package j.t.k.a.a.b;

import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes10.dex */
public class d implements X509TrustManager {

    /* renamed from: a, reason: collision with root package name */
    public static final String f87884a = d.class.getSimpleName();

    /* renamed from: b, reason: collision with root package name */
    public List<X509TrustManager> f87885b = new ArrayList();

    public d(InputStream inputStream, String str, boolean z2) throws IllegalArgumentException {
        if (inputStream == null) {
            throw new IllegalArgumentException("inputstream or trustPwd is null");
        }
        try {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                KeyStore keyStore = KeyStore.getInstance("bks");
                keyStore.load(inputStream, str.toCharArray());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                for (byte b2 = 0; b2 < trustManagers.length; b2 = (byte) (b2 + 1)) {
                    if (trustManagers[b2] instanceof X509TrustManager) {
                        this.f87885b.add((X509TrustManager) trustManagers[b2]);
                    }
                }
            } finally {
                j.t.g.e.a.Y(inputStream);
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            j.t.g.e.a.g0(f87884a, "loadInputStream: exception : " + e2.getMessage());
        }
        if (z2) {
            j.t.g.e.a.l0(f87884a);
            try {
                KeyStore keyStore2 = KeyStore.getInstance("AndroidCAStore");
                keyStore2.load(null, null);
                TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance("X509");
                trustManagerFactory2.init(keyStore2);
                TrustManager[] trustManagers2 = trustManagerFactory2.getTrustManagers();
                for (byte b3 = 0; b3 < trustManagers2.length; b3 = (byte) (b3 + 1)) {
                    if (trustManagers2[b3] instanceof X509TrustManager) {
                        this.f87885b.add((X509TrustManager) trustManagers2[b3]);
                    }
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e3) {
                String str2 = f87884a;
                StringBuilder L3 = j.j.b.a.a.L3("loadSystemCA: exception : ");
                L3.append(e3.getMessage());
                j.t.g.e.a.g0(str2, L3.toString());
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        j.t.g.e.a.l0(f87884a);
        Iterator<X509TrustManager> it = this.f87885b.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e2) {
                String str2 = f87884a;
                StringBuilder L3 = j.j.b.a.a.L3("checkServerTrusted CertificateException");
                L3.append(e2.getMessage());
                j.t.g.e.a.g0(str2, L3.toString());
            }
        }
        throw new CertificateException("checkServerTrusted CertificateException");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        String str2 = f87884a;
        int length = x509CertificateArr.length;
        j.t.g.e.a.l0(str2);
        for (X509Certificate x509Certificate : x509CertificateArr) {
            StringBuilder L3 = j.j.b.a.a.L3("server ca chain: getSubjectDN is :");
            L3.append(x509Certificate.getSubjectDN());
            L3.append(" , getIssuerDN :");
            L3.append(x509Certificate.getIssuerDN());
            L3.toString();
            String str3 = "server ca chain is :" + x509Certificate;
        }
        int size = this.f87885b.size();
        for (byte b2 = 0; b2 < size; b2 = (byte) (b2 + 1)) {
            try {
                String str4 = f87884a;
                j.t.g.e.a.l0(str4);
                X509TrustManager x509TrustManager = this.f87885b.get(b2);
                X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
                if (acceptedIssuers != null) {
                    j.t.g.e.a.l0(str4);
                    for (byte b3 = 0; b3 < acceptedIssuers.length; b3 = (byte) (b3 + 1)) {
                        String str5 = "client root ca getIssuerDN :" + acceptedIssuers[b3].getIssuerDN();
                    }
                }
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
                String str6 = f87884a;
                String str7 = "checkServerTrusted succeed ,root ca issuer is : " + x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN();
                j.t.g.e.a.l0(str6);
                return;
            } catch (CertificateException e2) {
                String str8 = f87884a;
                StringBuilder L32 = j.j.b.a.a.L3("checkServerTrusted error :");
                L32.append(e2.getMessage());
                L32.append(" , time : ");
                L32.append((int) b2);
                j.t.g.e.a.g0(str8, L32.toString());
                if (b2 == size - 1) {
                    if (x509CertificateArr.length > 0) {
                        StringBuilder L33 = j.j.b.a.a.L3("root ca issuer : ");
                        L33.append(x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                        j.t.g.e.a.g0(str8, L33.toString());
                    }
                    throw e2;
                }
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        try {
            ArrayList arrayList = new ArrayList();
            Iterator<X509TrustManager> it = this.f87885b.iterator();
            while (it.hasNext()) {
                arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        } catch (Exception e2) {
            String str = f87884a;
            StringBuilder L3 = j.j.b.a.a.L3("getAcceptedIssuers exception : ");
            L3.append(e2.getMessage());
            j.t.g.e.a.g0(str, L3.toString());
            return new X509Certificate[0];
        }
    }
}
