package com.easysoftware.redmine.domain.api.util;

import info.guardianproject.netcipher.client.StrongSSLSocketFactory;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Objects;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.collections.ArraysKt;
import kotlin.jvm.internal.Intrinsics;
import okhttp3.OkHttpClient;

/* compiled from: CustomCertificateWrapper.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000N\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0004\u0018\u00002\u00020\u0001B\u0015\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\u001a\u0010\u0007\u001a\u00020\b2\b\u0010\t\u001a\u0004\u0018\u00010\n2\u0006\u0010\u000b\u001a\u00020\fH\u0002J\u0010\u0010\r\u001a\u00020\n2\u0006\u0010\u000e\u001a\u00020\u000fH\u0002J\b\u0010\u0010\u001a\u00020\u000fH\u0002J%\u0010\u0011\u001a\u00020\u00122\b\u0010\t\u001a\u0004\u0018\u00010\n2\f\u0010\u0013\u001a\b\u0012\u0004\u0012\u00020\u00150\u0014H\u0002¢\u0006\u0002\u0010\u0016J\u0010\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u000e\u001a\u00020\u000fH\u0002J\u001b\u0010\u0019\u001a\u00020\f2\f\u0010\u0013\u001a\b\u0012\u0004\u0012\u00020\u00150\u0014H\u0002¢\u0006\u0002\u0010\u001aJ\b\u0010\u001b\u001a\u00020\fH\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u001c"}, d2 = {"Lcom/easysoftware/redmine/domain/api/util/CustomCertificateWrapper;", "", "builder", "Lokhttp3/OkHttpClient$Builder;", "store", "Lcom/easysoftware/redmine/domain/api/util/CertificateStore;", "(Lokhttp3/OkHttpClient$Builder;Lcom/easysoftware/redmine/domain/api/util/CertificateStore;)V", "addConfig", "", "keyManager", "Ljavax/net/ssl/KeyManagerFactory;", "x509TrustManager", "Ljavax/net/ssl/X509TrustManager;", "getKeyManagerFactory", "keyStore", "Ljava/security/KeyStore;", "getKeyStore", "getSSLContext", "Ljavax/net/ssl/SSLContext;", "trustManagers", "", "Ljavax/net/ssl/TrustManager;", "(Ljavax/net/ssl/KeyManagerFactory;[Ljavax/net/ssl/TrustManager;)Ljavax/net/ssl/SSLContext;", "getTrustManagerFactory", "Ljavax/net/ssl/TrustManagerFactory;", "getX509TrustManager", "([Ljavax/net/ssl/TrustManager;)Ljavax/net/ssl/X509TrustManager;", "getX509TrustManagerDefault", "app_easy_projectRelease"}, k = 1, mv = {1, 4, 1})
/* loaded from: classes.dex */
public final class CustomCertificateWrapper {
    private final OkHttpClient.Builder builder;
    private final CertificateStore store;

    public CustomCertificateWrapper(OkHttpClient.Builder builder, CertificateStore store) {
        Intrinsics.checkNotNullParameter(builder, "builder");
        Intrinsics.checkNotNullParameter(store, "store");
        this.builder = builder;
        this.store = store;
        if (store.isEnable()) {
            String filePath = store.getFilePath();
            if (!(filePath == null || filePath.length() == 0)) {
                KeyStore keyStore = getKeyStore();
                TrustManagerFactory trustManagerFactory = getTrustManagerFactory(keyStore);
                KeyManagerFactory keyManagerFactory = getKeyManagerFactory(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                Intrinsics.checkNotNullExpressionValue(trustManagers, "trustFactory.trustManagers");
                addConfig(keyManagerFactory, getX509TrustManager(trustManagers));
                return;
            }
        }
        addConfig(null, getX509TrustManagerDefault());
    }

    private final void addConfig(KeyManagerFactory keyManager, X509TrustManager x509TrustManager) {
        SSLContext sSLContext = getSSLContext(keyManager, new TrustManager[]{x509TrustManager});
        this.builder.hostnameVerifier(new HostnameVerifier() { // from class: com.easysoftware.redmine.domain.api.util.CustomCertificateWrapper$addConfig$1
            @Override // javax.net.ssl.HostnameVerifier
            public final boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        });
        OkHttpClient.Builder builder = this.builder;
        SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
        Intrinsics.checkNotNullExpressionValue(socketFactory, "sslContext.socketFactory");
        builder.sslSocketFactory(socketFactory, x509TrustManager);
    }

