package com.eway_crm.core.client.certificates;

import android.content.Context;
import androidx.core.util.Pair;
import com.eway_crm.mobile.androidapp.logging.Log;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;

/* loaded from: classes.dex */
public final class CertStore {
    private static final String STORE_FILE_NAME = "CertStore.eway";
    private static final char[] STORE_FILE_PASS = {'x', 'o', '2', '4', '@', '~', '|', 'p', 'p', 'p'};
    private static final Object INIT_SYNC_ROOT = new Object();
    private static File _certStoreFile = null;

    private static void checkInitialized() {
        synchronized (INIT_SYNC_ROOT) {
            if (_certStoreFile == null) {
                throw new UnsupportedOperationException("The CertStore class is not initialized.");
            }
        }
    }

    public static void deleteCustomStore() throws IOException {
        File file;
        synchronized (INIT_SYNC_ROOT) {
            file = _certStoreFile;
        }
        if (file.exists() && !file.delete()) {
            throw new IOException("Unable to delete keystore file");
        }
        ruleHttpsURLConnection();
    }

    private static HostnameVerifier getDefaultHostnameVerifier() throws IOException {
        HostnameVerifier defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
        boolean z = getLoadedCustomKeyStore(false) != null;
        if (defaultHostnameVerifier instanceof IpHostnameVerifier) {
            if (!z) {
                return ((IpHostnameVerifier) defaultHostnameVerifier).getDefaultVerifier();
            }
        } else if (z) {
            return new IpHostnameVerifier(defaultHostnameVerifier);
        }
        return defaultHostnameVerifier;
    }

    private static SSLSocketFactory getDefaultSocketFactory() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            try {
                sSLContext.init(null, null, null);
                return sSLContext.getSocketFactory();
            } catch (KeyManagementException e) {
                throw new UnsupportedOperationException("SSL context init failed.", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new UnsupportedOperationException("SSL context says that it doesn't know the TLS algorithm.", e2);
        }
    }

    private static KeyStore getLoadedCustomKeyStore(boolean z) throws IOException {
        File file;
        checkInitialized();
        synchronized (INIT_SYNC_ROOT) {
            file = _certStoreFile;
        }
        if (!z && !file.exists()) {
            return null;
        }
        String defaultType = KeyStore.getDefaultType();
        try {
            KeyStore keyStore = KeyStore.getInstance(defaultType);
            try {
                if (file.exists()) {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    try {
                        keyStore.load(fileInputStream, STORE_FILE_PASS);
                    } finally {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                            Log.INSTANCE.e("IO error while closing keystore file input stream.", e);
                        }
                    }
                } else {
                    keyStore.load(null, null);
                }
                return keyStore;
            } catch (NoSuchAlgorithmException | CertificateException e2) {
                throw new UnsupportedOperationException("Key store loading failed.", e2);
            }
        } catch (KeyStoreException e3) {
            throw new UnsupportedOperationException("Key store could not find the instance by type '" + defaultType + "'.", e3);
        }
    }

    public static SSLSocketFactory getSocketFactory() throws IOException {
        return getSocketFactory(null);
    }

    public static SSLSocketFactory getSocketFactory(CustomTrustManagerFactory customTrustManagerFactory) throws IOException {
        Pair<SSLSocketFactory, TrustManager[]> socketFactoryAndTrustManagers = getSocketFactoryAndTrustManagers(customTrustManagerFactory);
        return socketFactoryAndTrustManagers == null ? getDefaultSocketFactory() : socketFactoryAndTrustManagers.first;
    }

