package com.wolfssl.provider.jsse;

import ch.qos.logback.core.net.ssl.SSL;
import com.microsoft.azure.storage.blob.BlobConstants;
import com.wolfssl.WolfSSLCertificate;
import com.wolfssl.WolfSSLException;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;

/* loaded from: classes5.dex */
public class WolfSSLTrustManager extends TrustManagerFactorySpi {
    private KeyStore store;

    @Override // javax.net.ssl.TrustManagerFactorySpi
    protected TrustManager[] engineGetTrustManagers() {
        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered engineGetTrustManagers()");
        return new TrustManager[]{new WolfSSLTrustX509(this.store)};
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v10 */
    /* JADX WARN: Type inference failed for: r1v11, types: [java.security.KeyStore] */
    /* JADX WARN: Type inference failed for: r1v14, types: [java.security.KeyStore] */
    /* JADX WARN: Type inference failed for: r1v15 */
    /* JADX WARN: Type inference failed for: r1v17 */
    /* JADX WARN: Type inference failed for: r1v18 */
    /* JADX WARN: Type inference failed for: r1v19 */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r1v20 */
    /* JADX WARN: Type inference failed for: r1v21 */
    /* JADX WARN: Type inference failed for: r1v3, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r1v7, types: [java.security.KeyStore] */
    /* JADX WARN: Type inference failed for: r1v9 */
    /* JADX WARN: Type inference failed for: r3v2, types: [java.lang.StringBuilder] */
    /* JADX WARN: Type inference failed for: r7v5, types: [java.lang.StringBuilder] */
    @Override // javax.net.ssl.TrustManagerFactorySpi
    protected void engineInit(KeyStore keyStore) throws KeyStoreException {
        char[] cArr;
        boolean z;
        boolean z2;
        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered engineInit()");
        if (keyStore == null) {
            String property = System.getProperty("javax.net.ssl.trustStorePassword");
            String property2 = System.getProperty("javax.net.ssl.trustStore");
            ?? property3 = System.getProperty("javax.net.ssl.trustStoreType");
            String property4 = System.getProperty("java.vm.vendor");
            String str = System.getenv("JAVA_HOME");
            String str2 = System.getenv("ANDROID_ROOT");
            try {
                try {
                    if (property != null) {
                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "javax.net.ssl.trustStorePassword system property set, using password");
                        cArr = property.toCharArray();
                    } else {
                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "javax.net.ssl.trustStorePassword system property not set");
                        cArr = null;
                    }
                    try {
                        if (property3 != 0 && property3 != "") {
                            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "javax.net.ssl.trustStoreType system property set: " + property3);
                            property3 = KeyStore.getInstance(property3);
                        } else if (property4 == null || !property4.equals("The Android Project")) {
                            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "javax.net.ssl.trustStoreType system property not set, using type: JKS");
                            property3 = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
                        } else {
                            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Detected Android VM, using BKS KeyStore type");
                            property3 = KeyStore.getInstance("BKS");
                        }
                        try {
                            property3.load(null, null);
                            if (property2 == null) {
                                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "javax.net.ssl.trustStore system property not set, trying to load system certs");
                                boolean z3 = true;
                                if (str != null) {
                                    if (!str.endsWith(BlobConstants.DEFAULT_DELIMITER) && !str.endsWith("\\")) {
                                        str = str.concat(BlobConstants.DEFAULT_DELIMITER);
                                    }
                                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "$JAVA_HOME = " + str);
                                    File file = new File(str.concat("lib/security/jssecacerts"));
                                    if (!file.exists()) {
                                        file = new File(str.concat("jre/lib/security/jssecacerts"));
                                    }
                                    if (file.exists()) {
                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Loading certs from " + file.getAbsolutePath());
                                        FileInputStream fileInputStream = new FileInputStream(file);
                                        property3.load(fileInputStream, cArr);
                                        fileInputStream.close();
                                        z = true;
                                    } else {
                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "$JAVA_HOME/(jre/)lib/security/jssecacerts: not found");
                                        z = false;
                                    }
                                    File file2 = new File(str.concat("lib/security/cacerts"));
                                    if (!file2.exists()) {
                                        file2 = new File(str.concat("jre/lib/security/cacerts"));
                                    }
                                    if (file2.exists()) {
                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Loading certs from " + file2.getAbsolutePath());
                                        FileInputStream fileInputStream2 = new FileInputStream(file2);
                                        property3.load(fileInputStream2, cArr);
                                        fileInputStream2.close();
                                        z = true;
                                    } else {
                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "$JAVA_HOME/(jre/)lib/security/cacerts: not found");
                                    }
                                } else {
                                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "$JAVA_HOME not set, unable to load system certs");
                                    z = false;
                                }
                                if (!z) {
                                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Trying to load system certs from common system paths");
                                    File file3 = new File("/etc/ssl/certs/java/cacerts");
                                    if (file3.exists()) {
                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Loading certs from " + file3.getAbsolutePath());
