package com.taskadapter.redmineapi.internal.comm.betterssl;

import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: input_file:com/taskadapter/redmineapi/internal/comm/betterssl/BetterSSLFactory.class */
public class BetterSSLFactory {
    public static SSLSocketFactory createSocketFactory(Collection<KeyStore> collection) throws KeyStoreException, KeyManagementException {
        ArrayList arrayList = new ArrayList();
        Iterator<KeyStore> it = collection.iterator();
        while (it.hasNext()) {
            addX509Managers(arrayList, it.next());
        }
        addX509Managers(arrayList, null);
        CompositeTrustManager compositeTrustManager = new CompositeTrustManager(arrayList);
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, new TrustManager[]{compositeTrustManager}, null);
            return new SSLSocketFactory(sSLContext);
        } catch (NoSuchAlgorithmException e) {
            throw new Error("No SSL protocols supported :(", e);
        }
    }

    private static void addX509Managers(Collection<X509TrustManager> collection, KeyStore keyStore) throws KeyStoreException, Error {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    collection.add((X509TrustManager) trustManager);
                }
            }
        } catch (NoSuchAlgorithmException e) {
            throw new Error("Default trust manager algorithm is not supported!", e);
        }
    }
}
