package ru.mts.legacy_data_utils_api.data.impl;

import android.annotation.SuppressLint;
import android.content.Context;
import android.util.Base64;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.jvm.internal.t;
import ru.mts.legacy_data_utils_api.data.ConfigB2B;
import ru.mts.legacy_data_utils_api.data.ConstantsKt;
import ru.mts.legacy_data_utils_api.data.entities.EnvironmentType;
import ru.mts.legacy_data_utils_api.data.entities.SslSource;
import ru.mts.legacy_data_utils_api.data.interfaces.PaymentChannelProvider;

@Metadata(d1 = {"\u0000P\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\b\u0018\u0000 \"2\u00020\u0001:\u0001\"B1\b\u0007\u0012\u0006\u0010\u0010\u001a\u00020\u000f\u0012\u0006\u0010\u0013\u001a\u00020\u0012\u0012\u0006\u0010\u0016\u001a\u00020\u0015\u0012\u0006\u0010\u0019\u001a\u00020\u0018\u0012\u0006\u0010\u001c\u001a\u00020\u001b¢\u0006\u0004\b \u0010!J\b\u0010\u0003\u001a\u00020\u0002H\u0002J\u001d\u0010\b\u001a\b\u0012\u0004\u0012\u00020\u00070\u00062\u0006\u0010\u0005\u001a\u00020\u0004H\u0002¢\u0006\u0004\b\b\u0010\tJ\b\u0010\u000b\u001a\u00020\nH\u0002J\b\u0010\f\u001a\u00020\nH\u0003J\b\u0010\r\u001a\u00020\u0004H\u0002J\b\u0010\u000e\u001a\u00020\u0002H\u0016R\u0014\u0010\u0010\u001a\u00020\u000f8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0010\u0010\u0011R\u0014\u0010\u0013\u001a\u00020\u00128\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0013\u0010\u0014R\u0014\u0010\u0016\u001a\u00020\u00158\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0016\u0010\u0017R\u0014\u0010\u0019\u001a\u00020\u00188\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0019\u0010\u001aR\u0014\u0010\u001c\u001a\u00020\u001b8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u001c\u0010\u001dR\u0016\u0010\u001e\u001a\u00020\u00028\u0002@\u0002X\u0082\u000e¢\u0006\u0006\n\u0004\b\u001e\u0010\u001f¨\u0006#"}, d2 = {"Lru/mts/legacy_data_utils_api/data/impl/SSLContextProviderImpl;", "Lwq1/b;", "Ljavax/net/ssl/SSLContext;", "createSSLContext", "Lru/mts/legacy_data_utils_api/data/entities/SslSource;", "sslSource", "", "Ljavax/net/ssl/KeyManager;", "provideKeyManagers", "(Lru/mts/legacy_data_utils_api/data/entities/SslSource;)[Ljavax/net/ssl/KeyManager;", "Ljavax/net/ssl/X509TrustManager;", "provideComboTrustManager", "provideUnsafeTrustManager", "provideSslSource", "getSSLContext", "Lru/mts/legacy_data_utils_api/data/impl/EnvironmentManager;", "environmentManager", "Lru/mts/legacy_data_utils_api/data/impl/EnvironmentManager;", "Lru/mts/legacy_data_utils_api/data/interfaces/PaymentChannelProvider;", "paymentChannelProvider", "Lru/mts/legacy_data_utils_api/data/interfaces/PaymentChannelProvider;", "Lyq1/b;", "trustManagerCreator", "Lyq1/b;", "Landroid/content/Context;", "context", "Landroid/content/Context;", "Lt01/a;", "keyStoreManager", "Lt01/a;", "instance", "Ljavax/net/ssl/SSLContext;", "<init>", "(Lru/mts/legacy_data_utils_api/data/impl/EnvironmentManager;Lru/mts/legacy_data_utils_api/data/interfaces/PaymentChannelProvider;Lyq1/b;Landroid/content/Context;Lt01/a;)V", "Companion", "legacy-data-utils-api_release"}, k = 1, mv = {1, 7, 1})
/* loaded from: classes5.dex */
public final class SSLContextProviderImpl implements wq1.b {
    private static final Companion Companion = new Companion(null);

    @Deprecated
    public static final String TRUSTED_DNS_PART = "mtsmoney-test";
    private final Context context;
    private final EnvironmentManager environmentManager;
    private SSLContext instance;
    private final t01.a keyStoreManager;
    private final PaymentChannelProvider paymentChannelProvider;
    private final yq1.b trustManagerCreator;

