package com.cisco.anyconnect.vpn.android.service.helpers.uri;

import android.content.Context;
import android.content.DialogInterface;
import com.cisco.anyconnect.vpn.android.util.AppLog;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
class CustomTrustManager implements X509TrustManager {
    private Context c;
    private X509Certificate d;
    private X509Certificate e;
    private IImportOperationCB f;

    /* renamed from: a, reason: collision with root package name */
    private final Object f102a = new Object();
    private boolean b = false;
    private DialogInterface.OnClickListener g = new DialogInterface.OnClickListener() { // from class: com.cisco.anyconnect.vpn.android.service.helpers.uri.CustomTrustManager.1
        @Override // android.content.DialogInterface.OnClickListener
        public void onClick(DialogInterface dialogInterface, int i) {
            dialogInterface.cancel();
            synchronized (CustomTrustManager.this.f102a) {
                CustomTrustManager.this.e = CustomTrustManager.this.d;
                CustomTrustManager.this.b = true;
                CustomTrustManager.this.f102a.notifyAll();
            }
        }
    };
    private DialogInterface.OnClickListener h = new DialogInterface.OnClickListener() { // from class: com.cisco.anyconnect.vpn.android.service.helpers.uri.CustomTrustManager.2
        @Override // android.content.DialogInterface.OnClickListener
        public void onClick(DialogInterface dialogInterface, int i) {
            dialogInterface.cancel();
            synchronized (CustomTrustManager.this.f102a) {
                CustomTrustManager.this.b = false;
                CustomTrustManager.this.f102a.notifyAll();
            }
        }
    };

    public CustomTrustManager(Context context, IImportOperationCB iImportOperationCB) {
        if (context == null || iImportOperationCB == null) {
            throw new IllegalArgumentException("Unexpected null args passed to CustomTrustManager");
        }
        this.c = context;
        this.f = iImportOperationCB;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [boolean] */
    /* JADX WARN: Type inference failed for: r2v0 */
    /* JADX WARN: Type inference failed for: r2v1 */
    /* JADX WARN: Type inference failed for: r2v2, types: [int] */
    /* JADX WARN: Type inference failed for: r2v3 */
    /* JADX WARN: Type inference failed for: r2v4 */
    /* JADX WARN: Type inference failed for: r2v5, types: [java.lang.String] */
    private static boolean a(TrustManager[] trustManagerArr, X509Certificate[] x509CertificateArr, String str, boolean z) {
        String str2 = null;
        int length = trustManagerArr.length;
        ?? r2 = 0;
        while (r2 < length) {
            TrustManager trustManager = trustManagerArr[r2];
            if (trustManager instanceof X509TrustManager) {
                try {
                    if (z) {
                        ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, str);
                    } else {
                        ((X509TrustManager) trustManager).checkClientTrusted(x509CertificateArr, str);
                    }
                    str2 = "TrustManager";
                    r2 = "Certificate chain trusted by the system trust manager.";
                    AppLog.a(AppLog.Severity.DBG_ERROR, "TrustManager", "Certificate chain trusted by the system trust manager.");
                    return true;
                } catch (CertificateException e) {
                }
            }
            r2++;
        }
        return str2;
    }

    private static TrustManager[] a() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init((KeyStore) null);
            return trustManagerFactory.getTrustManagers();
        } catch (KeyStoreException e) {
            AppLog.a(AppLog.Severity.DBG_INFO, "TrustManager", "Failed to initialize trust factory.", e);
            return null;
        } catch (NoSuchAlgorithmException e2) {
            AppLog.a(AppLog.Severity.DBG_INFO, "TrustManager", "No X509 provider on system.", e2);
            return null;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        AppLog.a(AppLog.Severity.DBG_INFO, "TrustManager", "unexpected CustomTrustManager.checkClientTrusted call.");
        TrustManager[] a2 = a();
        if (a2 == null) {
            AppLog.a(AppLog.Severity.DBG_ERROR, "TrustManager", "null systemtrustmanagers");
            throw new CertificateException("could not get the trustmanagers required to validate cert");
        }
        if (!a(a2, x509CertificateArr, str, false)) {
            throw new CertificateException();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            AppLog.a(AppLog.Severity.DBG_ERROR, "TrustManager", "Unexpected null/empty chain");
            return;
        }
        if (x509CertificateArr[0].equals(this.e)) {
            return;
        }
        TrustManager[] a2 = a();
        if (a2 == null || !a(a2, x509CertificateArr, str, true)) {
            AppLog.a(AppLog.Severity.DBG_INFO, "TrustManager", "Server certificate not trusted by system trust manager.");
            this.d = x509CertificateArr[0];
            IImportOperationCB iImportOperationCB = this.f;
            this.c.getString(2131034392);
            DialogInterface.OnClickListener onClickListener = this.g;
            DialogInterface.OnClickListener onClickListener2 = this.h;
            iImportOperationCB.b();
            while (true) {
                try {
                    synchronized (this.f102a) {
                        this.f102a.wait();
                    }
                    break;
                } catch (InterruptedException e) {
                    AppLog.a(AppLog.Severity.DBG_INFO, "TrustManager", "Wait for on user to trust cert has been interrupted", e);
                }
            }
            if (!this.b) {
                throw new CertificateException("Certificate trust prompt not accepted.");
            }
            AppLog.a(AppLog.Severity.DBG_INFO, "TrustManager", "User trusted the server certificate.");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        ArrayList arrayList = new ArrayList();
        TrustManager[] a2 = a();
        if (a2 == null) {
            AppLog.a(AppLog.Severity.DBG_ERROR, "TrustManager", "no trust managers returned, returning empty list");
            return (X509Certificate[]) arrayList.toArray();
        }
        for (TrustManager trustManager : a2) {
            if (trustManager instanceof X509TrustManager) {
                arrayList.addAll(Arrays.asList(((X509TrustManager) trustManager).getAcceptedIssuers()));
            }
        }
        return (X509Certificate[]) arrayList.toArray();
    }
}
