package Oa;

import com.ca.mas.foundation.D;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public final class b implements X509TrustManager {

    /* renamed from: a, reason: collision with root package name */
    public final ArrayList f3199a;

    /* renamed from: b, reason: collision with root package name */
    public final ArrayList f3200b;

    /* renamed from: c, reason: collision with root package name */
    public final D f3201c;

    public b(D d2) {
        ArrayList arrayList;
        KeyStore keyStore = null;
        if (d2.c()) {
            arrayList = a(null);
            if (arrayList.isEmpty()) {
                throw new RuntimeException("Cannot trust public PKI -- no default X509TrustManager found");
            }
        } else {
            arrayList = null;
        }
        this.f3199a = arrayList;
        ArrayList b10 = d2.b();
        if (b10 != null) {
            try {
                KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore2.load(null, null);
                Iterator it = b10.iterator();
                int i10 = 1;
                while (it.hasNext()) {
                    Certificate certificate = (Certificate) it.next();
                    if (certificate instanceof X509Certificate) {
                        StringBuilder sb2 = new StringBuilder();
                        sb2.append("cert");
                        int i11 = i10 + 1;
                        sb2.append(i10);
                        keyStore2.setCertificateEntry(sb2.toString(), certificate);
                        i10 = i11;
                    }
                }
                keyStore = keyStore2;
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e4) {
                throw new RuntimeException("Unable to create trust store of default KeyStore type: " + e4.getMessage(), e4);
            }
        }
        this.f3200b = a(keyStore);
        this.f3201c = d2;
    }

    public static ArrayList a(KeyStore keyStore) {
        ArrayList arrayList = new ArrayList();
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    arrayList.add((X509TrustManager) trustManager);
                }
            }
            return arrayList;
        } catch (KeyStoreException e4) {
            throw new RuntimeException("Unable to obtain platform X.509 trust managers: " + e4.getMessage(), e4);
        } catch (NoSuchAlgorithmException e10) {
            throw new RuntimeException("No default TrustManagerFactory implementation available: " + e10.getMessage(), e10);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public final void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        throw new CertificateException("This trust manager is only for clients");
    }

    @Override // javax.net.ssl.X509TrustManager
    public final void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        D d2 = this.f3201c;
        ArrayList b10 = d2.b();
        ArrayList d8 = d2.d();
        if (d2.c()) {
            Iterator it = this.f3199a.iterator();
            while (it.hasNext()) {
                ((X509TrustManager) it.next()).checkServerTrusted(x509CertificateArr, str);
            }
        }
        if (b10 != null && !b10.isEmpty()) {
            Iterator it2 = this.f3200b.iterator();
            while (it2.hasNext()) {
                ((X509TrustManager) it2.next()).checkServerTrusted(x509CertificateArr, str);
            }
        }
        if (d8 != null) {
            if (!d8.isEmpty()) {
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    PublicKey publicKey = x509Certificate.getPublicKey();
                    if (publicKey != null && d8.contains(Ga.b.fromPublicKey(publicKey).getHashString())) {
                        return;
                    }
                }
            }
            throw new CertificateException("Server certificate chain did not contain any of the pinned public keys.");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public final X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
