package com.persianswitch.sdk.base.webservice.trust;

import android.content.Context;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class MemorizingTrustManager implements X509TrustManager {
    private Options options;
    private KeyStore keyStore = null;
    private X509TrustManager storeTrustManager = null;
    private KeyStore transientKeyStore = null;
    private X509TrustManager transientTrustManager = null;

    /* loaded from: classes.dex */
    public static class Options {
        File store;
        String storePassword;
        String storeType = KeyStore.getDefaultType();
        boolean trustOnFirstUse = false;
        File workingDir;

        public Options(Context context, String str, String str2) {
            this.workingDir = null;
            this.store = null;
            this.workingDir = new File(context.getFilesDir(), str);
            this.workingDir.mkdirs();
            this.store = new File(this.workingDir, "memorized.bks");
            this.storePassword = str2;
        }

        public Options trustOnFirstUse() {
            this.trustOnFirstUse = true;
            return this;
        }

        public Options trustOnFirstUse(boolean z) {
            this.trustOnFirstUse = z;
            return this;
        }
    }

    public MemorizingTrustManager(Options options) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        this.options = null;
        this.options = options;
        clear(false);
    }

    private void initPersistentStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        this.keyStore = KeyStore.getInstance(this.options.storeType);
        if (this.options.store.exists()) {
            this.keyStore.load(new FileInputStream(this.options.store), this.options.storePassword.toCharArray());
        } else {
            this.keyStore.load(null, this.options.storePassword.toCharArray());
        }
    }

    private void initTransientStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        this.transientKeyStore = KeyStore.getInstance(this.options.storeType);
        this.transientKeyStore.load(null, null);
    }

    private void initTrustManager() throws KeyStoreException, NoSuchAlgorithmException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
        trustManagerFactory.init(this.keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        int length = trustManagers.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            TrustManager trustManager = trustManagers[i];
            if (trustManager instanceof X509TrustManager) {
                this.storeTrustManager = (X509TrustManager) trustManager;
                break;
            }
            i++;
        }
        TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance("X509");
        trustManagerFactory2.init(this.transientKeyStore);
        for (TrustManager trustManager2 : trustManagerFactory2.getTrustManagers()) {
            if (trustManager2 instanceof X509TrustManager) {
                this.transientTrustManager = (X509TrustManager) trustManager2;
                return;
            }
        }
    }

    public synchronized void allowOnce(X509Certificate[] x509CertificateArr) throws KeyStoreException, NoSuchAlgorithmException {
        for (X509Certificate x509Certificate : x509CertificateArr) {
            this.transientKeyStore.setCertificateEntry(x509Certificate.getSubjectDN().getName(), x509Certificate);
        }
        initTrustManager();
    }

    @Override // javax.net.ssl.X509TrustManager
    public synchronized void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.storeTrustManager.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            try {
                this.transientTrustManager.checkClientTrusted(x509CertificateArr, str);
            } catch (CertificateException e2) {
                if (!this.options.trustOnFirstUse || this.options.store.exists()) {
                    throw new CertificateNotMemorizedException(x509CertificateArr);
                }
                try {
                    storeCert(x509CertificateArr);
                } catch (Exception e3) {
                    throw new CertificateMemorizationException(e3);
                }
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public synchronized void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.storeTrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            try {
                this.transientTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e2) {
                if (!this.options.trustOnFirstUse || this.options.store.exists()) {
                    throw new CertificateNotMemorizedException(x509CertificateArr);
                }
                try {
                    storeCert(x509CertificateArr);
                } catch (Exception e3) {
                    throw new CertificateMemorizationException(e3);
                }
            }
        }
    }

    public synchronized void clear(boolean z) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (z) {
            this.options.store.delete();
        }
        initTransientStore();
        initPersistentStore();
        initTrustManager();
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }

    public synchronized void storeCert(X509Certificate[] x509CertificateArr) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        for (X509Certificate x509Certificate : x509CertificateArr) {
            this.keyStore.setCertificateEntry(x509Certificate.getSubjectDN().getName(), x509Certificate);
        }
        initTrustManager();
        FileOutputStream fileOutputStream = new FileOutputStream(this.options.store);
        this.keyStore.store(fileOutputStream, this.options.storePassword.toCharArray());
        fileOutputStream.close();
    }
}