    @Metadata(d1 = {"\u0000\u0012\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\b\u0082\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000¨\u0006\u0005"}, d2 = {"Lru/mts/legacy_data_utils_api/data/impl/SSLContextProviderImpl$Companion;", "", "()V", "TRUSTED_DNS_PART", "", "legacy-data-utils-api_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes5.dex */
    private static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(kotlin.jvm.internal.k kVar) {
            this();
        }
    }

    public SSLContextProviderImpl(EnvironmentManager environmentManager, PaymentChannelProvider paymentChannelProvider, yq1.b trustManagerCreator, Context context, t01.a keyStoreManager) {
        t.i(environmentManager, "environmentManager");
        t.i(paymentChannelProvider, "paymentChannelProvider");
        t.i(trustManagerCreator, "trustManagerCreator");
        t.i(context, "context");
        t.i(keyStoreManager, "keyStoreManager");
        this.environmentManager = environmentManager;
        this.paymentChannelProvider = paymentChannelProvider;
        this.trustManagerCreator = trustManagerCreator;
        this.context = context;
        this.keyStoreManager = keyStoreManager;
        this.instance = createSSLContext();
    }

    private final SSLContext createSSLContext() {
        SslSource provideSslSource = provideSslSource();
        Boolean isEmpty = provideSslSource.isEmpty();
        t.h(isEmpty, "sslSource.isEmpty");
        if (isEmpty.booleanValue() && no1.b.f71369a.c()) {
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, new X509TrustManager[]{provideUnsafeTrustManager()}, null);
            t.h(sslContext, "sslContext");
            return sslContext;
        }
        KeyManager[] provideKeyManagers = provideKeyManagers(provideSslSource);
        X509TrustManager[] x509TrustManagerArr = {provideComboTrustManager()};
        SSLContext sslContext2 = SSLContext.getInstance("TLS");
        sslContext2.init(provideKeyManagers, x509TrustManagerArr, null);
        t.h(sslContext2, "sslContext");
        return sslContext2;
    }

    private final X509TrustManager provideComboTrustManager() {
        return this.trustManagerCreator.b(this.context);
    }

    private final KeyManager[] provideKeyManagers(SslSource sslSource) {
        byte[] decode = Base64.decode(sslSource.clientKeystorePwd, 0);
        t.h(decode, "decode(sslSource.clientK…storePwd, Base64.DEFAULT)");
        KeyStore a14 = this.keyStoreManager.a(sslSource.clientKeystoreRawResourceId, sslSource.clientKeystoreType, new String(decode, kotlin.text.d.UTF_8));
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        String str = sslSource.clientKeystorePwd;
        t.h(str, "sslSource.clientKeystorePwd");
        char[] charArray = str.toCharArray();
        t.h(charArray, "this as java.lang.String).toCharArray()");
        keyManagerFactory.init(a14, charArray);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        t.h(keyManagers, "kmf.keyManagers");
        return keyManagers;
    }

    private final SslSource provideSslSource() {
        SslSource sslSource = new SslSource();
        sslSource.trustKeystoreType = ConstantsKt.SSL_KEYSTORE_TRUST_TYPE;
        sslSource.clientKeystoreType = ConstantsKt.SSL_KEYSTORE_CLIENT_TYPE;
        if (this.environmentManager.getEnvironment() == EnvironmentType.STAGE_1) {
            sslSource.trustKeystoreRawResourceId = ConstantsKt.getSSL_KEYSTORE_TRUST_RAW_STAGE();
            sslSource.trustKeystorePwd = ConstantsKt.SSL_KEYSTORE_TRUST_PWD_STAGE;
            sslSource.clientKeystoreRawResourceId = ConstantsKt.getSSL_KEYSTORE_CLIENT_RAW_STAGE();
            sslSource.clientKeystorePwd = ConstantsKt.SSL_KEYSTORE_CLIENT_PWD_STAGE;
        } else if (this.environmentManager.getEnvironment() == EnvironmentType.STAGE_2) {
            sslSource.trustKeystoreType = null;
            sslSource.clientKeystoreType = null;
            sslSource.trustKeystoreRawResourceId = 0;
            sslSource.trustKeystorePwd = null;
            sslSource.clientKeystoreRawResourceId = 0;
            sslSource.clientKeystorePwd = null;
        } else if (this.paymentChannelProvider.isB2bMoneyCertEnabled()) {
            ConfigB2B configB2B = ConfigB2B.INSTANCE;
            sslSource.trustKeystoreRawResourceId = configB2B.getSSL_KEYSTORE_TRUST_RAW_NEW();
            sslSource.trustKeystorePwd = ConfigB2B.SSL_KEYSTORE_TRUST_PWD_NEW;
            sslSource.clientKeystoreRawResourceId = configB2B.getSSL_KEYSTORE_CLIENT_RAW_NEW();
            sslSource.clientKeystorePwd = ConfigB2B.SSL_KEYSTORE_CLIENT_PWD_NEW;
        } else {
            sslSource.trustKeystoreRawResourceId = ConstantsKt.getSSL_KEYSTORE_TRUST_RAW_NEW();
            sslSource.trustKeystorePwd = ConstantsKt.SSL_KEYSTORE_TRUST_PWD_NEW;
            sslSource.clientKeystoreRawResourceId = ConstantsKt.getSSL_KEYSTORE_CLIENT_RAW_NEW();
            sslSource.clientKeystorePwd = ConstantsKt.SSL_KEYSTORE_CLIENT_PWD_NEW;
        }
        return sslSource;
    }

