package com.aa.android.network.f;

import android.content.Context;
import android.util.Log;
import com.aa.android.AApplication;
import com.aa.android.e;
import com.aa.android.util.m;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.a.b;

/* loaded from: classes.dex */
public final class a implements X509TrustManager {

    /* renamed from: a, reason: collision with root package name */
    private static final String f158a = a.class.getName();
    private final List<X509TrustManager> b;
    private final List<byte[]> c;

    public a(Context context, List<X509TrustManager> list) {
        this.b = list;
        this.c = a(context);
    }

    private static List<byte[]> a(Context context) {
        InputStream inputStream;
        String[] a2 = com.aa.android.util.a.a();
        ArrayList arrayList = new ArrayList(a2.length);
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= a2.length) {
                return arrayList;
            }
            try {
                InputStream open = context.getAssets().open(a2[i2], 3);
                try {
                    arrayList.add(((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(open)).getEncoded());
                    if (open != null) {
                        b.a(open);
                    }
                    i = i2 + 1;
                } catch (Throwable th) {
                    th = th;
                    inputStream = open;
                    if (inputStream != null) {
                        b.a(inputStream);
                    }
                    throw th;
                }
            } catch (Throwable th2) {
                th = th2;
                inputStream = null;
            }
        }
    }

    public static X509TrustManager a() {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (TrustManager trustManager : trustManagers) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    private boolean a(X509Certificate x509Certificate) {
        Log.d(f158a, "Determining if cert is AA's " + x509Certificate.getSubjectX500Principal().getName());
        return x509Certificate.getSubjectDN().getName().contains(e.b());
    }

    private boolean b(X509Certificate x509Certificate) {
        byte[] encoded = x509Certificate.getEncoded();
        Iterator<byte[]> it = this.c.iterator();
        while (it.hasNext()) {
            if (Arrays.equals(it.next(), encoded)) {
                Log.d(f158a, x509Certificate.getSubjectX500Principal().getName() + " matches one of our pinned certs.");
                return true;
            }
        }
        return false;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        CertificateException certificateException = null;
        Iterator<X509TrustManager> it = this.b.iterator();
        CertificateException e = null;
        while (true) {
            if (!it.hasNext()) {
                certificateException = e;
                break;
            }
            try {
                it.next().checkClientTrusted(x509CertificateArr, str);
                break;
            } catch (CertificateException e2) {
                e = e2;
                m.c(f158a, "Certificate exception: ", e);
            }
        }
        if (certificateException != null) {
            throw certificateException;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        CertificateException certificateException = null;
        Iterator<X509TrustManager> it = this.b.iterator();
        CertificateException e = null;
        while (true) {
            if (!it.hasNext()) {
                certificateException = e;
                break;
            }
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                break;
            } catch (CertificateException e2) {
                e = e2;
                m.c(f158a, "Certificate exception: ", e);
            }
        }
        if (certificateException != null) {
            throw certificateException;
        }
        if (AApplication.d() && a(x509CertificateArr[0]) && !b(x509CertificateArr[0])) {
            throw new CertificateException("No trust managers trusts this chain.");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        ArrayList arrayList = new ArrayList();
        Iterator<X509TrustManager> it = this.b.iterator();
        while (it.hasNext()) {
            arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
    }
}
