package com.commonsware.cwac.netsecurity;

import java.net.HttpURLConnection;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes10.dex */
public class CompositeTrustManager implements X509Extensions {
    private static final ThreadLocal<String> d = new ThreadLocal<>();
    private boolean b;

    /* renamed from: a, reason: collision with root package name */
    private ArrayList<X509Extensions> f1387a = new ArrayList<>();
    private ArrayList<CertChainListener> c = new ArrayList<>();

    protected CompositeTrustManager(X509TrustManager[] x509TrustManagerArr, boolean z3) {
        if (x509TrustManagerArr != null) {
            addAll(x509TrustManagerArr);
        }
        setMatchAll(z3);
    }

    public static CompositeTrustManager matchAll(X509TrustManager... x509TrustManagerArr) {
        return new CompositeTrustManager(x509TrustManagerArr, true);
    }

    public static CompositeTrustManager matchAny(X509TrustManager... x509TrustManagerArr) {
        return new CompositeTrustManager(x509TrustManagerArr, false);
    }

    public void add(X509TrustManager x509TrustManager) {
        boolean z3 = x509TrustManager instanceof X509Extensions;
        ArrayList<X509Extensions> arrayList = this.f1387a;
        if (z3) {
            arrayList.add((X509Extensions) x509TrustManager);
        } else {
            arrayList.add(new X509ExtensionsWrapper(x509TrustManager));
        }
    }

    public void addAll(X509TrustManager[] x509TrustManagerArr) {
        for (X509TrustManager x509TrustManager : x509TrustManagerArr) {
            add(x509TrustManager);
        }
    }

    public void addCertChainListener(CertChainListener certChainListener) {
        this.c.add(certChainListener);
    }

    public HttpURLConnection applyTo(HttpURLConnection httpURLConnection) throws NoSuchAlgorithmException, KeyManagementException {
        if ((httpURLConnection instanceof HttpsURLConnection) && size() > 0) {
            ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(getSocketFactory());
            setHost(httpURLConnection.getURL().getHost());
        }
        return httpURLConnection;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        String str2 = d.get();
        Iterator<CertChainListener> it = this.c.iterator();
        while (it.hasNext()) {
            it.next().onChain(x509CertificateArr, str2);
        }
        Iterator<X509Extensions> it2 = this.f1387a.iterator();
        CertificateException e = null;
        while (it2.hasNext()) {
            try {
                it2.next().checkClientTrusted(x509CertificateArr, str);
            } catch (CertificateException e3) {
                e = e3;
                if (this.b) {
                    throw e;
                }
            }
            if (!this.b) {
                return;
            }
        }
        if (e != null) {
            throw e;
        }
    }

    @Override // com.commonsware.cwac.netsecurity.X509Extensions
    public List<X509Certificate> checkServerTrusted(X509Certificate[] x509CertificateArr, String str, String str2) throws CertificateException {
        Iterator<CertChainListener> it = this.c.iterator();
        while (it.hasNext()) {
            it.next().onChain(x509CertificateArr, str2);
        }
        Iterator<X509Extensions> it2 = this.f1387a.iterator();
        CertificateException e = null;
        boolean z3 = false;
        List<X509Certificate> list = null;
        while (it2.hasNext()) {
            try {
                list = it2.next().checkServerTrusted(x509CertificateArr, str, str2);
                z3 = true;
            } catch (CertificateException e3) {
                e = e3;
                if (this.b) {
                    throw e;
                }
            }
        }
        if (this.b || z3 || e == null) {
            return list;
        }
        throw e;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        ThreadLocal<String> threadLocal = d;
        if (threadLocal != null) {
            checkServerTrusted(x509CertificateArr, str, threadLocal.get());
            return;
        }
        String str2 = threadLocal.get();
        Iterator<CertChainListener> it = this.c.iterator();
        while (it.hasNext()) {
            it.next().onChain(x509CertificateArr, str2);
        }
        Iterator<X509Extensions> it2 = this.f1387a.iterator();
        CertificateException e = null;
        boolean z3 = false;
        while (it2.hasNext()) {
            try {
                it2.next().checkServerTrusted(x509CertificateArr, str);
                z3 = true;
            } catch (CertificateException e3) {
                e = e3;
                if (this.b) {
                    throw e;
                }
            }
        }
        if (!this.b && !z3 && e != null) {
            throw e;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        HashSet hashSet = new HashSet();
        Iterator<X509Extensions> it = this.f1387a.iterator();
        while (it.hasNext()) {
            for (X509Certificate x509Certificate : it.next().getAcceptedIssuers()) {
                hashSet.add(x509Certificate);
            }
        }
        return (X509Certificate[]) hashSet.toArray(new X509Certificate[hashSet.size()]);
    }

    public SSLSocketFactory getSocketFactory() throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new X509TrustManager[]{this}, null);
        return sSLContext.getSocketFactory();
    }

    public boolean hasCertChainListeners() {
        return this.c.size() > 0;
    }

    public boolean isMatchAll() {
        return this.b;
    }

    @Override // com.commonsware.cwac.netsecurity.X509Extensions
    public boolean isUserAddedCertificate(X509Certificate x509Certificate) {
        Iterator<X509Extensions> it = this.f1387a.iterator();
        while (it.hasNext()) {
            boolean isUserAddedCertificate = it.next().isUserAddedCertificate(x509Certificate);
            if (!this.b && isUserAddedCertificate) {
                return true;
            }
        }
        return false;
    }

    public void removeCertChainListener(CertChainListener certChainListener) {
        this.c.remove(certChainListener);
    }

    public void setHost(String str) {
        d.set(str);
    }

    public void setMatchAll(boolean z3) {
        if (this.f1387a.size() > 1) {
            throw new IllegalStateException("Cannot change mode once 2+ managers added");
        }
        this.b = z3;
    }

    public int size() {
        return this.f1387a.size();
    }
}
