package com.avocent.kvm.base.util;

import com.avocent.kvm.base.AbstractKvmSession;
import com.avocent.kvm.base.event.KvmSessionListenerAdapter;
import com.avocent.kvm.properties.KVMProperties;
import java.beans.PropertyChangeEvent;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/avocent/kvm/base/util/KVMTrustManager.class */
public class KVMTrustManager implements X509TrustManager {
    KeyStore m_ks = KeyStore.getInstance("JKS");
    String m_kspass = "";
    String m_ksFileName;
    String m_certFileName;
    String m_host;
    boolean isPrimaryConnection;
    private static final String CERT_DEFAULT_KEYSTORE_PASSWORD = "changeit";
    private static final String MAC_CERT_DEFAULT_KEYSTORE_PASSWORD = "changeme";
    private AbstractKvmSession m_kvmSession;
    X509TrustManager sunJSSEX509TrustManager;
    X509Certificate[] x509Certificate;

    /* loaded from: input_file:com/avocent/kvm/base/util/KVMTrustManager$MyKVMListener.class */
    class MyKVMListener extends KvmSessionListenerAdapter {
        MyKVMListener() {
        }

        @Override // com.avocent.kvm.base.event.KvmSessionListenerAdapter, java.beans.PropertyChangeListener
        public void propertyChange(PropertyChangeEvent propertyChangeEvent) {
            String propertyName = propertyChangeEvent.getPropertyName();
            if (propertyName.equalsIgnoreCase(KVMProperties.CERT_USER_RESPONSE) && ((Integer) KVMTrustManager.this.m_kvmSession.getProperty(propertyName)).intValue() == 3) {
                for (int i = 0; i < KVMTrustManager.this.x509Certificate.length; i++) {
                    try {
                        try {
                            KVMTrustManager.this.m_ks.setCertificateEntry("" + i, KVMTrustManager.this.x509Certificate[i]);
                        } catch (KeyStoreException e) {
                            e.printStackTrace();
                            throw e;
                        }
                    } catch (Exception e2) {
                        System.out.println("Key Store file write exception");
                        e2.getMessage();
                        return;
                    }
                }
                FileOutputStream fileOutputStream = new FileOutputStream(KVMTrustManager.this.m_ksFileName);
                KVMTrustManager.this.m_ks.store(fileOutputStream, KVMTrustManager.this.m_kspass.toCharArray());
                fileOutputStream.close();
            }
        }
    }

    public KVMTrustManager(String str, boolean z, AbstractKvmSession abstractKvmSession) throws Exception {
        this.isPrimaryConnection = false;
        this.m_host = str;
        this.isPrimaryConnection = z;
        this.m_kvmSession = abstractKvmSession;
        this.m_kvmSession.addListener(new MyKVMListener());
        loadCertificate();
    }

    private void loadCertificate() throws Exception {
        System.out.println("OS: " + System.getProperty("os.name"));
        this.m_kspass = "";
        this.m_ksFileName = System.getProperty("user.home") + "/trusted.certs";
        if (!new File(this.m_ksFileName).exists()) {
            this.m_certFileName = System.getProperty("java.home") + "/lib/security/cacerts";
            copyFile(this.m_certFileName, this.m_ksFileName);
        }
        System.out.println("m_ksFileName:" + this.m_ksFileName);
        try {
            this.m_ks.load(new FileInputStream(new File(this.m_ksFileName)), this.m_kspass.toCharArray());
        } catch (IOException e) {
            if (!e.getMessage().equals("Keystore was tampered with, or password was incorrect")) {
                throw e;
            }
            boolean startsWith = System.getProperty("os.name").toLowerCase().startsWith("mac os x");
            try {
                this.m_kspass = CERT_DEFAULT_KEYSTORE_PASSWORD;
                this.m_ks.load(new FileInputStream(new File(this.m_ksFileName)), this.m_kspass.toCharArray());
            } catch (IOException e2) {
                if (!startsWith) {
                    throw e2;
                }
                if (e.getMessage().equals("Keystore was tampered with, or password was incorrect")) {
                    this.m_kspass = MAC_CERT_DEFAULT_KEYSTORE_PASSWORD;
                    this.m_ks.load(new FileInputStream(new File(this.m_ksFileName)), this.m_kspass.toCharArray());
                }
            }
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
        trustManagerFactory.init(this.m_ks);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                this.sunJSSEX509TrustManager = (X509TrustManager) trustManagers[i];
                return;
            }
        }
        throw new Exception("Unable to Initialize MyX509TrustManager");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.sunJSSEX509TrustManager.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            throw e;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.x509Certificate = x509CertificateArr;
        if (!this.isPrimaryConnection) {
            System.out.println("Primary connection already checked");
            return;
        }
        try {
            this.sunJSSEX509TrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            String message = e.getMessage();
            x509CertificateArr[0].getIssuerX500Principal().getName();
            x509CertificateArr[0].getSubjectDN().getName();
            HashMap hashMap = new HashMap();
            hashMap.put(KVMProperties.CERTIFICATE_HOST, this.m_host);
            hashMap.put(KVMProperties.CERTIFICATE_REASON, message);
            String obj = x509CertificateArr[0].getSubjectDN().toString();
            int indexOf = obj.indexOf("CN=");
            int indexOf2 = obj.indexOf(44, indexOf);
            if (indexOf2 > -1) {
                hashMap.put(KVMProperties.CERTIFICATE_COMMON_NAME, obj.substring(indexOf + 3, indexOf2));
            }
            int indexOf3 = obj.indexOf("O=");
            int indexOf4 = obj.indexOf(44, indexOf3);
            if (indexOf4 > -1) {
                hashMap.put(KVMProperties.CERTIFICATE_ORG, obj.substring(indexOf3 + 2, indexOf4));
            }
            int indexOf5 = obj.indexOf("OU=");
            int indexOf6 = obj.indexOf(44, indexOf5);
            if (indexOf6 > -1) {
                hashMap.put(KVMProperties.CERTIFICATE_ORG_UNIT, obj.substring(indexOf5 + 3, indexOf6));
            }
            int indexOf7 = obj.indexOf("L=");
            int indexOf8 = obj.indexOf(44, indexOf7);
            if (indexOf8 > -1) {
                hashMap.put(KVMProperties.CERTIFICATE_LOC, obj.substring(indexOf7 + 2, indexOf8));
            }
            int indexOf9 = obj.indexOf(KVMProperties.CERTIFICATE_EMAIL);
            int indexOf10 = obj.indexOf(44, indexOf9);
            if (indexOf10 > -1) {
                hashMap.put(KVMProperties.CERTIFICATE_EMAIL, obj.substring(indexOf9 + 13, indexOf10));
            }
            if (this.m_kvmSession != null) {
                this.m_kvmSession.setProperty(KVMProperties.VALIDATE_CERTIFICATE, hashMap);
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.sunJSSEX509TrustManager.getAcceptedIssuers();
    }

    private void copyFile(String str, String str2) {
        try {
            File file = new File(str);
            File file2 = new File(str2);
            FileInputStream fileInputStream = new FileInputStream(file);
            FileOutputStream fileOutputStream = new FileOutputStream(file2);
            byte[] bArr = new byte[1024];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read <= 0) {
                    fileInputStream.close();
                    fileOutputStream.close();
                    return;
                }
                fileOutputStream.write(bArr, 0, read);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
