package com.microsoft.azure.sdk.iot.deps.auth;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.security.Key;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.UUID;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;

/* loaded from: classes3.dex */
public class IotHubSSLContext {

    /* renamed from: a, reason: collision with root package name */
    private SSLContext f27119a;

    public IotHubSSLContext() {
        this.f27119a = null;
        a(new IotHubCertificateManager());
    }

    public IotHubSSLContext(String str, String str2) {
        this.f27119a = null;
        b(str, str2, new IotHubCertificateManager());
    }

    public IotHubSSLContext(String str, String str2, String str3, boolean z2) {
        this.f27119a = null;
        IotHubCertificateManager iotHubCertificateManager = new IotHubCertificateManager();
        if (z2) {
            iotHubCertificateManager.c(str3);
        } else {
            iotHubCertificateManager.b(str3);
        }
        b(str, str2, iotHubCertificateManager);
    }

    public IotHubSSLContext(String str, boolean z2) {
        this.f27119a = null;
        IotHubCertificateManager iotHubCertificateManager = new IotHubCertificateManager();
        if (z2) {
            iotHubCertificateManager.c(str);
        } else {
            iotHubCertificateManager.b(str);
        }
        a(iotHubCertificateManager);
    }

    public IotHubSSLContext(SSLContext sSLContext) {
        this.f27119a = null;
        if (sSLContext == null) {
            throw new IllegalArgumentException("sslContext cannot be null");
        }
        this.f27119a = sSLContext;
    }

    private void a(IotHubCertificateManager iotHubCertificateManager) {
        this.f27119a = SSLContext.getInstance("TLSv1.2");
        this.f27119a.init(null, d(iotHubCertificateManager, null).getTrustManagers(), new SecureRandom());
    }

    private void b(String str, String str2, IotHubCertificateManager iotHubCertificateManager) {
        Key f2 = f(str2);
        X509Certificate[] x509CertificateArr = (X509Certificate[]) g(str).toArray(new X509Certificate[0]);
        char[] c3 = c();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        keyStore.setCertificateEntry("cert-alias", x509CertificateArr[0]);
        keyStore.setKeyEntry("key-alias", f2, c3, x509CertificateArr);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, c3);
        Arrays.fill(c3, 0, c3.length, '0');
        TrustManagerFactory d3 = d(iotHubCertificateManager, keyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        this.f27119a = sSLContext;
        sSLContext.init(keyManagerFactory.getKeyManagers(), d3.getTrustManagers(), new SecureRandom());
    }

    private static char[] c() {
        char[] cArr = new char[256];
        SecureRandom secureRandom = new SecureRandom();
        for (int i2 = 0; i2 < 256; i2++) {
            cArr[i2] = (char) (secureRandom.nextInt(26) + 97);
        }
        return cArr;
    }

    private TrustManagerFactory d(IotHubCertificateManager iotHubCertificateManager, KeyStore keyStore) {
        if (keyStore == null) {
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
        }
        Iterator<? extends Certificate> it = iotHubCertificateManager.a().iterator();
        while (it.hasNext()) {
            keyStore.setCertificateEntry("trustedIotHubCert-" + UUID.randomUUID(), it.next());
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    private static Key e(Object obj) {
        if (obj instanceof PEMKeyPair) {
            return new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) obj).getPrivate();
        }
        if (obj instanceof PrivateKeyInfo) {
            return new JcaPEMKeyConverter().getPrivateKey((PrivateKeyInfo) obj);
        }
        throw new IOException("Unable to parse private key, type unknown");
    }

    private static Key f(String str) {
        try {
            Security.addProvider(new BouncyCastleProvider());
            return e(new PEMParser(new StringReader(str)).readObject());
        } catch (Exception e2) {
            throw new CertificateException(e2);
        }
    }

    private static Collection<X509Certificate> g(String str) {
        try {
            ArrayList arrayList = new ArrayList();
            Security.addProvider(new BouncyCastleProvider());
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            PemReader pemReader = new PemReader(new StringReader(str));
            while (true) {
                try {
                    PemObject readPemObject = pemReader.readPemObject();
                    if (readPemObject == null) {
                        break;
                    }
                    byte[] content = readPemObject.getContent();
                    if (content.length <= 0) {
                        break;
                    }
                    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(content);
                    while (byteArrayInputStream.available() > 0) {
                        Certificate generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
                        if (generateCertificate instanceof X509Certificate) {
                            arrayList.add((X509Certificate) generateCertificate);
                        }
                    }
                } finally {
                }
            }
            pemReader.close();
            return arrayList;
        } catch (Exception e2) {
            throw new CertificateException(e2);
        }
    }

    public SSLContext getSSLContext() {
        return this.f27119a;
    }
}
