package hk.hku.cecid.piazza.commons.security;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import javax.net.ssl.X509TrustManager;

/* JADX WARN: Classes with same name are omitted:
  input_file:hermes2_bin.zip:webapps/corvus/WEB-INF/lib/piazza-commons-1.0.jar:hk/hku/cecid/piazza/commons/security/KeyStoreTrustManager.class
 */
/* loaded from: input_file:hermes2_bin.zip:sample/lib/piazza-commons.jar:hk/hku/cecid/piazza/commons/security/KeyStoreTrustManager.class */
public class KeyStoreTrustManager extends KeyStoreComponent implements X509TrustManager {
    public KeyStoreTrustManager() {
    }

    public KeyStoreTrustManager(KeyStoreManager keyStoreManager) throws KeyStoreManagementException {
        if (keyStoreManager == null) {
            throw new KeyStoreManagementException("KeyStoreManager is null");
        }
        super.init(keyStoreManager.keyStore, null, null);
    }

    public KeyStoreTrustManager(KeyStore keyStore) throws KeyStoreManagementException {
        if (keyStore == null) {
            throw new KeyStoreManagementException("KeyStore is null");
        }
        super.init(keyStore, null, null);
    }

    private boolean isChainTrusted(X509Certificate[] x509CertificateArr) {
        try {
            for (int length = x509CertificateArr.length - 1; length >= 0; length--) {
                if (this.keyStore.getCertificateAlias(x509CertificateArr[length]) != null) {
                    return true;
                }
            }
            return false;
        } catch (KeyStoreException e) {
            return false;
        }
    }

    private void checkTrusted(X509Certificate[] x509CertificateArr) throws CertificateException {
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            throw new IllegalArgumentException("Null or zero length chain");
        }
        if (!isChainTrusted(x509CertificateArr)) {
            throw new CertificateException("Certificate chain not trusted");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkTrusted(x509CertificateArr);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkTrusted(x509CertificateArr);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Certificate[] x509CertificateArr = null;
        try {
            int size = this.keyStore.size();
            if (size > 0) {
                x509CertificateArr = new X509Certificate[size];
                Enumeration<String> aliases = this.keyStore.aliases();
                int i = 0;
                while (aliases.hasMoreElements()) {
                    x509CertificateArr[i] = (X509Certificate) this.keyStore.getCertificate(aliases.nextElement());
                    i++;
                }
            }
        } catch (KeyStoreException e) {
            x509CertificateArr = null;
        }
        return x509CertificateArr;
    }
}
