package com.sen.osmo.restservice.connection.security;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.res.Resources;
import androidx.annotation.NonNull;
import com.androidcore.osmc.WebService;
import com.google.android.gms.common.GooglePlayServicesNotAvailableException;
import com.google.android.gms.common.GooglePlayServicesRepairableException;
import com.google.android.gms.security.ProviderInstaller;
import com.sen.osmo.log.Log;
import com.sen.osmo.restservice.connection.ConnectionClient;
import com.sen.osmo.restservice.connection.proxy.AppProxy;
import com.sen.osmo.restservice.connection.security.Security;
import com.sen.osmo.settings.DefaultPrefs;
import com.sen.osmo.util.AndroidKeyStoreHelper;
import com.unify.osmo.integration.Analytics;
import com.unify.osmo.integration.GlideApp;
import com.unify.osmo.login.my2fa.data.network.AuthorizationInterceptor;
import com.unify.osmo.login.my2fa.data.network.SessionCookieJar;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;

/* loaded from: classes3.dex */
public class Security {

    /* renamed from: a, reason: collision with root package name */
    private static boolean f59549a = false;

    /* renamed from: b, reason: collision with root package name */
    private static HostnameVerifier f59550b;

    /* renamed from: c, reason: collision with root package name */
    @SuppressLint({"TrustAllX509TrustManager"})
    private static TrustManager[] f59551c = {new a()};

    /* loaded from: classes3.dex */
    class a implements X509TrustManager {
        a() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    private static KeyManager[] b(KeyStore keyStore) {
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore is null");
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, null);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        for (int i2 = 0; i2 < keyManagers.length; i2++) {
            KeyManager keyManager = keyManagers[i2];
            if (keyManager instanceof X509KeyManager) {
                keyManagers[i2] = new MyKeyManager((X509KeyManager) keyManager);
            }
        }
        return keyManagers;
    }

    private static KeyManager[] c(Context context) {
        return b(AndroidKeyStoreHelper.getKeyStore());
    }

    private static TrustManager[] d() {
        if (f59549a) {
            return f59551c;
        }
        TrustManager[] f2 = f();
        if (f2 != null) {
            for (int i2 = 0; i2 < f2.length; i2++) {
                TrustManager trustManager = f2[i2];
                if (trustManager instanceof X509TrustManager) {
                    f2[i2] = new SavingTrustManager((X509TrustManager) trustManager);
                }
            }
        }
        return f2;
    }

    private static SSLContext e(Context context, KeyManager[] keyManagerArr) {
        SSLContext sSLContext;
        if (f59549a) {
            sSLContext = SSLContext.getInstance("SSL");
        } else {
            h(context);
            sSLContext = SSLContext.getInstance("TLSv1.2");
        }
        sSLContext.init(keyManagerArr, d(), new SecureRandom());
        return sSLContext;
    }

    private static TrustManager[] f() {
        TrustManagerFactory trustManagerFactory;
        String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        if (defaultAlgorithm == null || (trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm)) == null) {
            return null;
        }
        trustManagerFactory.init((KeyStore) null);
        return trustManagerFactory.getTrustManagers();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ boolean g(String str, SSLSession sSLSession) {
        return true;
    }

    @SuppressLint({"BadHostnameVerifier"})
    public static HostnameVerifier getAllowAllHostnameVerifier() {
        if (f59550b == null) {
            f59550b = new HostnameVerifier() { // from class: n0.a
                @Override // javax.net.ssl.HostnameVerifier
                public final boolean verify(String str, SSLSession sSLSession) {
                    boolean g2;
                    g2 = Security.g(str, sSLSession);
                    return g2;
                }
            };
        }
        return f59550b;
    }