    private static Pair<SSLSocketFactory, TrustManager[]> getSocketFactoryAndTrustManagers(CustomTrustManagerFactory customTrustManagerFactory) throws IOException {
        TrustManager[] trustManagers;
        KeyStore loadedCustomKeyStore = getLoadedCustomKeyStore(false);
        if (loadedCustomKeyStore == null && customTrustManagerFactory == null) {
            return null;
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            try {
                trustManagerFactory.init(loadedCustomKeyStore);
                try {
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    if (customTrustManagerFactory != null) {
                        try {
                            trustManagers = new TrustManager[]{customTrustManagerFactory.create(trustManagerFactory.getTrustManagers())};
                            sSLContext.init(null, trustManagers, null);
                        } catch (KeyManagementException e) {
                            throw new UnsupportedOperationException("SSL context init failed.", e);
                        }
                    } else {
                        try {
                            trustManagers = trustManagerFactory.getTrustManagers();
                            sSLContext.init(null, trustManagers, null);
                        } catch (KeyManagementException e2) {
                            throw new UnsupportedOperationException("SSL context init failed.", e2);
                        }
                    }
                    return new Pair<>(sSLContext.getSocketFactory(), trustManagers);
                } catch (NoSuchAlgorithmException e3) {
                    throw new UnsupportedOperationException("SSL context says that it doesn't know the TLS algorithm.", e3);
                }
            } catch (KeyStoreException e4) {
                throw new UnsupportedOperationException("Trust manager factory init failed.", e4);
            }
        } catch (NoSuchAlgorithmException e5) {
            throw new UnsupportedOperationException("TrustManagerFactory says that there is no trusting algorithm.", e5);
        }
    }

    private static File getStoreFile(Context context) {
        return new File(context.getFilesDir(), STORE_FILE_NAME);
    }

    public static void initialize(Context context) throws IOException {
        synchronized (INIT_SYNC_ROOT) {
            if (_certStoreFile != null) {
                return;
            }
            File storeFile = getStoreFile(context);
            _certStoreFile = storeFile;
            boolean exists = storeFile.exists();
            if (exists) {
                ruleHttpsURLConnection();
            }
        }
    }

    private static void ruleHttpsURLConnection() throws IOException {
        HttpsURLConnection.setDefaultHostnameVerifier(getDefaultHostnameVerifier());
        HttpsURLConnection.setDefaultSSLSocketFactory(getSocketFactory());
    }

    public static OkHttpClient.Builder ruleOkHttpClient(OkHttpClient.Builder builder) throws IOException {
        builder.hostnameVerifier(getDefaultHostnameVerifier());
        Pair<SSLSocketFactory, TrustManager[]> socketFactoryAndTrustManagers = getSocketFactoryAndTrustManagers(null);
        if (socketFactoryAndTrustManagers == null) {
            return builder;
        }
        if (socketFactoryAndTrustManagers.first == null || socketFactoryAndTrustManagers.second == null) {
            throw new UnsupportedOperationException("One of ssl socket factory or trust managers is null.");
        }
        return builder.sslSocketFactory(socketFactoryAndTrustManagers.first, (X509TrustManager) socketFactoryAndTrustManagers.second[0]);
    }

    public static void trustCertificate(Certificate certificate) throws IOException {
        File file;
        checkInitialized();
        KeyStore loadedCustomKeyStore = getLoadedCustomKeyStore(true);
        if (loadedCustomKeyStore == null) {
            throw new NullPointerException("Key store is null.");
        }
        try {
            loadedCustomKeyStore.setCertificateEntry("ca_" + new Date().getTime(), certificate);
            try {
                synchronized (INIT_SYNC_ROOT) {
                    file = _certStoreFile;
                }
                if (file.exists() && !file.delete()) {
                    throw new IOException("Unable to delete keystore file");
                }
                FileOutputStream fileOutputStream = new FileOutputStream(file);
                try {
                    loadedCustomKeyStore.store(fileOutputStream, STORE_FILE_PASS);
                    ruleHttpsURLConnection();
                } finally {
                    try {
                        fileOutputStream.flush();
                        fileOutputStream.close();
                    } catch (IOException e) {
                        Log.INSTANCE.e("IO error while closing keystore file output stream.", e);
                    }
                }
            } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                throw new UnsupportedOperationException("Unable to store keystore.", e2);
            }
        } catch (KeyStoreException e3) {
            throw new UnsupportedOperationException("Unable to add certificate entry.", e3);
        }
    }
}
