package tw.com.draytek.acs.j;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* compiled from: DraytekX509TrustManager.java */
/* loaded from: input_file:tw/com/draytek/acs/j/b.class */
public class b implements X509TrustManager {
    private X509TrustManager fT;
    private static final Log LOG = LogFactory.getLog(b.class);

    public b(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException {
        this.fT = null;
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length == 0) {
            throw new NoSuchAlgorithmException("no trust manager found");
        }
        this.fT = (X509TrustManager) trustManagers[0];
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.fT.checkClientTrusted(x509CertificateArr, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1 */
    /* JADX WARN: Type inference failed for: r0v25 */
    /* JADX WARN: Type inference failed for: r0v8, types: [java.lang.Exception] */
    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        boolean z = false;
        ?? r0 = x509CertificateArr;
        if (r0 != 0) {
            try {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Server certificate chain:");
                    for (int i = 0; i < x509CertificateArr.length; i++) {
                        LOG.debug("X509Certificate[" + i + "]=" + x509CertificateArr[i]);
                    }
                }
            } catch (Exception e) {
                r0.printStackTrace();
                throw new CertificateException();
            }
        }
        if (x509CertificateArr == null || x509CertificateArr.length != 1) {
            this.fT.checkServerTrusted(x509CertificateArr, str);
        } else {
            x509CertificateArr[0].checkValidity();
        }
        for (X509Certificate x509Certificate : x509CertificateArr) {
            r0 = 0;
            for (X509Certificate x509Certificate2 : getAcceptedIssuers()) {
                if (x509Certificate.equals(x509Certificate2)) {
                    z = true;
                }
            }
            if ((x509Certificate instanceof X509Certificate) && x509Certificate.getSubjectDN().toString().indexOf(".draytek.com") != -1) {
                z = new String(x509Certificate.getSubjectDN().toString()).matches("^CN=auth.draytek.com.*OU=Domain Control Validated.*");
            }
        }
        if (z) {
            return;
        }
        System.err.println("Invalid Certificate");
        throw new CertificateException();
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.fT.getAcceptedIssuers();
    }
}
