package zm;

import d9.e;
import f8.g;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.Vector;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManager;
import n1.m;
import q4.s;
import s8.p;
import sk.j;
import sk.l;
import wm.k;
import yj.c1;
import yj.h;
import yj.o;

/* loaded from: classes.dex */
public class a implements k {

    /* renamed from: h, reason: collision with root package name */
    public static final bn.b f21966h = bn.c.c(a.class);

    /* renamed from: a, reason: collision with root package name */
    public final com.google.android.material.datepicker.c f21967a;

    /* renamed from: b, reason: collision with root package name */
    public final boolean f21968b;

    /* renamed from: c, reason: collision with root package name */
    public final boolean f21969c;

    /* renamed from: d, reason: collision with root package name */
    public SSLContext f21970d;

    /* renamed from: e, reason: collision with root package name */
    public Certificate f21971e;

    /* renamed from: f, reason: collision with root package name */
    public PrivateKey f21972f;

    /* renamed from: g, reason: collision with root package name */
    public d9.b<String, SSLContext> f21973g;

    /* renamed from: zm.a$a, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public class CallableC0380a implements Callable<SSLContext> {

        /* renamed from: t, reason: collision with root package name */
        public final /* synthetic */ String f21974t;

        /* renamed from: u, reason: collision with root package name */
        public final /* synthetic */ f f21975u;

        public CallableC0380a(String str, f fVar) {
            this.f21974t = str;
            this.f21975u = fVar;
        }

        @Override // java.util.concurrent.Callable
        public SSLContext call() {
            return a.this.m(this.f21974t, this.f21975u);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v24, types: [java.security.KeyStore] */
    /* JADX WARN: Type inference failed for: r3v14, types: [java.io.BufferedWriter, java.io.Closeable, gl.b] */
    /* JADX WARN: Type inference failed for: r3v15, types: [java.io.Closeable, java.io.FileInputStream, java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r4v6, types: [javax.net.ssl.KeyManagerFactory] */
    public a(com.google.android.material.datepicker.c cVar, boolean z10, boolean z11) {
        FileOutputStream fileOutputStream;
        FileWriter fileWriter;
        KeyManager[] keyManagerArr;
        d9.c cVar2 = new d9.c();
        TimeUnit timeUnit = TimeUnit.MINUTES;
        long j10 = cVar2.f5629b;
        if (!(j10 == -1)) {
            throw new IllegalStateException(g.j("expireAfterAccess was already set to %s ns", Long.valueOf(j10)));
        }
        cVar2.f5629b = timeUnit.toNanos(5L);
        int i10 = cVar2.f5628a;
        p.x(i10 == -1, "concurrency level was already set to %s", i10);
        p.n(true);
        cVar2.f5628a = 16;
        p.A(true, "maximumWeight requires weigher");
        p.A(true, "refreshAfterWrite requires a LoadingCache");
        e.m mVar = new e.m(cVar2);
        this.f21967a = cVar;
        this.f21968b = z10;
        this.f21969c = z11;
        this.f21973g = mVar;
        FileOutputStream fileOutputStream2 = null;
        if (!cVar.a(".p12").exists() || !cVar.a(".pem").exists()) {
            s sVar = new s(3);
            bn.b bVar = b.f21977a;
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048, SecureRandom.getInstance("SHA1PRNG"));
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            m mVar2 = rk.a.I;
            Vector vector = new Vector();
            o oVar = rk.a.f17210z;
            vector.addElement(new qk.b(oVar, mVar2.J(oVar, (String) cVar.f4633d)));
            o oVar2 = rk.a.f17208x;
            vector.addElement(new qk.b(oVar2, mVar2.J(oVar2, (String) cVar.f4634e)));
            o oVar3 = rk.a.f17209y;
            vector.addElement(new qk.b(oVar3, mVar2.J(oVar3, (String) cVar.f4635f)));
            int size = vector.size();
            qk.b[] bVarArr = new qk.b[size];
            for (int i11 = 0; i11 != size; i11++) {
                bVarArr[i11] = (qk.b) vector.elementAt(i11);
            }
            qk.c cVar3 = new qk.c(mVar2, bVarArr);
            BigInteger valueOf = BigInteger.valueOf(b.b());
            PublicKey publicKey = generateKeyPair.getPublic();
            vk.e eVar = new vk.e(cVar3, valueOf, b.f21980d, b.f21981e, cVar3, publicKey);
            eVar.a(sk.g.f18040w, false, b.a(publicKey));
            eVar.a(sk.g.f18043z, true, new sk.b(true));
            eVar.a(sk.g.f18041x, false, new j(182));
            yj.f fVar = new yj.f(10);
            fVar.a(l.f18061v);
            fVar.a(l.f18062w);
            fVar.a(l.f18060u);
            eVar.a(sk.g.B, false, new c1(fVar));
            X509Certificate d10 = b.d(eVar, generateKeyPair.getPrivate());
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            keyStore.setKeyEntry((String) cVar.f4631b, generateKeyPair.getPrivate(), (char[]) cVar.f4632c, new Certificate[]{d10});
            f21966h.B("Created root certificate authority key store in {}ms", sVar);
            try {
                fileOutputStream = new FileOutputStream(this.f21967a.a(".p12"));
            } catch (Throwable th2) {
                th = th2;
            }
            try {
                keyStore.store(fileOutputStream, (char[]) this.f21967a.f4632c);
                ob.b.e(fileOutputStream);
                Object[] objArr = {keyStore.getCertificate((String) this.f21967a.f4631b)};
                try {
                    fileWriter = new FileWriter(this.f21967a.a(".pem"));
                    try {
                        ?? bVar2 = new gl.b(fileWriter);
                        for (int i12 = 0; i12 < 1; i12++) {
                            try {
                                bVar2.e(objArr[i12]);
                                bVar2.flush();
                            } catch (Throwable th3) {
                                th = th3;
                                fileOutputStream2 = bVar2;
                                ob.b.e(fileOutputStream2);
                                ob.b.e(fileWriter);
                                throw th;
                            }
                        }
                        ob.b.e(bVar2);
                        ob.b.e(fileWriter);
                    } catch (Throwable th4) {
                        th = th4;
                    }
                } catch (Throwable th5) {
                    th = th5;
                    fileWriter = null;
                }
            } catch (Throwable th6) {
                th = th6;
                fileOutputStream2 = fileOutputStream;
                ob.b.e(fileOutputStream2);
                throw th;
            }
        }
        ?? keyStore2 = KeyStore.getInstance("PKCS12");
        try {
            ?? fileInputStream = new FileInputStream(this.f21967a.a(".p12"));
            try {
                keyStore2.load(fileInputStream, (char[]) this.f21967a.f4632c);
                ob.b.e(fileInputStream);
                this.f21971e = keyStore2.getCertificate((String) this.f21967a.f4631b);
                com.google.android.material.datepicker.c cVar4 = this.f21967a;
                this.f21972f = (PrivateKey) keyStore2.getKey((String) cVar4.f4631b, (char[]) cVar4.f4632c);
                TrustManager[] trustManagers = this.f21968b ? kh.a.f11768d.getTrustManagers() : new TrustManager[]{new d(keyStore2)};
                if (this.f21969c) {
                    com.google.android.material.datepicker.c cVar5 = this.f21967a;
                    bn.b bVar3 = b.f21977a;
                    ?? keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(keyStore2, (char[]) cVar5.f4632c);
                    keyManagerArr = keyManagerFactory.getKeyManagers();
                } else {
                    keyManagerArr = new KeyManager[0];
                }
                SSLContext c10 = b.c();
                c10.init(keyManagerArr, trustManagers, null);
                this.f21970d = c10;
                if (o(c10.createSSLEngine())) {
                    return;
                }
                f21966h.q("Host Name Verification is not supported, causes insecure HTTPS connection to upstream servers.");
            } catch (Throwable th7) {
                th = th7;
                fileOutputStream2 = fileInputStream;
                ob.b.e(fileOutputStream2);
                throw th;
            }
        } catch (Throwable th8) {
            th = th8;
        }
    }

