package org.opends.server.tools;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.opends.messages.Message;
import org.opends.messages.ToolMessages;

/* loaded from: input_file:org/opends/server/tools/PromptTrustManager.class */
public class PromptTrustManager implements X509TrustManager {
    private static TrustManager[] trustManagerArray = {new PromptTrustManager()};

    private PromptTrustManager() {
    }

    public static TrustManager[] getTrustManagers() {
        return trustManagerArray;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        throw new CertificateException(ToolMessages.ERR_PROMPTTM_REJECTING_CLIENT_CERT.get().toString());
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        String lowerCase;
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            System.out.println(ToolMessages.WARN_PROMPTTM_NO_SERVER_CERT_CHAIN.get());
        } else {
            Date date = new Date();
            Date notAfter = x509CertificateArr[0].getNotAfter();
            Date notBefore = x509CertificateArr[0].getNotBefore();
            if (date.after(notAfter)) {
                System.err.println(ToolMessages.WARN_PROMPTTM_CERT_EXPIRED.get(String.valueOf(notAfter)));
            } else if (date.before(notBefore)) {
                System.err.println(ToolMessages.WARN_PROMPTTM_CERT_NOT_YET_VALID.get(String.valueOf(notBefore)));
            }
            System.out.println(ToolMessages.INFO_PROMPTTM_SERVER_CERT.get(x509CertificateArr[0].getSubjectDN().getName(), x509CertificateArr[0].getIssuerDN().getName(), String.valueOf(notBefore), String.valueOf(notAfter)));
        }
        Message message = ToolMessages.INFO_PROMPTTM_YESNO_PROMPT.get();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.in));
        while (true) {
            try {
                System.out.print(message);
                lowerCase = bufferedReader.readLine().toLowerCase();
            } catch (IOException e) {
            }
            if (lowerCase.equals("y") || lowerCase.equals("yes")) {
                return;
            }
            if (lowerCase.equals("n") || lowerCase.equals("no")) {
                throw new CertificateException(ToolMessages.ERR_PROMPTTM_USER_REJECTED.get().toString());
                break;
            }
            System.out.println();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
