package com.ibm.iaccess.base;

import com.ibm.iaccess.Copyright;
import com.ibm.iaccess.baselite.AcsConstants;
import com.ibm.iaccess.baselite.AcsInquiryMessage;
import com.ibm.iaccess.mri.current.AcsMriKeys_acsmsg;
import com.ibm.icu.text.DateFormat;
import java.awt.Component;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;

@Copyright("Licensed Materials - Property of IBM\n5733-XJ1\n(C) Copyright IBM Corp. 2012, 2014.\nAll Rights Reserved.\nUS Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.\n")
/* loaded from: input_file:lib/acsbase.jar:com/ibm/iaccess/base/AcsCertificateException.class */
public class AcsCertificateException extends CertificateException implements AcsConstants {
    private static final long serialVersionUID = 1;
    private final String m_authType;
    private final X509Certificate[] m_chain;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AcsCertificateException(X509Certificate[] x509CertificateArr, String str, Exception exc) {
        super(exc);
        this.m_authType = str;
        this.m_chain = x509CertificateArr;
    }

    public String getAuthType() {
        return this.m_authType;
    }

    public X509Certificate[] getChain() {
        return this.m_chain;
    }

    public List<X509Certificate> getCAs() {
        LinkedList linkedList = new LinkedList();
        for (X509Certificate x509Certificate : getChain()) {
            if (x509Certificate.getBasicConstraints() > -1) {
                linkedList.add(x509Certificate);
            }
        }
        return linkedList.isEmpty() ? Arrays.asList(getChain()) : linkedList;
    }

    public int processCAs(Component component) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
        int i = 0;
        for (X509Certificate x509Certificate : getCAs()) {
            if (!AcsSSLUtils.contains(x509Certificate) && AcsMsgUtil.inqmsg(component, new AcsInquiryMessage(AcsMriKeys_acsmsg.INQMSG_SSL_SERVER_NOT_TRUSTED_TRUST_HANDSHAKECA, new String[]{"" + x509Certificate.getIssuerDN(), "" + x509Certificate.getSubjectDN(), "" + x509Certificate.getSigAlgName(), "" + x509Certificate.getSigAlgOID(), "" + DateFormat.getDateInstance(1).format(x509Certificate.getNotBefore()), "" + DateFormat.getDateInstance(1).format(x509Certificate.getNotAfter()), "" + x509Certificate.getSerialNumber(), "" + x509Certificate.getPublicKey().getAlgorithm()}, AcsInquiryMessage.InquiryChoice.YES, AcsInquiryMessage.InquiryChoice.NO)) == AcsInquiryMessage.InquiryChoice.YES) {
                AcsLogUtil.logFine("User dynamically adding CA from SSL handshake: " + x509Certificate);
                String str = "ca400_dynamic_" + x509Certificate.getIssuerDN().toString() + ":" + new Date() + ":" + System.nanoTime();
                AcsLogUtil.logFine("Alias is " + str);
                try {
                    AcsSSLUtils.addCerts(str, x509Certificate);
                    i++;
                } catch (Exception e) {
                    AcsMsgUtil.msg((Component) null, e);
                }
            }
        }
        return i;
    }

    public static AcsCertificateException getFromCauseChainOf(Exception exc) {
        Exception exc2 = exc;
        do {
            Throwable cause = exc2.getCause();
            exc2 = cause;
            if (null == cause) {
                return null;
            }
        } while (!(exc2 instanceof AcsCertificateException));
        return (AcsCertificateException) exc2;
    }

    public int acceptAllCerts(Component component) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
        int i = 0;
        for (X509Certificate x509Certificate : getCAs()) {
            if (!AcsSSLUtils.contains(x509Certificate)) {
                AcsLogUtil.logFine("User dynamically adding CA from SSL handshake: " + x509Certificate);
                String str = "ca400_dynamic_" + x509Certificate.getIssuerDN().toString() + ":" + new Date() + ":" + System.nanoTime();
                AcsLogUtil.logFine("Alias is " + str);
                try {
                    AcsSSLUtils.addCerts(str, x509Certificate);
                    i++;
                } catch (Exception e) {
                    AcsMsgUtil.msg((Component) null, e);
                }
            }
        }
        return i;
    }
}