    @Override // wm.k
    public SSLEngine a() {
        SSLEngine createSSLEngine = this.f21970d.createSSLEngine();
        n(createSSLEngine);
        return createSSLEngine;
    }

    public SSLEngine l(String str, f fVar) {
        Object obj;
        SSLContext sSLContext;
        d9.g i10;
        if (str == null) {
            throw new IllegalArgumentException("Error, 'commonName' is not allowed to be null!");
        }
        d9.b<String, SSLContext> bVar = this.f21973g;
        if (bVar == null) {
            sSLContext = m(str, fVar);
        } else {
            CallableC0380a callableC0380a = new CallableC0380a(str, fVar);
            d9.e<K, V> eVar = ((e.m) bVar).f5684t;
            d9.f fVar2 = new d9.f(callableC0380a);
            Objects.requireNonNull(eVar);
            int d10 = eVar.d(str);
            e.o g10 = eVar.g(d10);
            Objects.requireNonNull(g10);
            try {
                try {
                    if (g10.f5688u != 0 && (i10 = g10.i(str, d10)) != null) {
                        long a10 = g10.f5687t.G.a();
                        Object k10 = g10.k(i10, a10);
                        if (k10 != null) {
                            g10.p(i10, a10);
                            g10.G.d(1);
                            Objects.requireNonNull(g10.f5687t);
                            obj = k10;
                        } else {
                            e.x E = i10.E();
                            if (E.b()) {
                                obj = g10.A(i10, str, E);
                            }
                        }
                        g10.m();
                        sSLContext = (SSLContext) obj;
                    }
                    obj = g10.l(str, d10, fVar2);
                    g10.m();
                    sSLContext = (SSLContext) obj;
                } catch (ExecutionException e10) {
                    Throwable cause = e10.getCause();
                    if (cause instanceof Error) {
                        throw new j9.d((Error) cause);
                    }
                    if (cause instanceof RuntimeException) {
                        throw new j9.m(cause);
                    }
                    throw e10;
                }
            } catch (Throwable th2) {
                g10.m();
                throw th2;
            }
        }
        return sSLContext.createSSLEngine();
    }