    private final KeyManagerFactory getKeyManagerFactory(KeyStore keyStore) {
        char[] cArr;
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        String password = this.store.getPassword();
        if (password != null) {
            Objects.requireNonNull(password, "null cannot be cast to non-null type java.lang.String");
            cArr = password.toCharArray();
            Intrinsics.checkNotNullExpressionValue(cArr, "(this as java.lang.String).toCharArray()");
        } else {
            cArr = null;
        }
        kmf.init(keyStore, cArr);
        Intrinsics.checkNotNullExpressionValue(kmf, "kmf");
        return kmf;
    }

    private final KeyStore getKeyStore() {
        char[] cArr;
        String type = this.store.getType();
        if (type == null) {
            type = KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(type);
        FileInputStream fileInputStream = new FileInputStream(this.store.getFilePath());
        String password = this.store.getPassword();
        if (password != null) {
            Objects.requireNonNull(password, "null cannot be cast to non-null type java.lang.String");
            cArr = password.toCharArray();
            Intrinsics.checkNotNullExpressionValue(cArr, "(this as java.lang.String).toCharArray()");
        } else {
            cArr = null;
        }
        keyStore.load(fileInputStream, cArr);
        Intrinsics.checkNotNullExpressionValue(keyStore, "keyStore");
        return keyStore;
    }

    private final SSLContext getSSLContext(KeyManagerFactory keyManager, TrustManager[] trustManagers) {
        SSLContext sslContext = SSLContext.getInstance(StrongSSLSocketFactory.TLS);
        sslContext.init(keyManager != null ? keyManager.getKeyManagers() : null, trustManagers, null);
        Intrinsics.checkNotNullExpressionValue(sslContext, "sslContext");
        return sslContext;
    }

    private final TrustManagerFactory getTrustManagerFactory(KeyStore keyStore) {
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init(keyStore);
        Intrinsics.checkNotNullExpressionValue(tmf, "tmf");
        return tmf;
    }

    private final X509TrustManager getX509TrustManager(TrustManager[] trustManagers) {
        Object first = ArraysKt.first(trustManagers);
        Objects.requireNonNull(first, "null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
        final X509TrustManager x509TrustManager = (X509TrustManager) first;
        return new X509TrustManager() { // from class: com.easysoftware.redmine.domain.api.util.CustomCertificateWrapper$getX509TrustManager$1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] certs, String authType) {
                Intrinsics.checkNotNullParameter(certs, "certs");
                Intrinsics.checkNotNullParameter(authType, "authType");
                try {
                    if (!(certs.length == 0)) {
                        certs[0].checkValidity();
                    } else {
                        x509TrustManager.checkClientTrusted(certs, authType);
                    }
                } catch (CertificateException unused) {
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
                Intrinsics.checkNotNullParameter(certs, "certs");
                Intrinsics.checkNotNullParameter(authType, "authType");
                try {
                    if (!(certs.length == 0)) {
                        certs[0].checkValidity();
                    } else {
                        x509TrustManager.checkServerTrusted(certs, authType);
                    }
                } catch (CertificateException unused) {
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
                Intrinsics.checkNotNullExpressionValue(acceptedIssuers, "trustManager.acceptedIssuers");
                return acceptedIssuers;
            }
        };
    }

    private final X509TrustManager getX509TrustManagerDefault() {
        return new X509TrustManager() { // from class: com.easysoftware.redmine.domain.api.util.CustomCertificateWrapper$getX509TrustManagerDefault$1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] chain, String authType) {
                Intrinsics.checkNotNullParameter(chain, "chain");
                Intrinsics.checkNotNullParameter(authType, "authType");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] chain, String authType) {
                Intrinsics.checkNotNullParameter(chain, "chain");
                Intrinsics.checkNotNullParameter(authType, "authType");
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
    }
}
