package com.secdec.codedx.security;

import com.secdec.codedx.util.HashUtil;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.logging.Logger;

/* loaded from: input_file:WEB-INF/lib/codedx.jar:com/secdec/codedx/security/FingerprintStrategy.class */
public class FingerprintStrategy implements InvalidCertificateStrategy {
    private String fingerprint;
    private static final Logger logger = Logger.getLogger(FingerprintStrategy.class.getName());

    public FingerprintStrategy(String str) {
        this.fingerprint = str;
        if (str == null) {
            this.fingerprint = "";
        }
    }

    @Override // com.secdec.codedx.security.InvalidCertificateStrategy
    public CertificateAcceptance checkAcceptance(Certificate certificate, CertificateException certificateException) {
        if (certificate instanceof X509Certificate) {
            try {
                String hexString = HashUtil.toHexString(HashUtil.getSHA1(((X509Certificate) certificate).getEncoded()));
                logger.info("Certificate fingerprint:  " + hexString.toUpperCase());
                logger.info("User-entered fingerprint: " + this.fingerprint.toUpperCase());
                if (hexString.toUpperCase().equals(this.fingerprint.toUpperCase())) {
                    return CertificateAcceptance.ACCEPT_PERMANENTLY;
                }
            } catch (CertificateEncodingException e) {
                logger.warning("Problem reading certificate: " + e);
                e.printStackTrace();
            }
        } else {
            logger.warning("Certificate presented was not X509: " + certificate);
        }
        return CertificateAcceptance.REJECT;
    }
}
