package edu.sdsc.secureftp.data;

import com.oroinc.text.regex.MalformedPatternException;
import com.oroinc.text.regex.Perl5Compiler;
import com.oroinc.text.regex.Perl5Matcher;
import com.sun.net.ssl.X509TrustManager;
import edu.sdsc.secureftp.debug;
import java.awt.Component;
import java.awt.Font;
import java.net.InetAddress;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import javax.swing.Icon;
import javax.swing.JLabel;
import javax.swing.JOptionPane;
import javax.swing.JPanel;

/* loaded from: input_file:edu/sdsc/secureftp/data/SecureFtpTrustManager.class */
public class SecureFtpTrustManager implements X509TrustManager {
    Data data;
    private Object[] buttonRow = {"Continue", "Cancel"};

    public SecureFtpTrustManager(Data data) {
        this.data = data;
    }

    @Override // com.sun.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }

    @Override // com.sun.net.ssl.X509TrustManager
    public boolean isClientTrusted(X509Certificate[] x509CertificateArr) {
        return true;
    }

    @Override // com.sun.net.ssl.X509TrustManager
    public boolean isServerTrusted(X509Certificate[] x509CertificateArr) {
        if (!this.data.getCertificateCheck()) {
            return true;
        }
        if (x509CertificateArr != null) {
            try {
                if (x509CertificateArr.length >= 1 && x509CertificateArr[0] != null) {
                    X509Certificate x509Certificate = x509CertificateArr[0];
                    this.data.startSSLConnection(x509Certificate);
                    try {
                        x509Certificate.checkValidity();
                    } catch (CertificateExpiredException unused) {
                        if (!showContinueDialog("Server certificate has expired.", "Certificate Expired")) {
                            return false;
                        }
                    } catch (CertificateNotYetValidException unused2) {
                        if (!showContinueDialog("Server certificate is not yet valid.", "Certificate Not Yet Valid")) {
                            return false;
                        }
                    }
                    Perl5Compiler perl5Compiler = new Perl5Compiler();
                    Perl5Matcher perl5Matcher = new Perl5Matcher();
                    String str = "<unknown>";
                    try {
                        if (perl5Matcher.contains(x509Certificate.getSubjectDN().getName(), perl5Compiler.compile("cn=([-\\w.]+)", 1))) {
                            str = perl5Matcher.getMatch().group(1);
                        }
                    } catch (MalformedPatternException e) {
                        debug.println(new StringBuffer("pattern exception: ").append(e.getMessage()).toString());
                    } catch (NullPointerException unused3) {
                    }
                    String hostname = this.data.getHostname();
                    InetAddress byName = InetAddress.getByName(str);
                    InetAddress byName2 = InetAddress.getByName(hostname);
                    debug.println(new StringBuffer("cnAddr => ").append(byName).append(", hostAddr => ").append(byName2).toString());
                    if (!str.equals(hostname) && !byName.getHostAddress().equals(byName2.getHostAddress()) && !showContinueDialog(new StringBuffer("The hostname \"").append(hostname).append("\" does not match certificate name \"").append(str).append("\".").toString(), "Common Name Does Not Match")) {
                        return false;
                    }
                    if (this.data.getFtpKeyStore().findCertificate(x509Certificate)) {
                        return true;
                    }
                    return this.data.trustNewCertificate(x509Certificate);
                }
            } catch (Exception e2) {
                debug.println(new StringBuffer("Exception in trust manager: ").append(e2.getMessage()).toString());
                return false;
            }
        }
        return showContinueDialog("Server did not send a certificate.", "No Certificate");
    }

    private boolean showContinueDialog(String str, String str2) {
        JPanel jPanel = new JPanel();
        JLabel jLabel = new JLabel(str);
        jLabel.setFont(new Font("Dialog", 0, 10));
        jPanel.add(jLabel);
        return JOptionPane.showOptionDialog((Component) null, jPanel, str2, 0, 2, (Icon) null, this.buttonRow, this.buttonRow[0]) == 0;
    }
}
