package one.Y7;

import android.util.Log;
import com.cyberghost.logging.Logger;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import one.e3.C3342c;
import one.pa.C4470l;
import org.jetbrains.annotations.NotNull;

/* compiled from: MetaProxyUtils.kt */
@Metadata(d1 = {"\u00000\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\bÇ\u0002\u0018\u00002\u00020\u0001:\u0001\rB\t\b\u0002¢\u0006\u0004\b\u0002\u0010\u0003J\u0015\u0010\u0007\u001a\u00020\u00062\u0006\u0010\u0005\u001a\u00020\u0004¢\u0006\u0004\b\u0007\u0010\bJ\u001d\u0010\r\u001a\u00020\f2\u0006\u0010\t\u001a\u00020\u00062\u0006\u0010\u000b\u001a\u00020\n¢\u0006\u0004\b\r\u0010\u000eJ\u0015\u0010\u0010\u001a\u00020\u000f2\u0006\u0010\t\u001a\u00020\u0006¢\u0006\u0004\b\u0010\u0010\u0011¨\u0006\u0012"}, d2 = {"Lone/Y7/X0;", "", "<init>", "()V", "", "strCertifacteAuthorityRoot", "Ljavax/net/ssl/X509TrustManager;", "c", "(Ljava/lang/String;)Ljavax/net/ssl/X509TrustManager;", "trustManager", "Lcom/cyberghost/logging/Logger;", "logger", "Ljavax/net/ssl/HostnameVerifier;", "a", "(Ljavax/net/ssl/X509TrustManager;Lcom/cyberghost/logging/Logger;)Ljavax/net/ssl/HostnameVerifier;", "Ljavax/net/ssl/SSLContext;", "b", "(Ljavax/net/ssl/X509TrustManager;)Ljavax/net/ssl/SSLContext;", "app_googleRelease"}, k = 1, mv = {1, 9, 0})
/* loaded from: classes2.dex */
public final class X0 {

    @NotNull
    public static final X0 a = new X0();

    /* compiled from: MetaProxyUtils.kt */
    @Metadata(d1 = {"\u0000*\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0002\b\b\b\u0002\u0018\u0000 \u00132\u00020\u0001:\u0001\u000fB\u0017\u0012\u0006\u0010\u0003\u001a\u00020\u0002\u0012\u0006\u0010\u0005\u001a\u00020\u0004¢\u0006\u0004\b\u0006\u0010\u0007J\u001f\u0010\r\u001a\u00020\f2\u0006\u0010\t\u001a\u00020\b2\u0006\u0010\u000b\u001a\u00020\nH\u0016¢\u0006\u0004\b\r\u0010\u000eR\u0014\u0010\u0003\u001a\u00020\u00028\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u000f\u0010\u0010R\u0014\u0010\u0005\u001a\u00020\u00048\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0011\u0010\u0012¨\u0006\u0014"}, d2 = {"Lone/Y7/X0$a;", "Ljavax/net/ssl/HostnameVerifier;", "Ljavax/net/ssl/X509TrustManager;", "trustManager", "Lcom/cyberghost/logging/Logger;", "logger", "<init>", "(Ljavax/net/ssl/X509TrustManager;Lcom/cyberghost/logging/Logger;)V", "", "hostname", "Ljavax/net/ssl/SSLSession;", "session", "", "verify", "(Ljava/lang/String;Ljavax/net/ssl/SSLSession;)Z", "a", "Ljavax/net/ssl/X509TrustManager;", "b", "Lcom/cyberghost/logging/Logger;", "c", "app_googleRelease"}, k = 1, mv = {1, 9, 0})
    /* loaded from: classes2.dex */
    private static final class a implements HostnameVerifier {

        @NotNull
        private static final String d;

        /* renamed from: a, reason: from kotlin metadata */
        @NotNull
        private final X509TrustManager trustManager;

        /* renamed from: b, reason: from kotlin metadata */
        @NotNull
        private final Logger logger;

        static {
            String simpleName = a.class.getSimpleName();
            Intrinsics.checkNotNullExpressionValue(simpleName, "getSimpleName(...)");
            d = simpleName;
        }

        public a(@NotNull X509TrustManager trustManager, @NotNull Logger logger) {
            Intrinsics.checkNotNullParameter(trustManager, "trustManager");
            Intrinsics.checkNotNullParameter(logger, "logger");
            this.trustManager = trustManager;
            this.logger = logger;
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(@NotNull String hostname, @NotNull SSLSession session) {
            Intrinsics.checkNotNullParameter(hostname, "hostname");
            Intrinsics.checkNotNullParameter(session, "session");
            try {
                Certificate[] peerCertificates = session.getPeerCertificates();
                Intrinsics.d(peerCertificates, "null cannot be cast to non-null type kotlin.Array<java.security.cert.X509Certificate>");
                this.trustManager.checkServerTrusted((X509Certificate[]) peerCertificates, "RSA");
                return true;
            } catch (Throwable th) {
                Log.i(d, C3342c.a.a(th));
                return false;
            }
        }
    }

    private X0() {
    }

    @NotNull
    public final HostnameVerifier a(@NotNull X509TrustManager trustManager, @NotNull Logger logger) {
        Intrinsics.checkNotNullParameter(trustManager, "trustManager");
        Intrinsics.checkNotNullParameter(logger, "logger");
        return new a(trustManager, logger);
    }

    @NotNull
    public final SSLContext b(@NotNull X509TrustManager trustManager) {
        Intrinsics.checkNotNullParameter(trustManager, "trustManager");
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        Intrinsics.checkNotNullExpressionValue(sSLContext, "getInstance(...)");
        sSLContext.init(null, new X509TrustManager[]{trustManager}, new SecureRandom());
        try {
            sSLContext.createSSLEngine().setEnabledProtocols(new String[]{"TLSv1.2", "TLSv1.3"});
        } catch (Throwable th) {
            Log.e("MetaProxyUtils", "Failed to set SSL engine", th);
        }
        return sSLContext;
    }

    @NotNull
    public final X509TrustManager c(@NotNull String strCertifacteAuthorityRoot) {
        Intrinsics.checkNotNullParameter(strCertifacteAuthorityRoot, "strCertifacteAuthorityRoot");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        char[] charArray = "password".toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "this as java.lang.String).toCharArray()");
        keyStore.load(null, charArray);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Intrinsics.checkNotNullExpressionValue(certificateFactory, "getInstance(...)");
        byte[] bytes = strCertifacteAuthorityRoot.getBytes(one.Vb.a.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bytes);
        try {
            keyStore.setCertificateEntry("root_ca", certificateFactory.generateCertificate(byteArrayInputStream));
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            TrustManager trustManager = trustManagers != null ? (TrustManager) C4470l.U(trustManagers, 0) : null;
            if (trustManagers != null && trustManagers.length == 1 && (trustManager instanceof X509TrustManager)) {
                Intrinsics.d(trustManager, "null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
                return (X509TrustManager) trustManager;
            }
            throw new IllegalStateException(("Unexpected default trust managers: " + Arrays.toString(trustManagers)).toString());
        } finally {
            try {
                byteArrayInputStream.close();
            } catch (Throwable unused) {
            }
        }
    }
}
