package com.wolfssl.provider.jsse;

import com.wolfssl.WolfSSLCertificate;
import com.wolfssl.WolfSSLException;
import com.wolfssl.WolfSSLVerifyCallback;
import com.wolfssl.WolfSSLX509StoreCtx;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes5.dex */
public class WolfSSLInternalVerifyCb implements WolfSSLVerifyCallback {
    private boolean clientMode;
    private X509TrustManager tm;

    public WolfSSLInternalVerifyCb(X509TrustManager x509TrustManager, boolean z) {
        this.tm = x509TrustManager;
        this.clientMode = z;
    }

    @Override // com.wolfssl.WolfSSLVerifyCallback
    public int verifyCallback(int i, long j) {
        WolfSSLCertificate[] wolfSSLCertificateArr;
        String str;
        X509Certificate[] x509CertificateArr;
        if (i == 1) {
            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Native wolfSSL peer verification passed");
        } else {
            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "NOTE: Native wolfSSL peer verification failed");
            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "      Continuing with X509TrustManager verification");
        }
        X509Certificate[] x509CertificateArr2 = null;
        String str2 = null;
        try {
            wolfSSLCertificateArr = new WolfSSLX509StoreCtx(j).getCerts();
        } catch (WolfSSLException unused) {
            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Failed to get certs from x509StorePtr, certs = null");
            wolfSSLCertificateArr = null;
        }
        if (wolfSSLCertificateArr == null || wolfSSLCertificateArr.length <= 0) {
            str = null;
        } else {
            try {
                x509CertificateArr = new X509Certificate[wolfSSLCertificateArr.length];
                for (int i2 = 0; i2 < wolfSSLCertificateArr.length; i2++) {
                    x509CertificateArr[i2] = wolfSSLCertificateArr[i2].getX509Certificate();
                    WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Peer cert: " + x509CertificateArr[i2].getSubjectDN().getName());
                }
            } catch (IOException | CertificateException unused2) {
                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Failed to get X509Certificate[] array, set to null");
                x509CertificateArr = null;
            }
            String signatureType = wolfSSLCertificateArr[0].getSignatureType();
            if (signatureType.contains("RSA")) {
                str2 = "RSA";
            } else if (signatureType.contains("ECDSA")) {
                str2 = "ECDSA";
            } else if (signatureType.contains("DSA")) {
                str2 = "DSA";
            } else if (signatureType.contains("ED25519")) {
                str2 = "ED25519";
            }
            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Auth type: " + str2);
            for (int i3 = 0; i3 < wolfSSLCertificateArr.length; i3++) {
                wolfSSLCertificateArr[i3].free();
            }
            str = str2;
            x509CertificateArr2 = x509CertificateArr;
        }
        try {
            if (this.clientMode) {
                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Calling TrustManager.checkServerTrusted()");
                this.tm.checkServerTrusted(x509CertificateArr2, str);
            } else {
                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "Calling TrustManager.checkClientTrusted()");
                this.tm.checkClientTrusted(x509CertificateArr2, str);
            }
            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "TrustManager verification successful");
            return 1;
        } catch (Exception unused3) {
            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, "TrustManager rejected certificates, verification failed");
            return 0;
        }
    }
}
