package com.avaya.clientservices.uccl.tls;

import com.avaya.clientservices.provider.certificate.CertificateManager;
import com.avaya.clientservices.provider.certificate.CertificateValidationCompletionHandler;
import com.avaya.clientservices.provider.certificate.CertificateValidationException;
import com.avaya.clientservices.uccl.logging.Logger;
import com.avaya.clientservices.uccl.logging.LoggerFactory;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.Semaphore;
import javax.inject.Provider;
import javax.inject.Singleton;
import javax.net.ssl.X509TrustManager;

@Singleton
/* loaded from: classes2.dex */
public class CustomTrustManager implements X509TrustManager {
    private final Provider<CertificateManager> certificateManagerProvider;
    private final Logger log = LoggerFactory.getLogger((Class<?>) CustomTrustManager.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public final class CertificateValidationSynchronizer implements CertificateValidationCompletionHandler {
        private CertificateException exception;
        private final Semaphore semaphore;

        private CertificateValidationSynchronizer() {
            this.semaphore = new Semaphore(0);
            this.exception = null;
        }

        @Override // com.avaya.clientservices.provider.certificate.CertificateValidationCompletionHandler
        public void onError(CertificateValidationException certificateValidationException) {
            CustomTrustManager.this.log.warn("Certificate validation failed: {}", certificateValidationException.getMessage());
            this.exception = new CertificateException(certificateValidationException);
            this.semaphore.release();
        }

        @Override // com.avaya.clientservices.provider.certificate.CertificateValidationCompletionHandler
        public void onSuccess() {
            CustomTrustManager.this.log.debug("Certificate validation succeeded");
            this.semaphore.release();
        }

        public void waitForResult() throws CertificateException {
            this.semaphore.acquireUninterruptibly();
            CertificateException certificateException = this.exception;
            if (certificateException != null) {
                throw certificateException;
            }
        }
    }

    public CustomTrustManager(Provider<CertificateManager> provider) {
        this.certificateManagerProvider = provider;
    }

    private CertificateManager getCertificateManager() {
        return this.certificateManagerProvider.get();
    }

    private void validateCertificateChain(X509Certificate[] x509CertificateArr) throws CertificateException {
        CertificateValidationSynchronizer certificateValidationSynchronizer = new CertificateValidationSynchronizer();
        CertificateManager certificateManager = getCertificateManager();
        if (certificateManager == null) {
            throw new CertificateException("CSDK CertificateManager is unavailable");
        }
        certificateManager.validateCertificates(x509CertificateArr, certificateValidationSynchronizer);
        certificateValidationSynchronizer.waitForResult();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        validateCertificateChain(x509CertificateArr);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        validateCertificateChain(x509CertificateArr);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        CertificateManager certificateManager = getCertificateManager();
        return (certificateManager == null || !certificateManager.isCertificateStoreInUse()) ? new X509Certificate[0] : certificateManager.getCertificates();
    }
}
