package okhttp3.tls.internal;

import ee.m;
import java.net.InetAddress;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import ke.C15073a;
import ke.C15074b;
import kotlin.Metadata;
import kotlin.collections.C15164l;
import kotlin.f;
import kotlin.g;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement;
import org.jetbrains.annotations.NotNull;

@Metadata(d1 = {"\u0000R\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0011\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0019\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0005\bÆ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u0002\u0010\u0003J5\u0010\u000b\u001a\u00020\n2\b\u0010\u0005\u001a\u0004\u0018\u00010\u00042\f\u0010\b\u001a\b\u0012\u0004\u0012\u00020\u00070\u00062\f\u0010\t\u001a\b\u0012\u0004\u0012\u00020\u00040\u0006H\u0007¢\u0006\u0004\b\u000b\u0010\fJ7\u0010\u0012\u001a\u00020\u00112\b\u0010\u0005\u001a\u0004\u0018\u00010\u00042\b\u0010\u000e\u001a\u0004\u0018\u00010\r2\u0012\u0010\u0010\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u00070\u000f\"\u00020\u0007H\u0007¢\u0006\u0004\b\u0012\u0010\u0013J\u0019\u0010\u0015\u001a\u00020\u00142\b\u0010\u0005\u001a\u0004\u0018\u00010\u0004H\u0002¢\u0006\u0004\b\u0015\u0010\u0016R\u0017\u0010\u001b\u001a\u00020\u00178\u0006¢\u0006\f\n\u0004\b\u0012\u0010\u0018\u001a\u0004\b\u0019\u0010\u001aR\u001b\u0010 \u001a\u00020\u001c8BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u000b\u0010\u001d\u001a\u0004\b\u001e\u0010\u001f¨\u0006!"}, d2 = {"Lokhttp3/tls/internal/TlsUtil;", "", "<init>", "()V", "", "keyStoreType", "", "Ljava/security/cert/X509Certificate;", "trustedCertificates", "insecureHosts", "Ljavax/net/ssl/X509TrustManager;", "c", "(Ljava/lang/String;Ljava/util/List;Ljava/util/List;)Ljavax/net/ssl/X509TrustManager;", "Lke/b;", "heldCertificate", "", "intermediates", "Ljavax/net/ssl/X509KeyManager;", com.journeyapps.barcodescanner.camera.b.f99062n, "(Ljava/lang/String;Lke/b;[Ljava/security/cert/X509Certificate;)Ljavax/net/ssl/X509KeyManager;", "Ljava/security/KeyStore;", "a", "(Ljava/lang/String;)Ljava/security/KeyStore;", "", "[C", "getPassword", "()[C", "password", "Lke/a;", "Lkotlin/f;", "getLocalhost", "()Lke/a;", "localhost", "okhttp-tls"}, k = 1, mv = {1, 8, 0})
/* loaded from: classes9.dex */
public final class TlsUtil {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    public static final TlsUtil f141058a = new TlsUtil();

    /* renamed from: b, reason: collision with root package name and from kotlin metadata */
    @NotNull
    public static final char[] password;

    /* renamed from: c, reason: collision with root package name and from kotlin metadata */
    @NotNull
    public static final f localhost;

    static {
        char[] charArray = "password".toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "this as java.lang.String).toCharArray()");
        password = charArray;
        localhost = g.b(new Function0<C15073a>() { // from class: okhttp3.tls.internal.TlsUtil$localhost$2
            @Override // kotlin.jvm.functions.Function0
            @NotNull
            public final C15073a invoke() {
                C15074b.a c12 = new C15074b.a().c("localhost");
                String canonicalHostName = InetAddress.getByName("localhost").getCanonicalHostName();
                Intrinsics.checkNotNullExpressionValue(canonicalHostName, "getByName(\"localhost\").canonicalHostName");
                C15074b b12 = c12.a(canonicalHostName).b();
                return new C15073a.C2255a().d(b12, new X509Certificate[0]).b(b12.getCertificate()).c();
            }
        });
    }

    private TlsUtil() {
    }

    @NotNull
    public static final X509KeyManager b(String keyStoreType, C15074b heldCertificate, @NotNull X509Certificate... intermediates) {
        Intrinsics.checkNotNullParameter(intermediates, "intermediates");
        KeyStore a12 = f141058a.a(keyStoreType);
        if (heldCertificate != null) {
            Certificate[] certificateArr = new Certificate[intermediates.length + 1];
            certificateArr[0] = heldCertificate.getCertificate();
            C15164l.r(intermediates, certificateArr, 1, 0, 0, 12, null);
            a12.setKeyEntry("private", heldCertificate.getKeyPair().getPrivate(), password, certificateArr);
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(a12, password);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        Intrinsics.g(keyManagers);
        if (keyManagers.length == 1) {
            KeyManager keyManager = keyManagers[0];
            if (keyManager instanceof X509KeyManager) {
                Intrinsics.h(keyManager, "null cannot be cast to non-null type javax.net.ssl.X509KeyManager");
                return (X509KeyManager) keyManager;
            }
        }
        StringBuilder sb2 = new StringBuilder();
        sb2.append("Unexpected key managers:");
        String arrays = Arrays.toString(keyManagers);
        Intrinsics.checkNotNullExpressionValue(arrays, "toString(this)");
        sb2.append(arrays);
        throw new IllegalStateException(sb2.toString().toString());
    }

    @IgnoreJRERequirement
    @NotNull
    public static final X509TrustManager c(String keyStoreType, @NotNull List<? extends X509Certificate> trustedCertificates, @NotNull List<String> insecureHosts) {
        Intrinsics.checkNotNullParameter(trustedCertificates, "trustedCertificates");
        Intrinsics.checkNotNullParameter(insecureHosts, "insecureHosts");
        KeyStore a12 = f141058a.a(keyStoreType);
        int size = trustedCertificates.size();
        for (int i12 = 0; i12 < size; i12++) {
            a12.setCertificateEntry("cert_" + i12, trustedCertificates.get(i12));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(a12);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        Intrinsics.g(trustManagers);
        if (trustManagers.length == 1) {
            TrustManager trustManager = trustManagers[0];
            if (trustManager instanceof X509TrustManager) {
                Intrinsics.h(trustManager, "null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
                X509TrustManager x509TrustManager = (X509TrustManager) trustManager;
                if (insecureHosts.isEmpty()) {
                    return x509TrustManager;
                }
                return m.INSTANCE.h() ? new a(x509TrustManager, insecureHosts) : new d(e.a(x509TrustManager), insecureHosts);
            }
        }
        StringBuilder sb2 = new StringBuilder();
        sb2.append("Unexpected trust managers: ");
        String arrays = Arrays.toString(trustManagers);
        Intrinsics.checkNotNullExpressionValue(arrays, "toString(this)");
        sb2.append(arrays);
        throw new IllegalStateException(sb2.toString().toString());
    }

    public final KeyStore a(String keyStoreType) {
        if (keyStoreType == null) {
            keyStoreType = KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(keyStoreType);
        keyStore.load(null, password);
        Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(keyStoreType…utStream, password)\n    }");
        return keyStore;
    }
}
