package tigase.io;

import java.io.File;
import java.io.FileInputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashSet;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:tigase/io/CertFilesTrustManager.class */
public class CertFilesTrustManager implements X509TrustManager {
    private static CertificateFactory certificateFactory;
    private PKIXParameters parameters;
    private CertPathValidator validator;

    public static CertFilesTrustManager getInstance(String str) throws Exception {
        certificateFactory = CertificateFactory.getInstance("X.509");
        HashSet hashSet = new HashSet();
        for (File file : new File(str).listFiles()) {
            if (file.isFile()) {
                try {
                    hashSet.add(new TrustAnchor(loadCertificate(file), null));
                } catch (CertificateParsingException e) {
                }
            }
        }
        CertPathValidator certPathValidator = CertPathValidator.getInstance(CertPathValidator.getDefaultType());
        PKIXParameters pKIXParameters = new PKIXParameters(hashSet);
        pKIXParameters.setRevocationEnabled(false);
        return new CertFilesTrustManager(certPathValidator, pKIXParameters);
    }

    private static X509Certificate loadCertificate(File file) throws Exception {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(file);
            X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(fileInputStream);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return x509Certificate;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private CertFilesTrustManager(CertPathValidator certPathValidator, PKIXParameters pKIXParameters) {
        this.validator = certPathValidator;
        this.parameters = pKIXParameters;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        ArrayList arrayList = new ArrayList();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            x509Certificate.checkValidity();
            arrayList.add(x509Certificate);
        }
        try {
            System.out.println(this.validator.validate(CertificateFactory.getInstance("X.509").generateCertPath(arrayList), this.parameters));
        } catch (InvalidAlgorithmParameterException e) {
            throw new CertificateException(e);
        } catch (CertPathValidatorException e2) {
            throw new CertificateException(e2);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return (X509Certificate[]) this.parameters.getTrustAnchors().toArray(new X509Certificate[0]);
    }
}
