package ru.mts.sso.network.tls;

import android.content.Context;
import android.util.Log;
import java.io.BufferedInputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Lazy;
import kotlin.LazyKt__LazyJVMKt;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import ru.mts.sso.account.r0;
import ru.mts.sso.logger.SSOLog;
import ru.mts.sso.logger.SSOLogCategory;
import ru.mts.sso.logger.SSOLogger;

/* loaded from: classes6.dex */
public final class UCKEEIMGPB implements TLSProvider {
    public final ArrayList HISPj7KHQ7;
    public SSLSocketFactory Wja3o2vx62;
    public final Lazy eyd3OXAZgV;

    public UCKEEIMGPB(Context context, Integer[] cartsRaw) {
        Lazy lazy;
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(cartsRaw, "cartsRaw");
        this.HISPj7KHQ7 = new ArrayList();
        lazy = LazyKt__LazyJVMKt.lazy(new IUTUSIEVBP(this));
        this.eyd3OXAZgV = lazy;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            Intrinsics.checkNotNullExpressionValue(certificateFactory, "getInstance(...)");
            for (Integer num : cartsRaw) {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(context.getResources().openRawResource(num.intValue()));
                try {
                    Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
                    CloseableKt.closeFinally(bufferedInputStream, null);
                    ArrayList arrayList = this.HISPj7KHQ7;
                    Intrinsics.checkNotNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
                    arrayList.add((X509Certificate) generateCertificate);
                } finally {
                }
            }
        } catch (Exception e11) {
            SSOLogger R7N8DF4OVS = r0.R7N8DF4OVS();
            if (R7N8DF4OVS != null) {
                R7N8DF4OVS.log(new SSOLog.Error("error certificate", SSOLogCategory.SYSTEM, e11));
            }
        }
    }

    @Override // ru.mts.sso.network.tls.TLSProvider
    public final SSLSocketFactory getSSLSocketFactory() {
        if (this.HISPj7KHQ7.isEmpty()) {
            return null;
        }
        SSLSocketFactory sSLSocketFactory = this.Wja3o2vx62;
        if (sSLSocketFactory == null) {
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, new X509TrustManager[]{(X509TrustManager) this.eyd3OXAZgV.getValue()}, null);
                sSLSocketFactory = sSLContext.getSocketFactory();
                this.Wja3o2vx62 = sSLSocketFactory;
            } catch (Exception e11) {
                Log.e("TLSCertificateProvider", "error certificate", e11);
                return null;
            }
        }
        return sSLSocketFactory;
    }

    @Override // ru.mts.sso.network.tls.TLSProvider
    public final X509TrustManager getTrustManager() {
        return (X509TrustManager) this.eyd3OXAZgV.getValue();
    }

    @Override // ru.mts.sso.network.tls.TLSProvider
    public final boolean isCertificateTrusted(X509Certificate certificate) {
        Intrinsics.checkNotNullParameter(certificate, "certificate");
        Iterator it = this.HISPj7KHQ7.iterator();
        while (it.hasNext()) {
            try {
                certificate.verify(((X509Certificate) it.next()).getPublicKey());
                return true;
            } catch (Exception unused) {
            }
        }
        return false;
    }
}
