package com.weibo.cd.base.network.ssl;

import android.util.Base64;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.io.CloseableKt;
import kotlin.io.TextStreamsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import kotlin.text.StringsKt;

/* compiled from: SSLContextFactory.kt */
@Metadata(d1 = {"\u00006\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0010\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006H\u0002J\u0018\u0010\u0007\u001a\u00020\u00042\u0006\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u0006H\u0002J\u0010\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000eH\u0002J\u0006\u0010\u000f\u001a\u00020\u0010J\u001e\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u00062\u0006\u0010\u0012\u001a\u00020\u0006J\u000e\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0013\u001a\u00020\u0004J\u000e\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0012\u001a\u00020\u0006¨\u0006\u0014"}, d2 = {"Lcom/weibo/cd/base/network/ssl/SSLContextFactory;", "", "()V", "loadPEMTrustStore", "Ljava/security/KeyStore;", "certificateString", "", "loadPKCS12KeyStore", "certificateFile", "Ljava/io/File;", "clientCertPassword", "loadPemCertificate", "", "certificateStream", "Ljava/io/InputStream;", "makeContext", "Ljavax/net/ssl/SSLContext;", "clientCertFile", "caCertString", "keyStore", "lib_base_debug"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes6.dex */
public final class SSLContextFactory {
    public static final SSLContextFactory INSTANCE = new SSLContextFactory();

    private SSLContextFactory() {
    }

    private final KeyStore loadPEMTrustStore(String certificateString) {
        byte[] bytes = certificateString.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(loadPemCertificate(new ByteArrayInputStream(bytes))));
        Intrinsics.checkNotNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
        X509Certificate x509Certificate = (X509Certificate) generateCertificate;
        String name = x509Certificate.getSubjectX500Principal().getName();
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        trustStore.load(null);
        trustStore.setCertificateEntry(name, x509Certificate);
        Intrinsics.checkNotNullExpressionValue(trustStore, "trustStore");
        return trustStore;
    }

    private final KeyStore loadPKCS12KeyStore(File certificateFile, String clientCertPassword) {
        FileInputStream fileInputStream = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(\"PKCS12\")");
            FileInputStream fileInputStream2 = new FileInputStream(certificateFile);
            try {
                char[] charArray = clientCertPassword.toCharArray();
                Intrinsics.checkNotNullExpressionValue(charArray, "this as java.lang.String).toCharArray()");
                keyStore.load(fileInputStream2, charArray);
                try {
                    fileInputStream2.close();
                } catch (IOException unused) {
                }
                return keyStore;
            } catch (Throwable th) {
                th = th;
                fileInputStream = fileInputStream2;
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException unused2) {
                    }
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    private final byte[] loadPemCertificate(InputStream certificateStream) {
        try {
            StringBuilder sb = new StringBuilder();
            Reader inputStreamReader = new InputStreamReader(certificateStream, Charsets.UTF_8);
            for (String str : TextStreamsKt.readLines(inputStreamReader instanceof BufferedReader ? (BufferedReader) inputStreamReader : new BufferedReader(inputStreamReader, 8192))) {
                if (!StringsKt.startsWith$default(str, "--", false, 2, (Object) null)) {
                    sb.append(str);
                }
            }
            String sb2 = sb.toString();
            Intrinsics.checkNotNullExpressionValue(sb2, "buf.toString()");
            byte[] decode = Base64.decode(sb2, 0);
            Intrinsics.checkNotNullExpressionValue(decode, "decode(pem, Base64.DEFAULT)");
            Unit unit = Unit.INSTANCE;
            CloseableKt.closeFinally(null, null);
            return decode;
        } finally {
        }
    }

    public final SSLContext makeContext() {
        SSLContext sSLContext;
        try {
            sSLContext = SSLContext.getInstance("TLS");
            Intrinsics.checkNotNullExpressionValue(sSLContext, "{\n            SSLContext…Instance(\"TLS\")\n        }");
        } catch (Exception unused) {
            sSLContext = SSLContext.getInstance("LLS");
            Intrinsics.checkNotNullExpressionValue(sSLContext, "{\n            SSLContext…Instance(\"LLS\")\n        }");
        }
        sSLContext.init(null, new X509TrustManager[]{new SimpleX509TrustManager()}, new SecureRandom());
        return sSLContext;
    }

    public final SSLContext makeContext(File clientCertFile, String clientCertPassword, String caCertString) {
        Intrinsics.checkNotNullParameter(clientCertFile, "clientCertFile");
        Intrinsics.checkNotNullParameter(clientCertPassword, "clientCertPassword");
        Intrinsics.checkNotNullParameter(caCertString, "caCertString");
        KeyStore loadPKCS12KeyStore = loadPKCS12KeyStore(clientCertFile, clientCertPassword);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
        char[] charArray = clientCertPassword.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "this as java.lang.String).toCharArray()");
        keyManagerFactory.init(loadPKCS12KeyStore, charArray);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        TrustManager[] trustManagerArr = {new GenericTrustManager(loadPEMTrustStore(caCertString))};
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(keyManagers, trustManagerArr, null);
        Intrinsics.checkNotNullExpressionValue(sslContext, "sslContext");
        return sslContext;
    }

    public final SSLContext makeContext(String caCertString) {
        Intrinsics.checkNotNullParameter(caCertString, "caCertString");
        TrustManager[] trustManagerArr = {new GenericTrustManager(loadPEMTrustStore(caCertString))};
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, trustManagerArr, null);
        Intrinsics.checkNotNullExpressionValue(sslContext, "sslContext");
        return sslContext;
    }

    public final SSLContext makeContext(KeyStore keyStore) {
        SSLContext sSLContext;
        Intrinsics.checkNotNullParameter(keyStore, "keyStore");
        try {
            sSLContext = SSLContext.getInstance("TLS");
            Intrinsics.checkNotNullExpressionValue(sSLContext, "{\n            SSLContext…Instance(\"TLS\")\n        }");
        } catch (Exception unused) {
            sSLContext = SSLContext.getInstance("LLS");
            Intrinsics.checkNotNullExpressionValue(sSLContext, "{\n            SSLContext…Instance(\"LLS\")\n        }");
        }
        sSLContext.init(null, new X509TrustManager[]{new GenericTrustManager(keyStore)}, new SecureRandom());
        return sSLContext;
    }
}
