package com.foilen.smalltools.crypt.bouncycastle.cert.trustmanager;

import com.foilen.smalltools.crypt.bouncycastle.cert.RSACertificate;
import com.foilen.smalltools.crypt.bouncycastle.cert.RSATrustedCertificates;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/foilen/smalltools/crypt/bouncycastle/cert/trustmanager/RSATrustManager.class */
public class RSATrustManager implements X509TrustManager {
    private RSATrustedCertificates rsaTrustedCertificates;
    private X509Certificate[] acceptedIssuers;

    public RSATrustManager(RSATrustedCertificates rSATrustedCertificates) {
        this.rsaTrustedCertificates = rSATrustedCertificates;
        this.acceptedIssuers = (X509Certificate[]) ((List) rSATrustedCertificates.getTrustedCertificates().stream().map(rSACertificate -> {
            return rSACertificate.getCertificate();
        }).collect(Collectors.toList())).toArray(new X509Certificate[0]);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll((Collection) Arrays.asList(x509CertificateArr).stream().map(x509Certificate -> {
            return new RSACertificate(x509Certificate);
        }).collect(Collectors.toList()));
        for (int i = 0; i < arrayList.size(); i++) {
            ArrayList arrayList2 = new ArrayList(arrayList);
            RSACertificate rSACertificate = (RSACertificate) arrayList2.remove(i);
            if (!this.rsaTrustedCertificates.isTrusted(rSACertificate, arrayList2)) {
                throw new CertificateException("Certificate " + rSACertificate.getThumbprint() + " " + rSACertificate.getCommonName() + " is not trusted");
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.acceptedIssuers;
    }
}
