package c.d.a.a.d;

import com.sophos.cloud.exceptions.CertificatePinningException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public final class l implements X509TrustManager {

    /* renamed from: f, reason: collision with root package name */
    private static l f3116f;

    /* renamed from: b, reason: collision with root package name */
    private final c.d.a.a.c.e f3118b;

    /* renamed from: a, reason: collision with root package name */
    private int f3117a = 0;

    /* renamed from: d, reason: collision with root package name */
    private boolean f3120d = true;

    /* renamed from: e, reason: collision with root package name */
    private boolean f3121e = true;

    /* renamed from: c, reason: collision with root package name */
    private final X509TrustManager f3119c = a();

    private l(c.d.a.a.c.e eVar) {
        this.f3118b = eVar;
    }

    public static l a(c.d.a.a.c.e eVar) {
        if (f3116f == null) {
            f3116f = new l(eVar);
        }
        return f3116f;
    }

    private X509TrustManager a() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
            return null;
        } catch (KeyStoreException e2) {
            com.sophos.smsec.core.smsectrace.d.b("TM", e2);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            com.sophos.smsec.core.smsectrace.d.b("TM", e3);
            return null;
        }
    }

    public void a(boolean z) {
        this.f3120d = z;
    }

    public void b(boolean z) {
        this.f3121e = z;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        com.sophos.smsec.core.smsectrace.d.c("TM", "checkClientTrusted");
        if (this.f3120d) {
            this.f3119c.checkClientTrusted(x509CertificateArr, str);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        com.sophos.smsec.core.smsectrace.d.c("TM", "checkServerTrusted");
        if (this.f3120d) {
            this.f3119c.checkServerTrusted(x509CertificateArr, str);
        } else {
            com.sophos.smsec.core.smsectrace.d.c("TM", "we trust this server");
        }
        if (this.f3121e) {
            String c2 = h.c(x509CertificateArr[0].getEncoded());
            List<String> sSLCertHash = this.f3118b.getSSLCertHash();
            if (sSLCertHash.isEmpty() || sSLCertHash.contains(c2)) {
                return;
            }
            if (this.f3117a == 0) {
                this.f3118b.onCertPinningError();
            }
            int i = this.f3117a;
            if (i == 3) {
                this.f3117a = 0;
            } else {
                this.f3117a = i + 1;
            }
            com.sophos.smsec.core.smsectrace.d.e("TM", "Certificate hash does not match! Hash : " + c2 + " pinned hashes: " + sSLCertHash.toString());
            throw new CertificatePinningException("Certificate hash does not match!");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        com.sophos.smsec.core.smsectrace.d.c("TM", "getAcceptedIssuers");
        if (this.f3120d) {
            return this.f3119c.getAcceptedIssuers();
        }
        return null;
    }
}
