package oracle.security.ssl;

import javax.security.cert.CertificateException;
import javax.security.cert.CertificateExpiredException;
import javax.security.cert.CertificateNotYetValidException;
import javax.security.cert.X509Certificate;
import oracle.security.cert.X509CertificateImpl;

/* loaded from: input_file:oracle/security/ssl/OracleX509TrustManager.class */
class OracleX509TrustManager implements OracleX509TrustManagerInterface {
    private X509Certificate[] m_trustedX509CertA;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OracleX509TrustManager(OracleSSLCredential oracleSSLCredential) {
        this.m_trustedX509CertA = new X509Certificate[oracleSSLCredential.getTrustedCertCount()];
        for (int i = 0; i < this.m_trustedX509CertA.length; i++) {
            try {
                this.m_trustedX509CertA[i] = new X509CertificateImpl(oracleSSLCredential.getTrustedCert(i));
            } catch (CertificateException unused) {
                OracleSSLDebug.debug(new StringBuffer("Certificate #").append(i).append(" is invalid").toString());
            }
        }
    }

    @Override // oracle.security.ssl.OracleX509TrustManagerInterface
    public void checkClientTrusted(X509Certificate[] x509CertificateArr) throws CertificateException, CertificateExpiredException, CertificateNotYetValidException {
        boolean z = false;
        if (x509CertificateArr == null) {
            throw new CertificateException("Peer sent no certificates");
        }
        for (int i = 0; i < x509CertificateArr.length && !z; i++) {
            OracleSSLDebug.debug(new StringBuffer("Peer Cert[").append(i).append("] = ").append(x509CertificateArr[i]).toString());
            for (int i2 = 0; i2 < this.m_trustedX509CertA.length && !z; i2++) {
                if (this.m_trustedX509CertA[i2].equals(x509CertificateArr[i])) {
                    z = true;
                }
            }
        }
        if (!z) {
            OracleSSLDebug.debug("Peer is not trusted");
            throw new CertificateException("Peer is not trusted");
        }
        OracleSSLDebug.debug("Checking Validity of Certificates");
        x509CertificateArr[0].checkValidity();
        OracleSSLDebug.debug("Certificate Chain OK");
    }

    @Override // oracle.security.ssl.OracleX509TrustManagerInterface
    public void checkServerTrusted(X509Certificate[] x509CertificateArr) throws CertificateException, CertificateExpiredException, CertificateNotYetValidException {
        checkClientTrusted(x509CertificateArr);
    }

    @Override // oracle.security.ssl.OracleX509TrustManagerInterface
    public X509Certificate[] getAcceptedIssuers() {
        return (X509Certificate[]) this.m_trustedX509CertA.clone();
    }
}
