package de.geeksfactory.opacclient.networking;

import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;

/* loaded from: classes.dex */
public class AdditionalKeyStoresSSLSocketFactory {

    /* loaded from: classes.dex */
    public static class AdditionalKeyStoresTrustManager implements X509TrustManager {
        private X509Certificate[] acceptedIssuers;
        private X509TrustManager defaultTrustManager;
        private X509TrustManager localTrustManager;

        /* loaded from: classes.dex */
        static class LocalStoreX509TrustManager implements X509TrustManager {
            private X509TrustManager trustManager;

            LocalStoreX509TrustManager(KeyStore keyStore) {
                try {
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    X509TrustManager findX509TrustManager = AdditionalKeyStoresTrustManager.findX509TrustManager(trustManagerFactory);
                    this.trustManager = findX509TrustManager;
                    if (findX509TrustManager != null) {
                    } else {
                        throw new IllegalStateException("Couldn't find X509TrustManager");
                    }
                } catch (GeneralSecurityException e) {
                    throw new RuntimeException(e);
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                this.trustManager.checkClientTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                this.trustManager.checkServerTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return this.trustManager.getAcceptedIssuers();
            }
        }

        public AdditionalKeyStoresTrustManager(KeyStore keyStore) {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init((KeyStore) null);
                X509TrustManager findX509TrustManager = findX509TrustManager(trustManagerFactory);
                this.defaultTrustManager = findX509TrustManager;
                if (findX509TrustManager == null) {
                    throw new IllegalStateException("Couldn't find X509TrustManager");
                }
                this.localTrustManager = new LocalStoreX509TrustManager(keyStore);
                ArrayList arrayList = new ArrayList();
                Collections.addAll(arrayList, this.defaultTrustManager.getAcceptedIssuers());
                Collections.addAll(arrayList, this.localTrustManager.getAcceptedIssuers());
                this.acceptedIssuers = (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
            } catch (GeneralSecurityException e) {
                throw new RuntimeException(e);
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static X509TrustManager findX509TrustManager(TrustManagerFactory trustManagerFactory) {
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
            return null;
        }

        public static String getThumbPrint(X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(x509Certificate.getEncoded());
            return hexify(messageDigest.digest());
        }

        public static String hexify(byte[] bArr) {
            char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
            StringBuilder sb = new StringBuilder(bArr.length * 2);
            for (byte b2 : bArr) {
                sb.append(cArr[(b2 & 240) >> 4]);
                sb.append(cArr[b2 & 15]);
            }
            return sb.toString();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
            } catch (CertificateException unused) {
                this.localTrustManager.checkClientTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException unused) {
                this.localTrustManager.checkServerTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.acceptedIssuers;
        }
    }

    public static SSLConnectionSocketFactory create(Class<?> cls, X509TrustManager x509TrustManager) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance(SSLConnectionSocketFactory.TLS);
        sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
        if (cls != null) {
            try {
                return (SSLConnectionSocketFactory) cls.getDeclaredConstructor(SSLContext.class).newInstance(sSLContext);
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return new SSLConnectionSocketFactory(sSLContext);
    }

    public static SSLSocketFactory createForOkHttp(X509TrustManager x509TrustManager) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance(SSLConnectionSocketFactory.TLS);
        sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
        return sSLContext.getSocketFactory();
    }
}