                                        FileInputStream fileInputStream3 = new FileInputStream(file3);
                                        property3.load(fileInputStream3, cArr);
                                        fileInputStream3.close();
                                        z = true;
                                    } else {
                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "/etc/ssl/certs/java/cacerts: not found");
                                    }
                                }
                                if (str2 != null) {
                                    try {
                                        property3 = KeyStore.getInstance("AndroidCAStore");
                                        property3.load(null, null);
                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Using AndroidCAStore KeyStore for default system certs");
                                        z2 = true;
                                        property3 = property3;
                                    } catch (KeyStoreException unused) {
                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "AndroidCAStore KeyStore not found, trying to manually load system certs");
                                        z2 = false;
                                        property3 = property3;
                                    }
                                    if (z2) {
                                        z3 = z2;
                                    } else {
                                        if (!str2.endsWith(BlobConstants.DEFAULT_DELIMITER) && !str2.endsWith("\\")) {
                                            str2 = str2.concat(BlobConstants.DEFAULT_DELIMITER);
                                        }
                                        String concat = str2.concat("etc/security/cacerts");
                                        try {
                                            String[] list = new File(concat).list();
                                            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Found " + list.length + " CA files to load into KeyStore");
                                            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                                            int i = 0;
                                            for (String str3 : list) {
                                                String concat2 = concat.concat(BlobConstants.DEFAULT_DELIMITER).concat(str3);
                                                try {
                                                    WolfSSLCertificate wolfSSLCertificate = new WolfSSLCertificate(concat2, 1);
                                                    byte[] der = wolfSSLCertificate.getDer();
                                                    wolfSSLCertificate.free();
                                                    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(der);
                                                    try {
                                                        Certificate generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
                                                        byteArrayInputStream.close();
                                                        try {
                                                            property3.setCertificateEntry("alias" + i, generateCertificate);
                                                            i++;
                                                        } catch (KeyStoreException unused2) {
                                                            WolfSSLDebug.log(getClass(), WolfSSLDebug.ERROR, "Error setting certificate entry in KeyStore, skipping loading cert");
                                                        }
                                                    } catch (CertificateException e) {
                                                        WolfSSLDebug.log(getClass(), WolfSSLDebug.ERROR, "Error generating certificate from ByteArrayInputStream");
                                                        byteArrayInputStream.close();
                                                        throw new KeyStoreException(e);
                                                    }
                                                } catch (WolfSSLException unused3) {
                                                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Skipped loading cert: " + concat2);
                                                }
                                            }
                                        } catch (Exception e2) {
                                            WolfSSLDebug.log(getClass(), WolfSSLDebug.ERROR, "Permission error when trying to read system CA certificates");
                                            throw new KeyStoreException(e2);
                                        }
                                    }
                                } else {
                                    z3 = z;
                                }
                                if (!z3) {
                                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "No trusted system certs found, none loaded by default");
                                }
                            } else {
                                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Loading certs from " + property2);
                                FileInputStream fileInputStream4 = new FileInputStream(property2);
                                property3.load(fileInputStream4, cArr);
                                fileInputStream4.close();
                            }
                            keyStore = property3;
                        } catch (Exception e3) {
                            WolfSSLDebug.log(getClass(), WolfSSLDebug.ERROR, "Error initializing KeyStore with load(null, null)");
                            throw new KeyStoreException(e3);
                        }
                    } catch (KeyStoreException e4) {
                        WolfSSLDebug.log(getClass(), WolfSSLDebug.ERROR, "Unsupported KeyStore type: " + property3);
                        throw e4;
                    }
                } catch (CertificateException e5) {
                    throw new KeyStoreException(e5);
                }
            } catch (FileNotFoundException e6) {
                throw new KeyStoreException(e6);
            } catch (IOException e7) {
                throw new KeyStoreException(e7);
            } catch (NoSuchAlgorithmException e8) {
                throw new KeyStoreException(e8);
            }
        }
        this.store = keyStore;
    }

    @Override // javax.net.ssl.TrustManagerFactorySpi
    protected void engineInit(ManagerFactoryParameters managerFactoryParameters) throws InvalidAlgorithmParameterException {
        WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "entered engineInit(ManagerFactoryParameters arg0)");
        throw new UnsupportedOperationException("TrustManagerFactory.init(ManagerFactoryParameters) not supported yet");
    }
}
