package org.apache.qpid.transport.network.security.ssl;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:org/apache/qpid/transport/network/security/ssl/QpidPeersOnlyTrustManager.class */
public class QpidPeersOnlyTrustManager implements X509TrustManager {
    private final KeyStore ts;
    private final X509TrustManager delegate;
    final List<Certificate> trustedCerts = new ArrayList();

    public QpidPeersOnlyTrustManager(KeyStore keyStore, X509TrustManager x509TrustManager) throws KeyStoreException {
        this.ts = keyStore;
        this.delegate = x509TrustManager;
        Enumeration<String> aliases = this.ts.aliases();
        while (aliases.hasMoreElements()) {
            this.trustedCerts.add(keyStore.getCertificate(aliases.nextElement()));
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.delegate.checkClientTrusted(x509CertificateArr, str);
        Iterator<Certificate> it = this.trustedCerts.iterator();
        while (it.hasNext()) {
            if (x509CertificateArr[0].equals(it.next())) {
                return;
            }
        }
        throw new CertificateException();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.delegate.checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