    @SuppressLint({"TrustAllX509TrustManager", "CustomX509TrustManager"})
    private final X509TrustManager provideUnsafeTrustManager() {
        return new X509TrustManager() { // from class: ru.mts.legacy_data_utils_api.data.impl.SSLContextProviderImpl$provideUnsafeTrustManager$1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                t.i(chain, "chain");
                t.i(authType, "authType");
            }

            /* JADX WARN: Removed duplicated region for block: B:22:0x0078 A[LOOP:0: B:2:0x000d->B:22:0x0078, LOOP_END] */
            /* JADX WARN: Removed duplicated region for block: B:23:0x0076 A[SYNTHETIC] */
            @Override // javax.net.ssl.X509TrustManager
            /*
                Code decompiled incorrectly, please refer to instructions dump.
                To view partially-correct add '--show-bad-code' argument
            */
            public void checkServerTrusted(java.security.cert.X509Certificate[] r11, java.lang.String r12) throws java.security.cert.CertificateException {
                /*
                    r10 = this;
                    java.lang.String r0 = "chain"
                    kotlin.jvm.internal.t.i(r11, r0)
                    java.lang.String r0 = "authType"
                    kotlin.jvm.internal.t.i(r12, r0)
                    int r12 = r11.length
                    r0 = 0
                    r1 = 0
                Ld:
                    if (r1 >= r12) goto L7b
                    r2 = r11[r1]
                    java.security.Principal r3 = r2.getSubjectDN()
                    java.lang.String r3 = r3.getName()
                    java.lang.String r4 = "certificate.subjectDN.name"
                    kotlin.jvm.internal.t.h(r3, r4)
                    java.lang.String r4 = "mtsmoney-test"
                    r5 = 2
                    r6 = 0
                    boolean r3 = kotlin.text.o.U(r3, r4, r0, r5, r6)
                    r7 = 1
                    if (r3 != 0) goto L73
                    java.util.Collection r2 = r2.getSubjectAlternativeNames()
                    java.lang.String r3 = "certificate.subjectAlternativeNames"
                    kotlin.jvm.internal.t.h(r2, r3)
                    java.lang.Iterable r2 = (java.lang.Iterable) r2
                    java.util.ArrayList r3 = new java.util.ArrayList
                    r3.<init>()
                    java.util.Iterator r2 = r2.iterator()
                L3d:
                    boolean r8 = r2.hasNext()
                    if (r8 == 0) goto L4f
                    java.lang.Object r8 = r2.next()
                    boolean r9 = r8 instanceof java.lang.String
                    if (r9 == 0) goto L3d
                    r3.add(r8)
                    goto L3d
                L4f:
                    boolean r2 = r3.isEmpty()
                    if (r2 == 0) goto L57
                L55:
                    r2 = 0
                    goto L6e
                L57:
                    java.util.Iterator r2 = r3.iterator()
                L5b:
                    boolean r3 = r2.hasNext()
                    if (r3 == 0) goto L55
                    java.lang.Object r3 = r2.next()
                    java.lang.String r3 = (java.lang.String) r3
                    boolean r3 = kotlin.text.o.U(r3, r4, r0, r5, r6)
                    if (r3 == 0) goto L5b
                    r2 = 1
                L6e:
                    if (r2 == 0) goto L71
                    goto L73
                L71:
                    r2 = 0
                    goto L74
                L73:
                    r2 = 1
                L74:
                    if (r2 == 0) goto L78
                    r0 = 1
                    goto L7b
                L78:
                    int r1 = r1 + 1
                    goto Ld
                L7b:
                    if (r0 == 0) goto L7e
                    return
                L7e:
                    java.security.cert.CertificateException r11 = new java.security.cert.CertificateException
                    r11.<init>()
                    throw r11
                */
                throw new UnsupportedOperationException("Method not decompiled: ru.mts.legacy_data_utils_api.data.impl.SSLContextProviderImpl$provideUnsafeTrustManager$1.checkServerTrusted(java.security.cert.X509Certificate[], java.lang.String):void");
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
    }

    @Override // wq1.b
    /* renamed from: getSSLContext, reason: from getter */
    public SSLContext getInstance() {
        return this.instance;
    }
}
