package com.mb.android.networking;

import android.content.Context;
import android.net.http.SslCertificate;
import android.util.Pair;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class CertificateManager {
    private static final String CERT_STORE = "cert.keystore";
    private static final String CERT_STORE_PASS = "__SSAP_EROTS_TREC__";
    private final Context context;
    private final KeyStore keyStore;
    private SSLSocketFactory sslSocketFactory;
    private X509TrustManager x509TrustManager;

    public CertificateManager(Context context) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
        this.context = context;
        this.keyStore = initKeyStore(context);
    }

    private Pair<SSLSocketFactory, X509TrustManager> getSSLSocketFactoryTrustManagerPair() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
        if (this.sslSocketFactory != null) {
            if (this.x509TrustManager == null) {
            }
            return new Pair<>(this.sslSocketFactory, this.x509TrustManager);
        }
        this.x509TrustManager = CompositeX509TrustManager.getCompositeTrustManager(this.keyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{this.x509TrustManager}, null);
        this.sslSocketFactory = sSLContext.getSocketFactory();
        return new Pair<>(this.sslSocketFactory, this.x509TrustManager);
    }

    private Certificate getX509Certificate(SslCertificate sslCertificate) {
        byte[] byteArray = SslCertificate.saveState(sslCertificate).getByteArray("x509-certificate");
        if (byteArray == null) {
            return null;
        }
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(byteArray));
        } catch (CertificateException unused) {
            return null;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private KeyStore initKeyStore(Context context) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File fileStreamPath = context.getFileStreamPath(CERT_STORE);
        if (fileStreamPath.length() == 0) {
            if (!fileStreamPath.exists()) {
                fileStreamPath.createNewFile();
            }
            keyStore.load(null);
        } else {
            FileInputStream openFileInput = context.openFileInput(CERT_STORE);
            try {
                keyStore.load(openFileInput, CERT_STORE_PASS.toCharArray());
                if (openFileInput != null) {
                    openFileInput.close();
                }
            } catch (Throwable th) {
                if (openFileInput != null) {
                    try {
                        openFileInput.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                        throw th;
                    }
                    throw th;
                }
                throw th;
            }
        }
        return keyStore;
    }

    public HostnameVerifier getHostnameVerifier() {
        return new CompositeHostnameVerifier(this.context);
    }

    public SSLSocketFactory getSslSocketFactory() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
        return (SSLSocketFactory) getSSLSocketFactoryTrustManagerPair().first;
    }

    public X509TrustManager getX509TrustManager() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
        return (X509TrustManager) getSSLSocketFactoryTrustManagerPair().second;
    }

    public void setDefaultTrustedCertificateAuthorities() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        HttpsURLConnection.setDefaultSSLSocketFactory(getSslSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier(getHostnameVerifier());
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void storeSSLCertificate(String str, SslCertificate sslCertificate) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException {
        Certificate x509Certificate = getX509Certificate(sslCertificate);
        if (x509Certificate == null) {
            return;
        }
        this.keyStore.setCertificateEntry(str, x509Certificate);
        FileOutputStream openFileOutput = this.context.openFileOutput(CERT_STORE, 0);
        try {
            this.keyStore.store(openFileOutput, CERT_STORE_PASS.toCharArray());
            if (openFileOutput != null) {
                openFileOutput.close();
            }
            this.sslSocketFactory = null;
            this.x509TrustManager = null;
            setDefaultTrustedCertificateAuthorities();
        } catch (Throwable th) {
            if (openFileOutput != null) {
                try {
                    openFileOutput.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                    throw th;
                }
                throw th;
            }
            throw th;
        }
    }
}
