package org.mozilla.jss.ssl;

import java.util.Enumeration;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.crypto.X509Certificate;
import org.mozilla.jss.pkcs11.PK11Cert;
import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;

/* JADX WARN: Classes with same name are omitted:
  input_file:117667-02/patchzip-d52diu.zip:nsclient.zip:java/jss4.jar:org/mozilla/jss/ssl/TestCertApprovalCallback.class
 */
/* loaded from: input_file:117667-02/patchzip-d52diu.zip:nsclient.zip:java/jss40.jar:org/mozilla/jss/ssl/TestCertApprovalCallback.class */
public class TestCertApprovalCallback implements SSLCertificateApprovalCallback {
    @Override // org.mozilla.jss.ssl.SSLCertificateApprovalCallback
    public boolean approve(X509Certificate x509Certificate, SSLCertificateApprovalCallback.ValidityStatus validityStatus) {
        System.out.println("in TestCertApprovalCallback.approve()");
        System.out.println(new StringBuffer().append("Peer cert details: \n     subject: ").append(x509Certificate.getSubjectDN().toString()).append("\n     issuer:  ").append(x509Certificate.getIssuerDN().toString()).append("\n     serial:  ").append(x509Certificate.getSerialNumber().toString()).toString());
        boolean z = false;
        Enumeration reasons = validityStatus.getReasons();
        int i = 0;
        while (reasons.hasMoreElements()) {
            i++;
            SSLCertificateApprovalCallback.ValidityItem validityItem = (SSLCertificateApprovalCallback.ValidityItem) reasons.nextElement();
            System.out.println(new StringBuffer().append("item ").append(i).append(" reason=").append(validityItem.getReason()).append(" depth=").append(validityItem.getDepth()).toString());
            PK11Cert cert = validityItem.getCert();
            if (validityItem.getReason() == -8172) {
                z = true;
            }
            System.out.println(new StringBuffer().append(" cert details: \n     subject: ").append(cert.getSubjectDN().toString()).append("\n     issuer:  ").append(cert.getIssuerDN().toString()).append("\n     serial:  ").append(cert.getSerialNumber().toString()).toString());
        }
        if (!z) {
            return true;
        }
        System.out.println("importing certificate.");
        try {
            CryptoManager.getInstance().importCertToPerm(x509Certificate, "testnick").setSSLTrust(3);
            return true;
        } catch (Exception e) {
            System.out.println(new StringBuffer().append("thrown exception: ").append(e).toString());
            return true;
        }
    }
}
