package com.epocrates.net.engine;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.CertPathValidator;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* compiled from: HTCWorkAroundX509TrustManager.java */
/* loaded from: classes.dex */
public class f implements X509TrustManager {

    /* renamed from: a, reason: collision with root package name */
    private static final X500Principal f6479a = new X500Principal("OU=Class 3 Public Primary Certification Authority, O=\"VeriSign, Inc.\", C=US");
    private static final X500Principal b = new X500Principal("OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign, OU=VeriSign International Server CA - Class 3, OU=\"VeriSign, Inc.\", O=VeriSign Trust Network");

    /* renamed from: c, reason: collision with root package name */
    final CertificateFactory f6480c;

    /* renamed from: d, reason: collision with root package name */
    final CertPathValidator f6481d;

    /* renamed from: e, reason: collision with root package name */
    final PKIXParameters f6482e;

    /* renamed from: f, reason: collision with root package name */
    private KeyStore f6483f;

    /* JADX INFO: Access modifiers changed from: package-private */
    public f() throws Exception {
        TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).init((KeyStore) null);
        this.f6483f = KeyStore.getInstance("BKS");
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream("/system/etc/security/cacerts.bks"));
        this.f6483f.load(bufferedInputStream, null);
        bufferedInputStream.close();
        com.epocrates.n0.a.c("## &&&&&&&&&&&&&&&&&&&&&&&&&&&& ##");
        com.epocrates.n0.a.c("&& HTCWorkAroundX509TrustManager Constructor");
        Enumeration<String> aliases = this.f6483f.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            X509Certificate x509Certificate = (X509Certificate) this.f6483f.getCertificate(nextElement);
            X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
            X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
            if (subjectX500Principal.equals(f6479a)) {
                com.epocrates.n0.a.c("ROOT");
            } else if (subjectX500Principal.equals(b)) {
                com.epocrates.n0.a.c("INTERMEDIATE");
                this.f6483f.deleteEntry(nextElement);
            } else if (!subjectX500Principal.equals(issuerX500Principal)) {
                com.epocrates.n0.a.c("OTHER NON ROOT");
                this.f6483f.deleteEntry(nextElement);
            }
            com.epocrates.n0.a.c("alias=" + nextElement);
            com.epocrates.n0.a.c(subjectX500Principal.toString());
            com.epocrates.n0.a.c(issuerX500Principal.toString());
            com.epocrates.n0.a.c("---");
        }
        com.epocrates.n0.a.c("## &&&&&&&&&&&&&&&&&&&&&&&&&&&& ##");
        this.f6481d = CertPathValidator.getInstance("PKIX");
        this.f6480c = CertificateFactory.getInstance("X509");
        PKIXParameters pKIXParameters = new PKIXParameters(this.f6483f);
        this.f6482e = pKIXParameters;
        pKIXParameters.setRevocationEnabled(false);
    }

    public KeyStore a() {
        return this.f6483f;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        com.epocrates.n0.a.c("## &&&&&&&&&&&&&&&&&&&&&&&&&&&& ##");
        com.epocrates.n0.a.c("&& HTCWorkAroundX509TrustManager checkServerTrusted");
        for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
            X509Certificate x509Certificate = x509CertificateArr[i2];
            com.epocrates.n0.a.c("i=" + i2);
            com.epocrates.n0.a.c(x509Certificate.getSubjectX500Principal().toString());
            com.epocrates.n0.a.c(x509Certificate.getIssuerX500Principal().toString());
            com.epocrates.n0.a.c("---");
        }
        try {
            this.f6481d.validate(this.f6480c.generateCertPath(Arrays.asList(x509CertificateArr)), this.f6482e);
            com.epocrates.n0.a.c("valid!");
            com.epocrates.n0.a.c("## &&&&&&&&&&&&&&&&&&&&&&&&&&&& ##");
        } catch (Exception e2) {
            throw new AssertionError(e2);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
}
