package be.personify.util.ssl;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:be/personify/util/ssl/CustomTrustManager.class */
public class CustomTrustManager implements X509TrustManager {
    private final X509TrustManager defaultX509TrustManager = createX509TrustManager(null);
    private final X509TrustManager extraX509TrustManager;

    public CustomTrustManager(Collection<Certificate> collection) throws GeneralSecurityException {
        this.extraX509TrustManager = createX509TrustManager(createKeyStore(collection));
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        CertificateException certificateException = null;
        if (this.defaultX509TrustManager != null) {
            try {
                this.defaultX509TrustManager.checkClientTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
                certificateException = e;
            }
        }
        CertificateException certificateException2 = null;
        if (this.extraX509TrustManager != null) {
            try {
                this.extraX509TrustManager.checkClientTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e2) {
                certificateException2 = e2;
            }
        }
        if (certificateException != null) {
            throw certificateException;
        }
        if (certificateException2 == null) {
            throw new CertificateException("No trust managers");
        }
        throw certificateException2;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        CertificateException certificateException = null;
        if (this.defaultX509TrustManager != null) {
            try {
                this.defaultX509TrustManager.checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
                certificateException = e;
            }
        }
        CertificateException certificateException2 = null;
        if (this.extraX509TrustManager != null) {
            try {
                this.extraX509TrustManager.checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e2) {
                certificateException2 = e2;
            }
        }
        if (certificateException != null) {
            throw certificateException;
        }
        if (certificateException2 == null) {
            throw new CertificateException("No trust managers");
        }
        throw certificateException2;
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        HashSet hashSet = new HashSet();
        if (this.defaultX509TrustManager != null) {
            Collections.addAll(hashSet, this.defaultX509TrustManager.getAcceptedIssuers());
        }
        if (this.extraX509TrustManager != null) {
            Collections.addAll(hashSet, this.extraX509TrustManager.getAcceptedIssuers());
        }
        return (X509Certificate[]) hashSet.toArray(new X509Certificate[hashSet.size()]);
    }

    private KeyStore createKeyStore(Collection<Certificate> collection) throws KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        try {
            keyStore.load(null, null);
            for (Certificate certificate : collection) {
                keyStore.setCertificateEntry(certificate.toString(), certificate);
            }
            return keyStore;
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException(e2);
        }
    }

    private X509TrustManager createX509TrustManager(KeyStore keyStore) throws GeneralSecurityException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length == 0) {
            return null;
        }
        if (trustManagers.length > 1) {
            throw new GeneralSecurityException(String.format("Expected 1 TrustManager from TrustManagerFactory(%s), got %s", trustManagerFactory, Integer.valueOf(trustManagers.length)));
        }
        TrustManager trustManager = trustManagers[0];
        if (trustManager instanceof X509TrustManager) {
            return (X509TrustManager) trustManager;
        }
        throw new GeneralSecurityException(String.format("Expected %s from TrustManagerFactory(%s), got %s", X509TrustManager.class.getCanonicalName(), trustManagerFactory, trustManager.getClass().getCanonicalName()));
    }
}
