package net.dongliu.cute.http.internal;

import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import net.dongliu.cute.http.exception.RequestsException;
import net.dongliu.cute.http.exception.TrustManagerLoadFailedException;

/* loaded from: input_file:net/dongliu/cute/http/internal/SSLContextFactories.class */
public class SSLContextFactories {

    /* loaded from: input_file:net/dongliu/cute/http/internal/SSLContextFactories$CustomCertTrustManager.class */
    static class CustomCertTrustManager implements X509TrustManager {
        private final KeyStore keyStore;
        private final X509TrustManager defaultTrustManager;
        private final X509TrustManager trustManager;

        public CustomCertTrustManager(KeyStore keyStore) {
            this.keyStore = keyStore;
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init((KeyStore) null);
                X509TrustManager x509TrustManager = null;
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                int length = trustManagers.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    TrustManager trustManager = trustManagers[i];
                    if (trustManager instanceof X509TrustManager) {
                        x509TrustManager = (X509TrustManager) trustManager;
                        break;
                    }
                    i++;
                }
                if (x509TrustManager == null) {
                    throw new TrustManagerLoadFailedException("Default X509TrustManager not found");
                }
                this.defaultTrustManager = x509TrustManager;
                try {
                    TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
                    trustManagerFactory2.init(keyStore);
                    X509TrustManager x509TrustManager2 = null;
                    TrustManager[] trustManagers2 = trustManagerFactory2.getTrustManagers();
                    int length2 = trustManagers2.length;
                    int i2 = 0;
                    while (true) {
                        if (i2 >= length2) {
                            break;
                        }
                        TrustManager trustManager2 = trustManagers2[i2];
                        if (trustManager2 instanceof X509TrustManager) {
                            x509TrustManager2 = (X509TrustManager) trustManager2;
                            break;
                        }
                        i2++;
                    }
                    if (x509TrustManager2 == null) {
                        throw new TrustManagerLoadFailedException("X509TrustManager for user keystore not found");
                    }
                    this.trustManager = x509TrustManager2;
                } catch (KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException e) {
                    throw new TrustManagerLoadFailedException(e);
                }
            } catch (KeyStoreException | NoSuchAlgorithmException e2) {
                throw new TrustManagerLoadFailedException(e2);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.trustManager.checkClientTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.trustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            X509Certificate[] acceptedIssuers = this.defaultTrustManager.getAcceptedIssuers();
            X509Certificate[] acceptedIssuers2 = this.trustManager.getAcceptedIssuers();
            X509Certificate[] x509CertificateArr = new X509Certificate[acceptedIssuers.length + acceptedIssuers2.length];
            System.arraycopy(acceptedIssuers, 0, x509CertificateArr, 0, acceptedIssuers.length);
            System.arraycopy(acceptedIssuers2, 0, x509CertificateArr, acceptedIssuers.length, acceptedIssuers2.length);
            return x509CertificateArr;
        }
    }

    /* loaded from: input_file:net/dongliu/cute/http/internal/SSLContextFactories$TrustAllTrustManager.class */
    static class TrustAllTrustManager implements X509TrustManager {
        TrustAllTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public static SSLContext getTrustAllSSLContext() {
        TrustAllTrustManager trustAllTrustManager = new TrustAllTrustManager();
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, new TrustManager[]{trustAllTrustManager}, new SecureRandom());
            return sSLContext;
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw new RequestsException(e);
        }
    }

    public static SSLContext getCustomTrustSSLContext(KeyStore keyStore) {
        CustomCertTrustManager customCertTrustManager = new CustomCertTrustManager(keyStore);
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, new TrustManager[]{customCertTrustManager}, new SecureRandom());
            return sSLContext;
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw new RequestsException(e);
        }
    }
}
