package com.fmxos.platform.sdk.xiaoyaos.ka;

import android.content.Context;
import com.fmxos.platform.sdk.xiaoyaos.la.C0488a;
import com.fmxos.platform.sdk.xiaoyaos.sa.C0657a;
import com.huawei.common.net.retrofit.safe.LogSslSocketFactory;
import com.huawei.wearkit.data.store.WearDataStore;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class e implements X509TrustManager {
    public static final String a = "e";
    public List<X509TrustManager> b = new ArrayList();

    public e(Context context) {
        if (context == null) {
            throw new IllegalArgumentException(WearDataStore.CONTEXT_NULL);
        }
        com.fmxos.platform.sdk.xiaoyaos.c.e.m15a(context);
        boolean z = false;
        com.fmxos.platform.sdk.xiaoyaos.c.e.a(a, "loadBksCA");
        InputStream d2 = C0488a.d(context);
        if (d2 != null) {
            try {
                com.fmxos.platform.sdk.xiaoyaos.c.e.a(a, " get bks not from assets");
                a(d2);
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                String str = a;
                StringBuilder a2 = C0657a.a("loadBksCA: exception : ");
                a2.append(e.getMessage());
                com.fmxos.platform.sdk.xiaoyaos.c.e.b(str, a2.toString());
            }
        }
        z = true;
        if (!z || d2 == null) {
            com.fmxos.platform.sdk.xiaoyaos.c.e.a(a, " get bks from assets ");
            a(context.getAssets().open("hmsrootcas.bks"));
        }
        if (this.b.isEmpty()) {
            throw new CertificateException("X509TrustManager is empty");
        }
    }

    public e(InputStream inputStream, String str) {
        if (inputStream != null) {
            try {
                if (str != null) {
                    try {
                        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(LogSslSocketFactory.KEY_ALGORITHM);
                        KeyStore keyStore = KeyStore.getInstance(LogSslSocketFactory.KEY_BKS);
                        keyStore.load(inputStream, str.toCharArray());
                        trustManagerFactory.init(keyStore);
                        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                        for (int i = 0; i < trustManagers.length; i++) {
                            if (trustManagers[i] instanceof X509TrustManager) {
                                this.b.add((X509TrustManager) trustManagers[i]);
                            }
                        }
                        return;
                    } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                        com.fmxos.platform.sdk.xiaoyaos.c.e.b(a, "loadInputStream: exception : " + e.getMessage());
                        return;
                    }
                }
            } finally {
                com.fmxos.platform.sdk.xiaoyaos.c.e.a(inputStream);
            }
        }
        throw new IllegalArgumentException("inputstream or trustPwd is null");
    }

    public final void a(InputStream inputStream) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(LogSslSocketFactory.KEY_ALGORITHM);
            KeyStore keyStore = KeyStore.getInstance(LogSslSocketFactory.KEY_BKS);
            keyStore.load(inputStream, "".toCharArray());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            for (int i = 0; i < trustManagers.length; i++) {
                if (trustManagers[i] instanceof X509TrustManager) {
                    this.b.add((X509TrustManager) trustManagers[i]);
                }
            }
        } finally {
            com.fmxos.platform.sdk.xiaoyaos.c.e.a(inputStream);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        com.fmxos.platform.sdk.xiaoyaos.c.e.a(a, "checkClientTrusted: ");
        Iterator<X509TrustManager> it = this.b.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
                String str2 = a;
                StringBuilder a2 = C0657a.a("checkServerTrusted CertificateException");
                a2.append(e.getMessage());
                com.fmxos.platform.sdk.xiaoyaos.c.e.b(str2, a2.toString());
            }
        }
        throw new CertificateException("checkServerTrusted CertificateException");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        String str2 = a;
        StringBuilder a2 = C0657a.a("checkServerTrusted begin ,server ca chain size is : ");
        a2.append(x509CertificateArr.length);
        a2.append(" ,auth type is : ");
        a2.append(str);
        com.fmxos.platform.sdk.xiaoyaos.c.e.a(str2, a2.toString());
        for (X509Certificate x509Certificate : x509CertificateArr) {
            String str3 = a;
            StringBuilder a3 = C0657a.a("server ca chain: getSubjectDN is :");
            a3.append(x509Certificate.getSubjectDN());
            a3.append(" , getIssuerDN :");
            a3.append(x509Certificate.getIssuerDN());
            a3.toString();
            String str4 = a;
            String str5 = "server ca chain is :" + x509Certificate;
        }
        int size = this.b.size();
        for (int i = 0; i < size; i++) {
            try {
                com.fmxos.platform.sdk.xiaoyaos.c.e.a(a, "check server i : " + i);
                X509TrustManager x509TrustManager = this.b.get(i);
                X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
                if (acceptedIssuers != null) {
                    com.fmxos.platform.sdk.xiaoyaos.c.e.a(a, "client root ca size is : " + acceptedIssuers.length);
                    for (X509Certificate x509Certificate2 : acceptedIssuers) {
                        String str6 = a;
                        String str7 = "client root ca getIssuerDN :" + x509Certificate2.getIssuerDN();
                    }
                }
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
                com.fmxos.platform.sdk.xiaoyaos.c.e.a(a, "checkServerTrusted succeed ,root ca issuer is : " + x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                return;
            } catch (CertificateException e) {
                String str8 = a;
                StringBuilder a4 = C0657a.a("checkServerTrusted error :");
                a4.append(e.getMessage());
                a4.append(" , time : ");
                a4.append(i);
                com.fmxos.platform.sdk.xiaoyaos.c.e.b(str8, a4.toString());
                if (i == size - 1) {
                    if (x509CertificateArr.length > 0) {
                        String str9 = a;
                        StringBuilder a5 = C0657a.a("root ca issuer : ");
                        a5.append(x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                        com.fmxos.platform.sdk.xiaoyaos.c.e.b(str9, a5.toString());
                    }
                    throw e;
                }
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        try {
            ArrayList arrayList = new ArrayList();
            Iterator<X509TrustManager> it = this.b.iterator();
            while (it.hasNext()) {
                arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        } catch (Exception e) {
            String str = a;
            StringBuilder a2 = C0657a.a("getAcceptedIssuers exception : ");
            a2.append(e.getMessage());
            com.fmxos.platform.sdk.xiaoyaos.c.e.b(str, a2.toString());
            return new X509Certificate[0];
        }
    }
}
