package org.apache.directory.server.ldap.replication;

import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.X509TrustManager;
import org.bouncycastle.jce.provider.X509CertParser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/apacheds-protocol-ldap-2.0.0-M15.jar:org/apache/directory/server/ldap/replication/ReplicationTrustManager.class */
public class ReplicationTrustManager implements X509TrustManager {
    private static KeyStore ks;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ReplicationTrustManager.class);
    private static X509TrustManager trustManager = null;
    private static X509CertParser parser = new X509CertParser();
    private static ReplicationTrustManager INSTANCE = new ReplicationTrustManager();

    /* JADX WARN: Code restructure failed: missing block: B:10:0x0038, code lost:
    
        org.apache.directory.server.ldap.replication.ReplicationTrustManager.trustManager = (javax.net.ssl.X509TrustManager) r0[r7];
        org.apache.directory.server.ldap.replication.ReplicationTrustManager.LOG.debug("found X509TrustManager {}", org.apache.directory.server.ldap.replication.ReplicationTrustManager.trustManager);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private ReplicationTrustManager() {
        /*
            r4 = this;
            r0 = r4
            r0.<init>()
            java.lang.String r0 = "JKS"
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)     // Catch: java.lang.Exception -> L5a
            org.apache.directory.server.ldap.replication.ReplicationTrustManager.ks = r0     // Catch: java.lang.Exception -> L5a
            java.security.KeyStore r0 = org.apache.directory.server.ldap.replication.ReplicationTrustManager.ks     // Catch: java.lang.Exception -> L5a
            r1 = 0
            r2 = 0
            r0.load(r1, r2)     // Catch: java.lang.Exception -> L5a
            java.lang.String r0 = javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm()     // Catch: java.lang.Exception -> L5a
            javax.net.ssl.TrustManagerFactory r0 = javax.net.ssl.TrustManagerFactory.getInstance(r0)     // Catch: java.lang.Exception -> L5a
            r5 = r0
            r0 = r5
            java.security.KeyStore r1 = org.apache.directory.server.ldap.replication.ReplicationTrustManager.ks     // Catch: java.lang.Exception -> L5a
            r0.init(r1)     // Catch: java.lang.Exception -> L5a
            r0 = r5
            javax.net.ssl.TrustManager[] r0 = r0.getTrustManagers()     // Catch: java.lang.Exception -> L5a
            r6 = r0
            r0 = 0
            r7 = r0
        L29:
            r0 = r7
            r1 = r6
            int r1 = r1.length     // Catch: java.lang.Exception -> L5a
            if (r0 >= r1) goto L57
            r0 = r6
            r1 = r7
            r0 = r0[r1]     // Catch: java.lang.Exception -> L5a
            boolean r0 = r0 instanceof javax.net.ssl.X509TrustManager     // Catch: java.lang.Exception -> L5a
            if (r0 == 0) goto L51
            r0 = r6
            r1 = r7
            r0 = r0[r1]     // Catch: java.lang.Exception -> L5a
            javax.net.ssl.X509TrustManager r0 = (javax.net.ssl.X509TrustManager) r0     // Catch: java.lang.Exception -> L5a
            org.apache.directory.server.ldap.replication.ReplicationTrustManager.trustManager = r0     // Catch: java.lang.Exception -> L5a
            org.slf4j.Logger r0 = org.apache.directory.server.ldap.replication.ReplicationTrustManager.LOG     // Catch: java.lang.Exception -> L5a
            java.lang.String r1 = "found X509TrustManager {}"
            javax.net.ssl.X509TrustManager r2 = org.apache.directory.server.ldap.replication.ReplicationTrustManager.trustManager     // Catch: java.lang.Exception -> L5a
            r0.debug(r1, r2)     // Catch: java.lang.Exception -> L5a
            goto L57
        L51:
            int r7 = r7 + 1
            goto L29
        L57:
            goto L6f
        L5a:
            r5 = move-exception
            org.slf4j.Logger r0 = org.apache.directory.server.ldap.replication.ReplicationTrustManager.LOG
            java.lang.String r1 = "failed to initialize the keystore and X509 trustmanager"
            r2 = r5
            r0.error(r1, r2)
            java.lang.RuntimeException r0 = new java.lang.RuntimeException
            r1 = r0
            r2 = r5
            r1.<init>(r2)
            throw r0
        L6f:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.directory.server.ldap.replication.ReplicationTrustManager.<init>():void");
    }

    public static void addCertificates(Map<String, byte[]> map) throws Exception {
        for (Map.Entry<String, byte[]> entry : map.entrySet()) {
            addCertificate(entry.getKey(), entry.getValue());
        }
    }

    public static void addCertificate(String str, byte[] bArr) throws Exception {
        try {
            parser.engineInit(new ByteArrayInputStream(bArr));
            ks.setCertificateEntry(str, (X509Certificate) parser.engineRead());
        } catch (Exception e) {
            LOG.warn("failed to load the certificate associated with the alias {}", str, e);
            throw e;
        }
    }

    public static ReplicationTrustManager getInstance() {
        return INSTANCE;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        trustManager.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        trustManager.checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return trustManager.getAcceptedIssuers();
    }
}
