package at.newvoice.mobicall.net;

import at.newvoice.mobicall.NApplication;
import ch.newvoice.mobicall.log.Log;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class MyServerTrustManager implements X509TrustManager, ICertificateValidator {
    private X509TrustManager standardTrustManager;

    public MyServerTrustManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException {
        this.standardTrustManager = null;
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length != 0) {
            this.standardTrustManager = (X509TrustManager) trustManagers[0];
        } else {
            Log.e(NApplication.DEBUG_TAG, "TLS Error: No trust manager found!");
            throw new NoSuchAlgorithmException("No trust manager found!");
        }
    }

    private boolean findInstalledCertificate(ICertificateValidator iCertificateValidator, X509Certificate x509Certificate) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            if (keyStore == null) {
                return false;
            }
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                if (iCertificateValidator.validateCertificate((X509Certificate) keyStore.getCertificate(aliases.nextElement()), x509Certificate)) {
                    return true;
                }
            }
            return false;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            e.printStackTrace();
            return false;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.standardTrustManager.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (x509CertificateArr == null || x509CertificateArr.length != 1) {
            this.standardTrustManager.checkServerTrusted(x509CertificateArr, str);
            return;
        }
        try {
            x509CertificateArr[0].checkValidity();
        } catch (CertificateExpiredException unused) {
            Log.e(NApplication.DEBUG_TAG, "TLS Error - Certificate Expired!");
            throw new CertificateException("Certificate Expired!");
        } catch (CertificateNotYetValidException unused2) {
            Log.e(NApplication.DEBUG_TAG, "TLS Error - Certificate not yet valid!");
            throw new CertificateException("Certificate not yet valid!");
        } catch (Exception unused3) {
            Log.e(NApplication.DEBUG_TAG, "TLS Error - Certificate not valid or trusted");
            throw new CertificateException("Certificate not valid or trusted.");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.standardTrustManager.getAcceptedIssuers();
    }

    @Override // at.newvoice.mobicall.net.ICertificateValidator
    public boolean validateCertificate(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        return Arrays.equals(x509Certificate.getSignature(), x509Certificate2.getSignature()) && x509Certificate.getIssuerDN().equals(x509Certificate2.getIssuerDN());
    }
}
