package com.wdc.wd2go.security;

import com.wdc.wd2go.util.Log;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class WDTrustedX509TrustManager implements X509TrustManager {
    private static X509TrustManager selfSignedTrustManager = null;
    private static X509TrustManager standardTrustManager = null;
    private static final String tag = "CertificateVerifier ";

    public WDTrustedX509TrustManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException {
        createCustomTrustManagers(keyStore);
    }

    private void createCustomTrustManagers(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException {
        TrustManagerFactory trustManagerFactory;
        if (standardTrustManager == null) {
            trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 0) {
                throw new NoSuchAlgorithmException("no trust manager found");
            }
            standardTrustManager = (X509TrustManager) trustManagers[0];
        } else {
            trustManagerFactory = null;
        }
        if (selfSignedTrustManager == null) {
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers2 = trustManagerFactory.getTrustManagers();
            if (trustManagers2.length == 0) {
                throw new NoSuchAlgorithmException("no trust manager found after self signed keystore");
            }
            selfSignedTrustManager = (X509TrustManager) trustManagers2[0];
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        standardTrustManager.checkClientTrusted(x509CertificateArr, str);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (x509CertificateArr == null) {
            throw new CertificateException("No certificate from server");
        }
        Log.d(tag, "###### Certificates ######");
        for (X509Certificate x509Certificate : x509CertificateArr) {
            Log.d("Certificate Issuer Name: ", x509Certificate.getIssuerX500Principal().getName());
            Log.d("Certificate Subject Name: ", x509Certificate.getSubjectX500Principal().getName());
        }
        try {
            standardTrustManager.checkServerTrusted(x509CertificateArr, str);
            Log.d(tag, "###### Trusted-Cert verification: Trusted Server");
        } catch (Exception e) {
            Log.d(tag, "###### Trusted-Cert verification: platform exception " + e.getClass().getName());
            if (x509CertificateArr.length != 1) {
                for (X509Certificate x509Certificate2 : x509CertificateArr) {
                    if (x509Certificate2.getIssuerX500Principal().getName().contains("CN=Western Digital Technologies")) {
                        return;
                    }
                }
            } else if (x509CertificateArr[0].getIssuerX500Principal().getName().contains("CN=Western Digital Technologies")) {
                return;
            }
            try {
                selfSignedTrustManager.checkServerTrusted(x509CertificateArr, str);
                Log.d(tag, "###### Trusted-Cert verification: self-signed server");
            } catch (Exception unused) {
                String name = x509CertificateArr[0].getIssuerX500Principal().getName();
                Log.e(tag, "###### Trusted-Cert verification: Non Trusted Server");
                Log.e(tag, "###### Non Trusted certificate issued by " + name);
                throw new CertificateException("Invalid Certificate.");
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return standardTrustManager.getAcceptedIssuers();
    }
}
