package at.bluecode.sdk.network;

import java.io.IOException;
import java.net.Socket;
import java.security.Key;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

@Metadata(d1 = {"\u0000$\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0007\b\u0000\u0018\u0000 \u00112\u00020\u0001:\u0001\u0011B\u0007¢\u0006\u0004\b\u000f\u0010\u0010J\u0010\u0010\u0005\u001a\u00020\u00042\b\u0010\u0003\u001a\u0004\u0018\u00010\u0002J\u0010\u0010\u0007\u001a\u00020\u00062\b\u0010\u0003\u001a\u0004\u0018\u00010\u0002R\u0011\u0010\n\u001a\u00020\u00048F¢\u0006\u0006\u001a\u0004\b\b\u0010\tR\u0013\u0010\u000e\u001a\u0004\u0018\u00010\u000b8F¢\u0006\u0006\u001a\u0004\b\f\u0010\r¨\u0006\u0012"}, d2 = {"Lat/bluecode/sdk/network/BCRestSSLSocketFactory;", "", "Lat/bluecode/sdk/network/BCRestRequestCertificateSpec;", "certificateSpec", "Ljavax/net/ssl/SSLSocketFactory;", "getSSLSocketFactory", "Ljavax/net/ssl/SSLContext;", "getSSLContext", "getDefaultSSLSocketFactory", "()Ljavax/net/ssl/SSLSocketFactory;", "defaultSSLSocketFactory", "Ljavax/net/ssl/X509TrustManager;", "getTrustManager", "()Ljavax/net/ssl/X509TrustManager;", "trustManager", "<init>", "()V", "Companion", "bluecodeSdk_release"}, k = 1, mv = {1, 8, 0})
/* loaded from: classes.dex */
public final class BCRestSSLSocketFactory {
    private static KeyManager[] a(final BCRestRequestCertificateSpec bCRestRequestCertificateSpec) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, IOException, CertificateException {
        if (bCRestRequestCertificateSpec == null) {
            BCLog.INSTANCE.d("BCRestSSLSocketFactory", "No client certificate set.");
            return null;
        }
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        Certificate certificate = keyStore.getCertificate(bCRestRequestCertificateSpec.getClientCertificateAlias());
        Intrinsics.checkNotNull(certificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
        final X509Certificate x509Certificate = (X509Certificate) certificate;
        Key key = keyStore.getKey(bCRestRequestCertificateSpec.getClientCertificatePrivateKeyAlias(), null);
        Intrinsics.checkNotNull(key, "null cannot be cast to non-null type java.security.PrivateKey");
        final PrivateKey privateKey = (PrivateKey) key;
        X509ExtendedKeyManager x509ExtendedKeyManager = new X509ExtendedKeyManager() { // from class: at.bluecode.sdk.network.BCRestSSLSocketFactory$getKeyManagers$keyManager$1
            @Override // javax.net.ssl.X509KeyManager
            public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) {
                Intrinsics.checkNotNullParameter(keyType, "keyType");
                Intrinsics.checkNotNullParameter(socket, "socket");
                return BCRestRequestCertificateSpec.this.getClientCertificateAlias();
            }

            @Override // javax.net.ssl.X509KeyManager
            public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
                Intrinsics.checkNotNullParameter(keyType, "keyType");
                Intrinsics.checkNotNullParameter(socket, "socket");
                return null;
            }

            @Override // javax.net.ssl.X509KeyManager
            public X509Certificate[] getCertificateChain(String alias) {
                Intrinsics.checkNotNullParameter(alias, "alias");
                return new X509Certificate[]{x509Certificate};
            }

            @Override // javax.net.ssl.X509KeyManager
            public String[] getClientAliases(String keyType, Principal[] issuers) {
                Intrinsics.checkNotNullParameter(keyType, "keyType");
                return new String[]{BCRestRequestCertificateSpec.this.getClientCertificateAlias()};
            }

            @Override // javax.net.ssl.X509KeyManager
            public PrivateKey getPrivateKey(String alias) {
                Intrinsics.checkNotNullParameter(alias, "alias");
                if (alias.compareTo(BCRestRequestCertificateSpec.this.getClientCertificateAlias()) == 0) {
                    return privateKey;
                }
                BCLog.INSTANCE.e("ContentValues", "Failed to load private key with alias " + alias);
                return null;
            }

            @Override // javax.net.ssl.X509KeyManager
            public String[] getServerAliases(String keyType, Principal[] issuers) {
                Intrinsics.checkNotNullParameter(keyType, "keyType");
                return null;
            }
        };
        BCLog.INSTANCE.d("BCRestSSLSocketFactory", "Loaded client certificate.");
        return new KeyManager[]{x509ExtendedKeyManager};
    }

    public final SSLSocketFactory getDefaultSSLSocketFactory() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
        return new BCRestTLSSocketFactory(null, null, null);
    }

    public final SSLContext getSSLContext(BCRestRequestCertificateSpec certificateSpec) throws CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyManagementException, KeyStoreException, IOException {
        SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
        sslContext.init(a(certificateSpec), null, null);
        Intrinsics.checkNotNullExpressionValue(sslContext, "sslContext");
        return sslContext;
    }

    public final SSLSocketFactory getSSLSocketFactory(BCRestRequestCertificateSpec certificateSpec) throws CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyManagementException, KeyStoreException, IOException {
        return new BCRestTLSSocketFactory(a(certificateSpec), null, null);
    }

    public final X509TrustManager getTrustManager() throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        Intrinsics.checkNotNullExpressionValue(trustManagers, "trustManagerFactory.trustManagers");
        if (trustManagers == null || trustManagers.length <= 0) {
            return null;
        }
        TrustManager trustManager = trustManagers[0];
        Intrinsics.checkNotNull(trustManager, "null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
        return (X509TrustManager) trustManager;
    }
}
