package org.apache.cordova;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class CustomTrustManager implements X509TrustManager {
    private static ArrayList<Certificate> CERTIFICATES;
    private static char[] HEX_CHARS = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
    private String[] fingerprints;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CustomTrustManager(String[] strArr) {
        this.fingerprints = strArr;
        try {
            loadSSLCertificatesFromKeyStore();
        } catch (IOException | GeneralSecurityException e) {
            e.printStackTrace();
        }
    }

    public static void addCertificate(Certificate certificate) {
        if (CERTIFICATES == null) {
            CERTIFICATES = new ArrayList<>();
        }
        CERTIFICATES.add(certificate);
    }

    private boolean checkCertificates(Certificate[] certificateArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            for (String str : this.fingerprints) {
                for (Certificate certificate : certificateArr) {
                    messageDigest.update(certificate.getEncoded());
                    if (dumpHex(messageDigest.digest()).equalsIgnoreCase(str)) {
                        return true;
                    }
                }
            }
            return false;
        } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
            e.printStackTrace();
            return false;
        }
    }

    private static String dumpHex(byte[] bArr) {
        int length = bArr.length;
        StringBuilder sb = new StringBuilder((length * 3) - 1);
        for (int i = 0; i < length; i++) {
            if (i > 0) {
                sb.append(' ');
            }
            sb.append(HEX_CHARS[(bArr[i] >> 4) & 15]);
            sb.append(HEX_CHARS[bArr[i] & 15]);
        }
        return sb.toString();
    }

    private static X509TrustManager getX509TrustManager() throws IOException, GeneralSecurityException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        for (int i = 0; i < CERTIFICATES.size(); i++) {
            keyStore.setCertificateEntry("CA" + i, CERTIFICATES.get(i));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    private static void loadSSLCertificatesFromKeyStore() throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
        keyStore.load(null);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            addCertificate(((KeyStore.TrustedCertificateEntry) keyStore.getEntry(aliases.nextElement(), null)).getTrustedCertificate());
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            X509TrustManager x509TrustManager = getX509TrustManager();
            if (x509TrustManager == null) {
                return;
            }
            x509TrustManager.checkClientTrusted(x509CertificateArr, str);
        } catch (IOException | GeneralSecurityException e) {
            e.printStackTrace();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            X509TrustManager x509TrustManager = getX509TrustManager();
            if (x509TrustManager == null) {
                return;
            }
            try {
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (Exception e) {
                if (checkCertificates(x509CertificateArr)) {
                } else {
                    throw e;
                }
            }
        } catch (IOException | GeneralSecurityException e2) {
            e2.printStackTrace();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        try {
            X509TrustManager x509TrustManager = getX509TrustManager();
            return x509TrustManager == null ? new X509Certificate[0] : x509TrustManager.getAcceptedIssuers();
        } catch (IOException | GeneralSecurityException e) {
            e.printStackTrace();
            return null;
        }
    }
}