    @NonNull
    public static OkHttpClient getOkHttpClient(Context context) {
        SSLContext sSLContext;
        OkHttpClient.Builder cookieJar = new OkHttpClient.Builder().addInterceptor(new AuthorizationInterceptor(context)).cookieJar(SessionCookieJar.INSTANCE.getInstance());
        X509TrustManager x509TrustManager = null;
        try {
            sSLContext = getSslContext(context);
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e2) {
            Log.e("Security", "Construct SSL", e2);
            sSLContext = null;
        }
        try {
            x509TrustManager = getTrustManager();
        } catch (KeyStoreException | NoSuchAlgorithmException e3) {
            Log.e("Security", "Construct TrustManager", e3);
        }
        if (sSLContext != null && x509TrustManager != null) {
            cookieJar.sslSocketFactory(sSLContext.getSocketFactory(), x509TrustManager);
        }
        if (isAllowInvalidSsl()) {
            cookieJar.hostnameVerifier(getAllowAllHostnameVerifier());
        }
        cookieJar.proxy(AppProxy.getProxy(context));
        return cookieJar.build();
    }

    public static SSLSocketFactory getSecureSocketFactory(Context context) {
        try {
            return getSslContext(context).getSocketFactory();
        } catch (Exception e2) {
            Log.e("Security", "SSLContext", e2);
            return null;
        }
    }

    public static SSLContext getSslContext(Context context) {
        KeyManager[] keyManagerArr;
        try {
            keyManagerArr = c(context);
        } catch (Resources.NotFoundException e2) {
            e = e2;
            Log.e("Security", "Trust/Key exception", e);
            keyManagerArr = null;
            return e(context, keyManagerArr);
        } catch (IOException e3) {
            e = e3;
            Log.e("Security", "Trust/Key exception", e);
            keyManagerArr = null;
            return e(context, keyManagerArr);
        } catch (IllegalArgumentException e4) {
            e = e4;
            Log.e("Security", "Trust/Key exception", e);
            keyManagerArr = null;
            return e(context, keyManagerArr);
        } catch (KeyStoreException e5) {
            e = e5;
            Log.e("Security", "Trust/Key exception", e);
            keyManagerArr = null;
            return e(context, keyManagerArr);
        } catch (NoSuchAlgorithmException e6) {
            e = e6;
            Log.e("Security", "Trust/Key exception", e);
            keyManagerArr = null;
            return e(context, keyManagerArr);
        } catch (UnrecoverableKeyException e7) {
            e = e7;
            Log.e("Security", "Trust/Key exception", e);
            keyManagerArr = null;
            return e(context, keyManagerArr);
        } catch (CertificateException e8) {
            e = e8;
            Log.e("Security", "Trust/Key exception", e);
            keyManagerArr = null;
            return e(context, keyManagerArr);
        } catch (javax.security.cert.CertificateException e9) {
            Log.e("Security", "CertificateException", e9);
            keyManagerArr = null;
            return e(context, keyManagerArr);
        }
        return e(context, keyManagerArr);
    }

    public static X509TrustManager getTrustManager() {
        TrustManager[] f2 = f();
        if (f2 == null) {
            return null;
        }
        for (TrustManager trustManager : f2) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    private static void h(Context context) {
        try {
            Log.i("Security", "playStoreSecureProviderUpdate()");
            ProviderInstaller.installIfNeeded(context);
        } catch (GooglePlayServicesNotAvailableException unused) {
            Log.i("Security", "non-recoverable error; the ProviderInstaller is not able to install an up-to-date Provider");
        } catch (GooglePlayServicesRepairableException unused2) {
            Log.i("Security", "Google Play Services is out of date, disabled etc.");
        }
    }

    public static boolean isAllowInvalidSsl() {
        return f59549a;
    }

    public static void setAllowInvalidSsl(Context context) {
        Context applicationContext = context.getApplicationContext();
        boolean allowInvalidSSLCertificates = DefaultPrefs.getAllowInvalidSSLCertificates(context);
        if (f59549a != allowInvalidSSLCertificates) {
            f59549a = allowInvalidSSLCertificates;
            WebService.setHttpTransport(null);
            ConnectionClient.getInstance(context).restartClient(context);
            GlideApp.get(applicationContext).clearMemory();
        }
        Analytics.reportInvalidCertificates(context);
    }
}
