package nl.innovalor.cert;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CRL;
import java.security.cert.CertSelector;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import net.sf.scuba.util.Hex;

/* loaded from: classes.dex */
public final class CertUtil {
    private static final Logger LOGGER = Logger.getLogger("nl.innovalor");
    public static final CertSelector IDENTITY_SELECTOR = new X509CertSelector() { // from class: nl.innovalor.cert.CertUtil.1
        @Override // java.security.cert.X509CertSelector, java.security.cert.CertSelector
        public Object clone() {
            return super.clone();
        }

        @Override // java.security.cert.X509CertSelector, java.security.cert.CertSelector
        public boolean match(Certificate certificate) {
            return certificate instanceof X509Certificate;
        }
    };
    public static final CertSelector SELF_SIGNED_SELECTOR = new X509CertSelector() { // from class: nl.innovalor.cert.CertUtil.2
        @Override // java.security.cert.X509CertSelector, java.security.cert.CertSelector
        public Object clone() {
            return super.clone();
        }

        @Override // java.security.cert.X509CertSelector, java.security.cert.CertSelector
        public boolean match(Certificate certificate) {
            if (!(certificate instanceof X509Certificate)) {
                return false;
            }
            X509Certificate x509Certificate = (X509Certificate) certificate;
            X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
            X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
            return (issuerX500Principal == null && subjectX500Principal == null) || subjectX500Principal.equals(issuerX500Principal);
        }
    };

    private CertUtil() {
    }

    private static Set<TrustAnchor> getAsTrustAnchors(Collection<? extends Certificate> collection) {
        HashSet hashSet = new HashSet(collection.size());
        for (Certificate certificate : collection) {
            if (certificate instanceof X509Certificate) {
                hashSet.add(new TrustAnchor((X509Certificate) certificate, null));
            }
        }
        return hashSet;
    }

    public static final List<Certificate> getEmptyCertificateList() {
        return Collections.emptyList();
    }

    public static List<CRL> getEmptyCrlList() {
        return Collections.emptyList();
    }

    public static String getSHA1ThumbPrintString(X509Certificate x509Certificate) {
        byte[] thumbPrint = getThumbPrint(x509Certificate, "SHA-1");
        return thumbPrint == null ? "" : Hex.bytesToHexString(thumbPrint);
    }

    public static Set<TrustAnchor> getSelfSignedCertificatesAsTrustAnchors(List<CertStore> list) {
        HashSet hashSet = new HashSet();
        Iterator<CertStore> it = list.iterator();
        while (it.hasNext()) {
            try {
                hashSet.addAll(getAsTrustAnchors(it.next().getCertificates(SELF_SIGNED_SELECTOR)));
            } catch (CertStoreException e) {
                LOGGER.log(Level.WARNING, "Could not add anchors", (Throwable) e);
            }
        }
        return hashSet;
    }

    private static byte[] getThumbPrint(X509Certificate x509Certificate, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(x509Certificate.getEncoded());
            return messageDigest.digest();
        } catch (NoSuchAlgorithmException e) {
            LOGGER.log(Level.WARNING, "Unexpected exception", (Throwable) e);
            return null;
        } catch (CertificateEncodingException e2) {
            LOGGER.log(Level.WARNING, "Unexpected exception", (Throwable) e2);
            return null;
        }
    }
}
