package org.nervousync.http.security;

import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.nervousync.exceptions.http.CertInfoException;
import org.nervousync.http.cert.TrustCert;
import org.nervousync.utils.FileUtils;
import org.nervousync.utils.LoggerUtils;
import org.nervousync.utils.StringUtils;
import org.nervousync.utils.SystemUtils;

/* loaded from: input_file:org/nervousync/http/security/GeneX509TrustManager.class */
public final class GeneX509TrustManager implements X509TrustManager {
    private static final String DEFAULT_PASSPHRASE = "changeit";
    private final String passPhrase;
    private final List<TrustCert> trustCertList;
    private final LoggerUtils.Logger logger = LoggerUtils.getLogger(getClass());
    private X509TrustManager trustManager = null;

    private GeneX509TrustManager(String str, List<TrustCert> list) throws CertInfoException {
        this.passPhrase = StringUtils.notBlank(str) ? str : DEFAULT_PASSPHRASE;
        this.trustCertList = list;
        initManager();
    }

    public static GeneX509TrustManager newInstance(String str, List<TrustCert> list) throws CertInfoException {
        return new GeneX509TrustManager(str, list);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.trustManager.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.trustManager.checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.trustManager.getAcceptedIssuers();
    }

    private void initManager() throws CertInfoException {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            if (FileUtils.isExists(SystemUtils.systemCertPath())) {
                keyStore.load(FileUtils.loadFile(SystemUtils.systemCertPath()), this.passPhrase.toCharArray());
            } else {
                this.logger.warn("System_Certificate_Not_Found_Warn");
            }
            for (TrustCert trustCert : this.trustCertList) {
                keyStore.load(new ByteArrayInputStream(trustCert.getCertContent()), trustCert.getCertPassword().toCharArray());
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    this.trustManager = (X509TrustManager) trustManager;
                    return;
                }
            }
            throw new CertInfoException(1441794L, "NotFound_X509TrustManager_Certificate_Error");
        } catch (Exception e) {
            throw new CertInfoException(1441793L, "Init_Trust_Manager_Certificate_Error", e);
        }
    }
}
