package org.apache.plc4x.java.opcua.security;

import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:org/apache/plc4x/java/opcua/security/TrustStoreCertificateVerifier.class */
public class TrustStoreCertificateVerifier implements CertificateVerifier {
    private X509TrustManager trustManager;

    public TrustStoreCertificateVerifier(KeyStore keyStore) throws GeneralSecurityException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        int length = trustManagers.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            TrustManager trustManager = trustManagers[i];
            if (trustManager instanceof X509TrustManager) {
                this.trustManager = (X509TrustManager) trustManager;
                break;
            }
            i++;
        }
        if (this.trustManager == null) {
            throw new IllegalStateException("Could not initialize trust manager, underlying trust provider not found");
        }
    }

    @Override // org.apache.plc4x.java.opcua.security.CertificateVerifier
    public void checkCertificateTrusted(X509Certificate x509Certificate) throws CertificateException {
        this.trustManager.checkClientTrusted(new X509Certificate[]{x509Certificate}, "UNKNOWN");
    }
}
