package io.crossbar.autobahn.websocket.soti;

import io.crossbar.autobahn.utils.ABLogger;
import io.crossbar.autobahn.utils.IABLogger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class SotiX509TrustChecker {
    private static final IABLogger LOGGER = ABLogger.getLogger(SotiX509TrustChecker.class.getName());
    private KeyStore keyStore;
    private X509TrustManager systemTrustManager = setupTrustManager(true);
    private X509TrustManager sotiTrustManager = setupTrustManager(false);

    public SotiX509TrustChecker(KeyStore keyStore) {
        this.keyStore = keyStore;
    }

    private X509TrustManager findX509TrustManager(TrustManagerFactory trustManagerFactory) {
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    private X509TrustManager setupTrustManager(boolean z8) {
        IABLogger iABLogger;
        StringBuilder sb;
        String message;
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            if (z8) {
                LOGGER.d("setup for system CAs: " + this.keyStore.size());
                trustManagerFactory.init((KeyStore) null);
            } else {
                LOGGER.d("set up for soti CA for storage size: " + this.keyStore.size());
                trustManagerFactory.init(this.keyStore);
            }
            return findX509TrustManager(trustManagerFactory);
        } catch (KeyStoreException e8) {
            iABLogger = LOGGER;
            sb = new StringBuilder();
            sb.append("error getting TrustManagerFactory");
            message = e8.getMessage();
            sb.append(message);
            iABLogger.e(sb.toString());
            return null;
        } catch (NoSuchAlgorithmException e9) {
            iABLogger = LOGGER;
            sb = new StringBuilder();
            sb.append("error getting TrustManagerFactory");
            message = e9.getMessage();
            sb.append(message);
            iABLogger.e(sb.toString());
            return null;
        }
    }

    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, String str2) {
        X509TrustManager x509TrustManager;
        try {
            if (!hasCerts() || (x509TrustManager = this.sotiTrustManager) == null) {
                throw new CertificateException("No Root Certs to verify Server Certificate against");
            }
            x509TrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e8) {
            LOGGER.i("Certificate is not trusted by provided keystore" + e8.getMessage());
            this.systemTrustManager.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public boolean hasCerts() {
        KeyStore keyStore = this.keyStore;
        if (keyStore == null) {
            X509TrustManager x509TrustManager = this.sotiTrustManager;
            return x509TrustManager != null && x509TrustManager.getAcceptedIssuers().length > 0;
        }
        try {
            return keyStore.size() > 0;
        } catch (KeyStoreException e8) {
            LOGGER.e("Error of keystore size" + e8.getMessage());
            return false;
        }
    }
}
