package com.predic8.membrane.core.transport;

import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.Set;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:lib/service-proxy-core-4.2.1.jar:com/predic8/membrane/core/transport/TrustManagerWrapper.class */
public class TrustManagerWrapper implements X509TrustManager {
    private final boolean ignoreTimestampCheckFailure;
    private final X509TrustManager tm;

    public TrustManagerWrapper(TrustManager[] trustManagerArr, boolean z) throws KeyManagementException {
        this.ignoreTimestampCheckFailure = z;
        X509TrustManager chooseTrustManager = trustManagerArr != null ? chooseTrustManager(trustManagerArr) : null;
        if (chooseTrustManager == null) {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                try {
                    trustManagerFactory.init((KeyStore) null);
                    chooseTrustManager = chooseTrustManager(trustManagerFactory.getTrustManagers());
                } catch (KeyStoreException e) {
                    throw new RuntimeException(e);
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new RuntimeException(e2);
            }
        }
        if (chooseTrustManager == null) {
            throw new RuntimeException("No trust manager passed and could not create one.");
        }
        this.tm = chooseTrustManager;
    }

    private X509TrustManager chooseTrustManager(TrustManager[] trustManagerArr) throws KeyManagementException {
        for (int i = 0; trustManagerArr != null && i < trustManagerArr.length; i++) {
            if (trustManagerArr[i] instanceof X509TrustManager) {
                return (X509TrustManager) trustManagerArr[i];
            }
        }
        return null;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        adjustChain(x509CertificateArr);
        this.tm.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        adjustChain(x509CertificateArr);
        this.tm.checkServerTrusted(x509CertificateArr, str);
    }

    private void adjustChain(X509Certificate[] x509CertificateArr) {
        for (int i = 0; i < x509CertificateArr.length; i++) {
            final X509Certificate x509Certificate = x509CertificateArr[i];
            x509CertificateArr[i] = new X509Certificate() { // from class: com.predic8.membrane.core.transport.TrustManagerWrapper.1
                @Override // java.security.cert.X509Extension
                public boolean hasUnsupportedCriticalExtension() {
                    return x509Certificate.hasUnsupportedCriticalExtension();
                }

                @Override // java.security.cert.X509Extension
                public Set<String> getCriticalExtensionOIDs() {
                    return x509Certificate.getCriticalExtensionOIDs();
                }

                @Override // java.security.cert.Certificate
                public boolean equals(Object obj) {
                    return x509Certificate.equals(obj);
                }

                @Override // java.security.cert.Certificate
                public int hashCode() {
                    return x509Certificate.hashCode();
                }

                @Override // java.security.cert.X509Extension
                public Set<String> getNonCriticalExtensionOIDs() {
                    return x509Certificate.getNonCriticalExtensionOIDs();
                }

                @Override // java.security.cert.Certificate
                public byte[] getEncoded() throws CertificateEncodingException {
                    return x509Certificate.getEncoded();
                }

                @Override // java.security.cert.Certificate
                public void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
                    x509Certificate.verify(publicKey);
                }

                @Override // java.security.cert.X509Extension
                public byte[] getExtensionValue(String str) {
                    return x509Certificate.getExtensionValue(str);
                }

                @Override // java.security.cert.Certificate
                public void verify(PublicKey publicKey, String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
                    x509Certificate.verify(publicKey, str);
                }

                @Override // java.security.cert.X509Certificate
                public int getVersion() {
                    return x509Certificate.getVersion();
                }

                @Override // java.security.cert.X509Certificate
                public BigInteger getSerialNumber() {
                    return x509Certificate.getSerialNumber();
                }

                @Override // java.security.cert.Certificate
                public String toString() {
                    return x509Certificate.toString();
                }

                @Override // java.security.cert.Certificate
                public PublicKey getPublicKey() {
                    return x509Certificate.getPublicKey();
                }

                @Override // java.security.cert.X509Certificate
                public Principal getIssuerDN() {
                    return x509Certificate.getIssuerDN();
                }

                @Override // java.security.cert.X509Certificate
                public X500Principal getIssuerX500Principal() {
                    return x509Certificate.getIssuerX500Principal();
                }

                @Override // java.security.cert.X509Certificate
                public Principal getSubjectDN() {
                    return x509Certificate.getSubjectDN();
                }

                @Override // java.security.cert.X509Certificate
                public X500Principal getSubjectX500Principal() {
                    return x509Certificate.getSubjectX500Principal();
                }

                @Override // java.security.cert.X509Certificate
                public Date getNotBefore() {
                    return x509Certificate.getNotBefore();
                }

                @Override // java.security.cert.X509Certificate
                public Date getNotAfter() {
                    return x509Certificate.getNotAfter();
                }

                @Override // java.security.cert.X509Certificate
                public byte[] getTBSCertificate() throws CertificateEncodingException {
                    return x509Certificate.getTBSCertificate();
                }

                @Override // java.security.cert.X509Certificate
                public byte[] getSignature() {
                    return x509Certificate.getSignature();
                }

                @Override // java.security.cert.X509Certificate
                public String getSigAlgName() {
                    return x509Certificate.getSigAlgName();
                }

                @Override // java.security.cert.X509Certificate
                public String getSigAlgOID() {
                    return x509Certificate.getSigAlgOID();
                }

                @Override // java.security.cert.X509Certificate
                public byte[] getSigAlgParams() {
                    return x509Certificate.getSigAlgParams();
                }

                @Override // java.security.cert.X509Certificate
                public boolean[] getIssuerUniqueID() {
                    return x509Certificate.getIssuerUniqueID();
                }

                @Override // java.security.cert.X509Certificate
                public boolean[] getSubjectUniqueID() {
                    return x509Certificate.getSubjectUniqueID();
                }

                @Override // java.security.cert.X509Certificate
                public boolean[] getKeyUsage() {
                    return x509Certificate.getKeyUsage();
                }

                @Override // java.security.cert.X509Certificate
                public List<String> getExtendedKeyUsage() throws CertificateParsingException {
                    return x509Certificate.getExtendedKeyUsage();
                }

                @Override // java.security.cert.X509Certificate
                public int getBasicConstraints() {
                    return x509Certificate.getBasicConstraints();
                }

                @Override // java.security.cert.X509Certificate
                public Collection<List<?>> getSubjectAlternativeNames() throws CertificateParsingException {
                    return x509Certificate.getSubjectAlternativeNames();
                }

                @Override // java.security.cert.X509Certificate
                public Collection<List<?>> getIssuerAlternativeNames() throws CertificateParsingException {
                    return x509Certificate.getIssuerAlternativeNames();
                }

                @Override // java.security.cert.X509Certificate
                public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
                    if (TrustManagerWrapper.this.ignoreTimestampCheckFailure) {
                        return;
                    }
                    x509Certificate.checkValidity(date);
                }

                @Override // java.security.cert.X509Certificate
                public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
                    if (TrustManagerWrapper.this.ignoreTimestampCheckFailure) {
                        return;
                    }
                    x509Certificate.checkValidity();
                }
            };
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.tm.getAcceptedIssuers();
    }
}