    public final SSLContext m(String str, f fVar) {
        s sVar = new s(3);
        com.google.android.material.datepicker.c cVar = this.f21967a;
        Certificate certificate = this.f21971e;
        PrivateKey privateKey = this.f21972f;
        bn.b bVar = b.f21977a;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(1024, SecureRandom.getInstance("SHA1PRNG"));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        byte[] encoded = certificate.getEncoded();
        try {
            Set set = uk.b.f19510a;
            yj.s q10 = yj.s.q(encoded);
            if (q10 == null) {
                throw new IOException("no content found");
            }
            sk.c m10 = sk.c.m(q10);
            Objects.requireNonNull(m10.f18029u);
            qk.c m11 = qk.c.m(m10.f18029u.A);
            BigInteger valueOf = BigInteger.valueOf(b.b());
            m mVar = rk.a.I;
            Vector vector = new Vector();
            o oVar = rk.a.f17210z;
            vector.addElement(new qk.b(oVar, mVar.J(oVar, str)));
            o oVar2 = rk.a.f17208x;
            vector.addElement(new qk.b(oVar2, mVar.J(oVar2, (String) cVar.f4636g)));
            o oVar3 = rk.a.f17209y;
            vector.addElement(new qk.b(oVar3, mVar.J(oVar3, (String) cVar.f4637h)));
            int size = vector.size();
            qk.b[] bVarArr = new qk.b[size];
            for (int i10 = 0; i10 != size; i10++) {
                bVarArr[i10] = (qk.b) vector.elementAt(i10);
            }
            vk.e eVar = new vk.e(m11, valueOf, b.f21980d, new Date(System.currentTimeMillis() + 86400000), new qk.c(mVar, bVarArr), generateKeyPair.getPublic());
            eVar.a(sk.g.f18040w, false, b.a(generateKeyPair.getPublic()));
            eVar.a(sk.g.f18043z, false, new sk.b(false));
            if (!fVar.f21988a.isEmpty()) {
                List<yj.e> list = fVar.f21988a;
                eVar.a(sk.g.f18042y, false, new c1((yj.e[]) list.toArray(new yj.e[list.size()])));
            }
            X509Certificate d10 = b.d(eVar, privateKey);
            d10.checkValidity(new Date());
            d10.verify(certificate.getPublicKey());
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setKeyEntry((String) cVar.f4631b, generateKeyPair.getPrivate(), (char[]) cVar.f4632c, new Certificate[]{d10, certificate});
            com.google.android.material.datepicker.c cVar2 = this.f21967a;
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, (char[]) cVar2.f4632c);
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            SSLContext c10 = b.c();
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.setSeed(System.currentTimeMillis());
            c10.init(keyManagers, null, secureRandom);
            f21966h.u("Impersonated {} in {}ms", str, sVar);
            return c10;
        } catch (ClassCastException e10) {
            StringBuilder a10 = android.support.v4.media.b.a("malformed data: ");
            a10.append(e10.getMessage());
            throw new h(a10.toString(), e10, 1);
        } catch (IllegalArgumentException e11) {
            StringBuilder a11 = android.support.v4.media.b.a("malformed data: ");
            a11.append(e11.getMessage());
            throw new h(a11.toString(), e11, 1);
        }
    }

    public final void n(SSLEngine sSLEngine) {
        LinkedList linkedList = new LinkedList();
        for (String str : sSLEngine.getEnabledCipherSuites()) {
            if (str.equals("TLS_DHE_RSA_WITH_AES_128_CBC_SHA") || str.equals("TLS_DHE_RSA_WITH_AES_256_CBC_SHA")) {
                f21966h.A("Removed cipher {}", str);
            } else {
                linkedList.add(str);
            }
        }
        sSLEngine.setEnabledCipherSuites((String[]) linkedList.toArray(new String[linkedList.size()]));
        bn.b bVar = f21966h;
        if (bVar.j()) {
            if (sSLEngine.getUseClientMode()) {
                bVar.x("Enabled server cipher suites:");
            } else {
                bVar.i("Enabled client {}:{} cipher suites:", sSLEngine.getPeerHost(), Integer.valueOf(sSLEngine.getPeerPort()));
            }
            Iterator it = linkedList.iterator();
            while (it.hasNext()) {
                f21966h.x((String) it.next());
            }
        }
    }

    public final boolean o(SSLEngine sSLEngine) {
        for (Method method : SSLParameters.class.getMethods()) {
            if ("setEndpointIdentificationAlgorithm".equals(method.getName())) {
                SSLParameters sSLParameters = new SSLParameters();
                try {
                    method.invoke(sSLParameters, "HTTPS");
                    sSLEngine.setSSLParameters(sSLParameters);
                    return true;
                } catch (IllegalAccessException | InvocationTargetException e10) {
                    f21966h.n("SSLParameters#setEndpointIdentificationAlgorithm", e10);
                    return false;
                }
            }
        }
        return false;
    }
}
