package org.metastatic.jessie.provider;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.LinkedList;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509TrustManager;
import org.metastatic.jessie.NullManagerParameters;
import org.metastatic.jessie.StaticTrustAnchors;

/* loaded from: input_file:org/metastatic/jessie/provider/X509TrustManagerFactory.class */
public class X509TrustManagerFactory extends TrustManagerFactorySpi {
    private static final String JSSE_CERTS = Util.getProperty("java.home") + Util.getProperty("file.separator") + "lib" + Util.getProperty("file.separator") + "security" + Util.getProperty("file.separator") + "jssecerts";
    private static final String CA_CERTS = Util.getProperty("java.home") + Util.getProperty("file.separator") + "lib" + Util.getProperty("file.separator") + "security" + Util.getProperty("file.separator") + "cacerts";
    private Manager current;

    /* loaded from: input_file:org/metastatic/jessie/provider/X509TrustManagerFactory$Manager.class */
    private class Manager implements X509TrustManager {
        private final X509Certificate[] trusted;

        Manager(X509Certificate[] x509CertificateArr) {
            this.trusted = x509CertificateArr;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            checkTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            checkTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.trusted == null ? new X509Certificate[0] : (X509Certificate[]) this.trusted.clone();
        }

        private void checkTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            x509CertificateArr[0].checkValidity();
            for (int i = 1; i < x509CertificateArr.length; i++) {
                x509CertificateArr[i].checkValidity();
                try {
                    x509CertificateArr[i - 1].verify(x509CertificateArr[i].getPublicKey());
                } catch (InvalidKeyException e) {
                    throw new CertificateException(e.toString());
                } catch (NoSuchAlgorithmException e2) {
                    throw new CertificateException(e2.toString());
                } catch (NoSuchProviderException e3) {
                    throw new CertificateException(e3.toString());
                } catch (SignatureException e4) {
                    throw new CertificateException(e4.toString());
                }
            }
            if (this.trusted == null || this.trusted.length == 0) {
                throw new CertificateException("no trust anchors");
            }
            for (int i2 = 0; i2 < this.trusted.length; i2++) {
                try {
                    this.trusted[i2].checkValidity();
                    x509CertificateArr[x509CertificateArr.length - 1].verify(this.trusted[i2].getPublicKey());
                    return;
                } catch (Exception e5) {
                }
            }
            throw new CertificateException();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.net.ssl.TrustManagerFactorySpi
    public TrustManager[] engineGetTrustManagers() {
        if (this.current == null) {
            throw new IllegalStateException("not initialized");
        }
        return new TrustManager[]{this.current};
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.net.ssl.TrustManagerFactorySpi
    public void engineInit(ManagerFactoryParameters managerFactoryParameters) throws InvalidAlgorithmParameterException {
        if (managerFactoryParameters instanceof StaticTrustAnchors) {
            this.current = new Manager(((StaticTrustAnchors) managerFactoryParameters).getCertificates());
        } else {
            if (!(managerFactoryParameters instanceof NullManagerParameters)) {
                throw new InvalidAlgorithmParameterException();
            }
            this.current = new Manager(new X509Certificate[0]);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.net.ssl.TrustManagerFactorySpi
    public void engineInit(KeyStore keyStore) throws KeyStoreException {
        FileInputStream fileInputStream;
        if (keyStore == null) {
            String property = Util.getProperty("javax.net.ssl.trustStoreType");
            if (property == null) {
                property = KeyStore.getDefaultType();
            }
            keyStore = KeyStore.getInstance(property);
            try {
                String property2 = Util.getProperty("javax.net.ssl.trustStore");
                if (property2 == null) {
                    try {
                        fileInputStream = new FileInputStream(JSSE_CERTS);
                    } catch (IOException e) {
                        fileInputStream = new FileInputStream(CA_CERTS);
                    }
                } else {
                    fileInputStream = new FileInputStream(property2);
                }
                String property3 = Util.getProperty("javax.net.ssl.trustStorePassword");
                keyStore.load(fileInputStream, property3 != null ? property3.toCharArray() : null);
            } catch (IOException e2) {
                throw new KeyStoreException(e2.toString());
            } catch (NoSuchAlgorithmException e3) {
                throw new KeyStoreException(e3.toString());
            } catch (CertificateException e4) {
                throw new KeyStoreException(e4.toString());
            }
        }
        LinkedList linkedList = new LinkedList();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement)) {
                java.security.cert.Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate instanceof X509Certificate) {
                    linkedList.add(certificate);
                }
            }
        }
        this.current = new Manager((X509Certificate[]) linkedList.toArray(new X509Certificate[linkedList.size()]));
    }
}
