpInfoMessage("CcX509TrustManagerWithTrace.getAcceptedIssuers: " + getType() + " sslType=" + this.sslType + " name=" + this.tsName + " " + certificateChainAsText);
        }
        return acceptedIssuers;
    }

    private boolean searchAtNewCerts(X509Certificate[] x509CertificateArr) {
        boolean z = false;
        if (x509CertificateArr != null && x509CertificateArr.length > 0 && !newCerts.isEmpty()) {
            Iterator<X509Certificate> it = newCerts.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Certificate next = it.next();
                if (next != null && next.equals(x509CertificateArr[0])) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }
}
