package com.huawei.agconnect.credential.obs;

import android.content.Context;
import android.util.Log;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class ae implements X509TrustManager {
    public List<X509TrustManager> a;
    private X509Certificate[] b;

    public ae(Context context) {
        this(context, false);
    }

    public ae(Context context, boolean z) {
        this.a = new ArrayList();
        if (context == null) {
            throw new IllegalArgumentException("context is null");
        }
        ah.a(context);
        if (z) {
            a();
        }
        a(context);
        if (this.a.isEmpty()) {
            throw new CertificateException("X509TrustManager is empty");
        }
    }

    private void a() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            keyStore.load(null, null);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            for (int i = 0; i < trustManagers.length; i++) {
                if (trustManagers[i] instanceof X509TrustManager) {
                    this.a.add((X509TrustManager) trustManagers[i]);
                }
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            z0.b.a.a.a.C0(e, z0.b.a.a.a.k0("loadSystemCA: exception : "), "SecureX509TrustManager");
        }
    }

    private void a(Context context) {
        boolean z;
        InputStream a = ag.a();
        boolean z2 = false;
        if (a != null) {
            try {
                Log.i("SecureX509TrustManager", " get bks not from assets");
                a(a);
                z = true;
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                z0.b.a.a.a.C0(e, z0.b.a.a.a.k0("loadBksCA: exception : "), "SecureX509TrustManager");
                z = false;
            }
            if (z || (a = ag.a(context)) == null) {
                z2 = z;
            } else {
                try {
                    Log.i("SecureX509TrustManager", " get bks from files");
                    a(a);
                } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                    z0.b.a.a.a.C0(e2, z0.b.a.a.a.k0("load files bks: exception : "), "SecureX509TrustManager");
                }
            }
            if (z2 || a == null) {
                Log.i("SecureX509TrustManager", " get bks from assets ");
                a(context.getAssets().open("hmsrootcas.bks"));
            }
            return;
        }
        z2 = true;
        if (z2) {
        }
        Log.i("SecureX509TrustManager", " get bks from assets ");
        a(context.getAssets().open("hmsrootcas.bks"));
    }

    private void a(InputStream inputStream) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            KeyStore keyStore = KeyStore.getInstance("bks");
            keyStore.load(inputStream, "".toCharArray());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            for (int i = 0; i < trustManagers.length; i++) {
                if (trustManagers[i] instanceof X509TrustManager) {
                    this.a.add((X509TrustManager) trustManagers[i]);
                }
            }
        } finally {
            ai.a(inputStream);
        }
    }

    public void a(X509Certificate[] x509CertificateArr) {
        this.b = x509CertificateArr;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        Log.i("SecureX509TrustManager", "checkClientTrusted: ");
        Iterator<X509TrustManager> it = this.a.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
                StringBuilder k0 = z0.b.a.a.a.k0("checkServerTrusted CertificateException");
                k0.append(e.getMessage());
                Log.e("SecureX509TrustManager", k0.toString());
            }
        }
        throw new CertificateException("checkServerTrusted CertificateException");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        a(x509CertificateArr);
        Log.i("SecureX509TrustManager", "checkServerTrusted: begin");
        int size = this.a.size();
        for (int i = 0; i < size; i++) {
            try {
                Log.i("SecureX509TrustManager", "checkServerTrusted: check server i : " + i);
                this.a.get(i).checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
                StringBuilder k0 = z0.b.a.a.a.k0("checkServerTrusted error :");
                k0.append(e.getMessage());
                k0.append(" , time : ");
                k0.append(i);
                Log.e("SecureX509TrustManager", k0.toString());
                if (i == size - 1) {
                    throw e;
                }
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        try {
            ArrayList arrayList = new ArrayList();
            Iterator<X509TrustManager> it = this.a.iterator();
            while (it.hasNext()) {
                arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        } catch (Exception e) {
            z0.b.a.a.a.C0(e, z0.b.a.a.a.k0("getAcceptedIssuers exception : "), "SecureX509TrustManager");
            return new X509Certificate[0];
        }
    }
}
