package com.commit451.gitlab.ssl;

import com.commit451.gitlab.api.X509TrustManagerProvider;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class CustomTrustManager implements X509TrustManager {
    private HostnameVerifier mHostnameVerifier;
    private String mPrivateKeyAlias;
    private SSLSocketFactory mSSLSocketFactory;
    private String mTrustedCertificate;
    private String mTrustedHostname;

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (X509TrustManagerProvider.get() == null) {
            throw new IllegalStateException("No default TrustManager available");
        }
        X509TrustManagerProvider.get().checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (X509TrustManagerProvider.get() == null) {
            throw new IllegalStateException("No default TrustManager available");
        }
        try {
            X509TrustManagerProvider.get().checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            if (this.mTrustedCertificate == null || !this.mTrustedCertificate.equals(X509Util.getFingerPrint(x509CertificateArr[0]))) {
                throw new X509CertificateException(e.getMessage(), e, x509CertificateArr);
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        if (X509TrustManagerProvider.get() == null) {
            throw new IllegalStateException("No default TrustManager available");
        }
        return X509TrustManagerProvider.get().getAcceptedIssuers();
    }

    public HostnameVerifier getHostnameVerifier() {
        if (this.mHostnameVerifier == null) {
            this.mHostnameVerifier = new CustomHostnameVerifier(this.mTrustedHostname);
        }
        return this.mHostnameVerifier;
    }

    public SSLSocketFactory getSSLSocketFactory() {
        if (this.mSSLSocketFactory != null) {
            return this.mSSLSocketFactory;
        }
        KeyManager[] keyManagerArr = this.mPrivateKeyAlias != null ? new KeyManager[]{new CustomKeyManager(this.mPrivateKeyAlias)} : null;
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerArr, new TrustManager[]{this}, null);
            this.mSSLSocketFactory = new CustomSSLSocketFactory(sSLContext.getSocketFactory());
            return this.mSSLSocketFactory;
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    public void setPrivateKeyAlias(String str) {
        if (this.mPrivateKeyAlias == null && str == null) {
            return;
        }
        if (this.mPrivateKeyAlias == null || !this.mPrivateKeyAlias.equals(str)) {
            this.mPrivateKeyAlias = str;
            this.mSSLSocketFactory = null;
        }
    }

    public void setTrustedCertificate(String str) {
        if (this.mTrustedCertificate == null && str == null) {
            return;
        }
        if (this.mTrustedCertificate == null || !this.mTrustedCertificate.equals(str)) {
            this.mTrustedCertificate = str;
            this.mSSLSocketFactory = null;
        }
    }

    public void setTrustedHostname(String str) {
        if (this.mTrustedHostname == null && str == null) {
            return;
        }
        if (this.mTrustedHostname == null || !this.mTrustedHostname.equals(str)) {
            this.mTrustedHostname = str;
            this.mHostnameVerifier = null;
        }
    }
}
