package net.soti.ssl;

import d.d.b.e;
import d.d.b.h;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.Set;
import javax.net.ssl.X509TrustManager;
import net.soti.comm.an;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes6.dex */
public final class DelegatingX509TrustManager implements X509TrustManager {
    private final Set<an> connectionHandlers;
    private final DelegatingTrustChecker delegatingTrustChecker;
    private final String hostName;
    public static final Companion Companion = new Companion(null);
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DelegatingX509TrustManager.class);
    private static final X509Certificate[] EMPTY_X509CERTIFICATE_ARRAY = new X509Certificate[0];

    /* loaded from: classes6.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(e eVar) {
            this();
        }
    }

    public DelegatingX509TrustManager(DelegatingTrustChecker delegatingTrustChecker, String str, Set<an> set) {
        h.b(delegatingTrustChecker, "delegatingTrustChecker");
        h.b(str, "hostName");
        h.b(set, "connectionHandlers");
        this.delegatingTrustChecker = delegatingTrustChecker;
        this.hostName = str;
        this.connectionHandlers = set;
    }

    private final boolean isChainTrusted(X509Certificate[] x509CertificateArr, String str) {
        try {
            this.delegatingTrustChecker.checkServerTrusted(x509CertificateArr, str, this.hostName);
            return true;
        } catch (CertificateException unused) {
            LOGGER.debug("unable to verify certificate");
            return false;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        h.b(x509CertificateArr, "chain");
        h.b(str, "authType");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        h.b(x509CertificateArr, "chain");
        h.b(str, "authType");
        if (x509CertificateArr.length == 0) {
            throw new CertificateException("Empty certificate chain was received from server");
        }
        if (!(!isChainTrusted(x509CertificateArr, str))) {
            LOGGER.info("Certificate Verified, allowing connection");
            return;
        }
        StringBuilder sb = new StringBuilder();
        sb.append("Certificate with Issuer: ");
        Principal issuerDN = x509CertificateArr[0].getIssuerDN();
        h.a((Object) issuerDN, "chain[0].issuerDN");
        sb.append(issuerDN.getName());
        sb.append(" and Subj: ");
        Principal subjectDN = x509CertificateArr[0].getSubjectDN();
        h.a((Object) subjectDN, "chain[0].subjectDN");
        sb.append(subjectDN.getName());
        sb.append(" is not trusted");
        CertificateException certificateException = new CertificateException(sb.toString());
        Iterator<T> it = this.connectionHandlers.iterator();
        while (it.hasNext()) {
            ((an) it.next()).a(certificateException, x509CertificateArr, str);
        }
        throw certificateException;
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return (X509Certificate[]) EMPTY_X509CERTIFICATE_ARRAY.clone();
    }

    public String toString() {
        String simpleName = getClass().getSimpleName();
        h.a((Object) simpleName, "javaClass.simpleName");
        return simpleName;
    }
}
