package demo.rmi;

import demo.rmi.server.SSLRMISocketFactory;
import iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo;
import iaik.security.ssl.ClientTrustDecider;
import iaik.security.ssl.SSLCertificate;
import iaik.security.ssl.SSLClientContext;
import iaik.utils.KeyAndCertificate;
import java.applet.Applet;
import java.awt.Graphics;
import java.io.IOException;
import java.rmi.Naming;
import java.rmi.server.RMISocketFactory;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;

/* compiled from: demo/rmi/SSLHelloClient */
/* loaded from: input_file:demo/rmi/SSLHelloClient.class */
public class SSLHelloClient extends Applet {

    /* renamed from: Þ, reason: contains not printable characters */
    String f41 = "";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:demo/rmi/SSLHelloClient$TrustDecider.class */
    public class TrustDecider implements ClientTrustDecider {

        /* renamed from: Ù, reason: contains not printable characters */
        private final SSLHelloClient f42;

        /* renamed from: Ú, reason: contains not printable characters */
        private boolean f43 = false;

        /* renamed from: Û, reason: contains not printable characters */
        private X509Certificate[] f44;

        /* renamed from: Ü, reason: contains not printable characters */
        private PrivateKey f45;

        /* renamed from: Ý, reason: contains not printable characters */
        private PrivateKey f46;

        public TrustDecider(SSLHelloClient sSLHelloClient) {
            this.f42 = sSLHelloClient;
            this.f42 = sSLHelloClient;
            try {
                KeyAndCertificate keyAndCertificate = new KeyAndCertificate("clientRSA1024.pem");
                EncryptedPrivateKeyInfo privateKey = keyAndCertificate.getPrivateKey();
                privateKey.decrypt("This is the passphrase!");
                this.f44 = keyAndCertificate.getCertificateChain();
                this.f45 = privateKey.getPrivateKeyInfo();
            } catch (Exception unused) {
                System.out.println("Unable to set RSA client certificate.");
                System.out.println("RSA client certificate can not be used.");
            }
        }

        public boolean verifyCertificateChain(X509Certificate[] x509CertificateArr) {
            int length = x509CertificateArr.length;
            try {
                x509CertificateArr[length - 1].verify(x509CertificateArr[length - 1].getPublicKey());
                for (int i = length - 1; i > 0; i--) {
                    x509CertificateArr[i - 1].verify(x509CertificateArr[i].getPublicKey());
                }
                return true;
            } catch (Exception unused) {
                return false;
            }
        }

        @Override // iaik.security.ssl.TrustDecider
        public boolean isTrustedPeer(SSLCertificate sSLCertificate) {
            if (sSLCertificate == null) {
                return false;
            }
            X509Certificate[] certificateChain = sSLCertificate.getCertificateChain();
            debug("Server certificate chain");
            for (X509Certificate x509Certificate : certificateChain) {
                debug(x509Certificate.getSubjectDN().toString());
            }
            return verifyCertificateChain(certificateChain);
        }

        @Override // iaik.security.ssl.ClientTrustDecider
        public SSLCertificate getCertificate(byte[] bArr, Principal[] principalArr, String str) {
            debug(new StringBuffer("Key exchange algorithm: ").append(str).toString());
            debug("Server accepts the following CAs:");
            for (Principal principal : principalArr) {
                debug(principal.toString());
            }
            debug("Server requests the following certificate types:");
            for (byte b : bArr) {
                switch (b) {
                    case 1:
                        debug("rsa_sign");
                        break;
                    case 2:
                        debug("dss_sign");
                        break;
                    case ClientTrustDecider.rsa_fixed_dh /* 3 */:
                        debug("rsa_fixed_dh");
                        break;
                    case ClientTrustDecider.dss_fixed_dh /* 4 */:
                        debug("dss_fixed_dh");
                        break;
                    case ClientTrustDecider.rsa_ephemeral_dh /* 5 */:
                        debug("rsa_ephemeral_dh");
                        break;
                    case ClientTrustDecider.dss_ephemeral_dh /* 6 */:
                        debug("dss_ephemeral_dh");
                        break;
                    case ClientTrustDecider.fortezza_dms /* 20 */:
                        debug("fortezza_dms");
                        break;
                }
            }
            if (!str.startsWith("RSA") && !str.startsWith("DHE_RSA")) {
                return null;
            }
            debug("return RSA certificate...");
            this.f46 = this.f45;
            return new SSLCertificate(this.f44);
        }

        @Override // iaik.security.ssl.ClientTrustDecider
        public PrivateKey getPrivateKey() {
            return this.f46;
        }

        private void debug(String str) {
            if (this.f43) {
                System.out.println(str);
            }
        }
    }

    public void init() {
        try {
            setSocketFactory();
            this.f41 = ((SSLHello) Naming.lookup(new StringBuffer("//").append(getCodeBase().getHost()).append("/HelloServer").toString())).sayHello();
        } catch (Exception e) {
            System.out.println("HelloApplet: an exception occurred:");
            e.printStackTrace();
        }
    }

    public void paint(Graphics graphics) {
        graphics.drawString(this.f41, 25, 50);
    }

    public void setSocketFactory() {
        SSLClientContext sSLClientContext = new SSLClientContext();
        sSLClientContext.setTrustDecider(new TrustDecider(this));
        SSLRMISocketFactory sSLRMISocketFactory = new SSLRMISocketFactory();
        sSLRMISocketFactory.setClientContext(sSLClientContext);
        try {
            RMISocketFactory.setSocketFactory(sSLRMISocketFactory);
        } catch (IOException e) {
            System.out.println(new StringBuffer("Error setting SSL RMISocketFactory: ").append(e).toString());
        }
    }

    public void test() {
        try {
            setSocketFactory();
            System.out.println(new StringBuffer("Message from RMI Server: ").append(((SSLHello) Naming.lookup("//localhost/SSLHelloServer")).sayHello()).toString());
        } catch (Exception e) {
            System.out.println("SSLHelloClient: an exception occurred:");
            e.printStackTrace();
        }
    }

    public static void main(String[] strArr) {
        new SSLHelloClient().test();
    }
}
