package f.g.c.a.a.b;

import f.g.c.a.a.b.g.f;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class e implements X509TrustManager {

    /* renamed from: ʼ, reason: contains not printable characters */
    private static final String f7243 = e.class.getSimpleName();

    /* renamed from: ʻ, reason: contains not printable characters */
    protected List<X509TrustManager> f7244 = new ArrayList();

    public e(InputStream inputStream, String str) throws IllegalArgumentException {
        m8906(inputStream, str);
    }

    /* renamed from: ʻ, reason: contains not printable characters */
    private void m8906(InputStream inputStream, String str) {
        if (inputStream == null || str == null) {
            throw new IllegalArgumentException("inputstream or trustPwd is null");
        }
        long currentTimeMillis = System.currentTimeMillis();
        try {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                KeyStore keyStore = KeyStore.getInstance("bks");
                keyStore.load(inputStream, str.toCharArray());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                for (int i = 0; i < trustManagers.length; i++) {
                    if (trustManagers[i] instanceof X509TrustManager) {
                        this.f7244.add((X509TrustManager) trustManagers[i]);
                    }
                }
                f.g.c.a.a.b.g.e.m8944(inputStream);
            } finally {
                f.g.c.a.a.b.g.e.m8944(inputStream);
            }
        } catch (IOException | NegativeArraySizeException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            f.m8949(f7243, "loadInputStream: exception : " + e2.getMessage());
        }
        f.m8947(f7243, "loadInputStream: cost : " + (System.currentTimeMillis() - currentTimeMillis) + " ms");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        f.m8950(f7243, "checkClientTrusted: ");
        Iterator<X509TrustManager> it = this.f7244.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e2) {
                f.m8949(f7243, "checkServerTrusted CertificateException" + e2.getMessage());
            }
        }
        throw new CertificateException("checkServerTrusted CertificateException");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        m8907(x509CertificateArr);
        f.m8950(f7243, "checkServerTrusted begin ,server ca chain size is : " + x509CertificateArr.length + " ,auth type is : " + str);
        long currentTimeMillis = System.currentTimeMillis();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            f.m8947(f7243, "server ca chain: getSubjectDN is :" + x509Certificate.getSubjectDN());
            f.m8947(f7243, "IssuerDN :" + x509Certificate.getIssuerDN());
            f.m8947(f7243, "SerialNumber : " + x509Certificate.getSerialNumber());
        }
        int size = this.f7244.size();
        for (int i = 0; i < size; i++) {
            try {
                f.m8950(f7243, "check server i : " + i);
                X509TrustManager x509TrustManager = this.f7244.get(i);
                X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
                if (acceptedIssuers != null) {
                    f.m8950(f7243, "client root ca size is : " + acceptedIssuers.length);
                    for (X509Certificate x509Certificate2 : acceptedIssuers) {
                        f.m8947(f7243, "client root ca getIssuerDN :" + x509Certificate2.getIssuerDN());
                    }
                }
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
                f.m8950(f7243, "checkServerTrusted succeed ,root ca issuer is : " + x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                return;
            } catch (CertificateException e2) {
                f.m8949(f7243, "checkServerTrusted error :" + e2.getMessage() + " , time : " + i);
                if (i == size - 1) {
                    if (x509CertificateArr != null && x509CertificateArr.length > 0) {
                        f.m8949(f7243, "root ca issuer : " + x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                    }
                    throw e2;
                }
            }
        }
        f.m8947(f7243, "checkServerTrusted: cost : " + (System.currentTimeMillis() - currentTimeMillis) + " ms");
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        try {
            ArrayList arrayList = new ArrayList();
            Iterator<X509TrustManager> it = this.f7244.iterator();
            while (it.hasNext()) {
                arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        } catch (Exception e2) {
            f.m8949(f7243, "getAcceptedIssuers exception : " + e2.getMessage());
            return new X509Certificate[0];
        }
    }

    /* renamed from: ʻ, reason: contains not printable characters */
    public void m8907(X509Certificate[] x509CertificateArr) {
    }
}
