package org.f.i.b;

import java.io.Serializable;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Properties;
import org.f.f.r;
import org.f.k.o;

/* compiled from: PropertiesTlsTmSecurityCallback.java */
/* loaded from: classes2.dex */
public class b implements g<X509Certificate> {

    /* renamed from: a, reason: collision with root package name */
    private static final org.f.c.e f10128a = org.f.c.f.b(b.class);

    /* renamed from: b, reason: collision with root package name */
    private boolean f10129b;

    /* renamed from: c, reason: collision with root package name */
    private Properties f10130c;

    public b(Properties properties, boolean z) {
        this.f10129b = z;
        if (properties == null) {
            throw new NullPointerException();
        }
        this.f10130c = properties;
    }

    public b(boolean z) {
        this(System.getProperties(), z);
    }

    @Override // org.f.i.b.g
    public String a(org.f.f.b bVar) {
        return this.f10130c.getProperty(o.aE);
    }

    @Override // org.f.i.b.g
    /* renamed from: a, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
    public r b(X509Certificate[] x509CertificateArr) {
        String property = this.f10130c.getProperty(o.t, null);
        if (property != null) {
            return new r(property);
        }
        return null;
    }

    @Override // org.f.i.b.g
    /* renamed from: a, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
    public boolean b(X509Certificate x509Certificate) {
        String property = this.f10130c.getProperty(o.aE, "");
        if (this.f10129b) {
            property = this.f10130c.getProperty(o.aH, "");
        }
        if (x509Certificate != null && x509Certificate.getSubjectDN().getName().equals(property)) {
            return true;
        }
        if (property.length() == 0) {
            return false;
        }
        throw new CertificateException("Client certificate " + x509Certificate + " rejected because subject DN does not match " + property);
    }

    @Override // org.f.i.b.g
    /* renamed from: b, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
    public boolean a(X509Certificate x509Certificate) {
        String property = this.f10130c.getProperty(o.aN, "");
        if (property.length() == 0) {
            return false;
        }
        if (x509Certificate != null && x509Certificate.getIssuerDN().getName().equals(property)) {
            return true;
        }
        throw new CertificateException("Issuer certificate " + x509Certificate + " does not have accepted DN: " + property);
    }

    @Override // org.f.i.b.g
    /* renamed from: b, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
    public boolean a(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            throw new CertificateException("Server certificate chain is empty");
        }
        String property = this.f10130c.getProperty(o.aK, "");
        if (property.length() > 0) {
            r fromHexString = r.fromHexString(property);
            int length = x509CertificateArr.length;
            char c2 = 65535;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                r a2 = f.a(x509CertificateArr[i]);
                if (f10128a.a()) {
                    f10128a.a((Serializable) ("Matching server fingerprint " + a2 + " against accepted " + property));
                }
                if (a2 != null && a2.equals(fromHexString)) {
                    c2 = 1;
                    break;
                }
                i++;
                c2 = 0;
            }
            if (c2 <= 0) {
                throw new CertificateException("Server certificate chain " + Arrays.asList(x509CertificateArr) + " does not match accepted fingerprint " + fromHexString);
            }
        }
        String property2 = this.f10130c.getProperty(o.aH, "");
        if (this.f10129b) {
            property2 = this.f10130c.getProperty(o.aE, "");
        }
        String name = x509CertificateArr[0].getSubjectDN().getName();
        if (name.equals(property2)) {
            return true;
        }
        if (property2.length() > 0) {
            throw new CertificateException("Certificate subject '" + name + "' does not match accepted peer '" + property2 + "'");
        }
        String property3 = this.f10130c.getProperty(o.aN, "");
        if (property3.length() == 0) {
            return false;
        }
        for (int i2 = 1; i2 < x509CertificateArr.length; i2++) {
            String name2 = x509CertificateArr[i2].getIssuerDN().getName();
            if (name2.equals(property3)) {
                return true;
            }
            f10128a.a((Serializable) ("Certification authority '" + name2 + "' does not match accepted CA '" + property3 + "'"));
        }
        throw new CertificateException("Certification authorities for certificate chain " + Arrays.asList(x509CertificateArr) + " does not match accepted CA '" + property3 + "'");
    }
}
