package dd;

import ed.g;
import faceverify.x0;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import kj.r;
import kotlin.Metadata;
import kotlin.jvm.internal.m;
import lj.p;
import wd.d;

/* compiled from: SslContextHelper.kt */
@Metadata
/* loaded from: classes3.dex */
public final class b {

    /* renamed from: c, reason: collision with root package name */
    public static final b f24604c = new b();

    /* renamed from: a, reason: collision with root package name */
    private static String f24602a = "X509";

    /* renamed from: b, reason: collision with root package name */
    private static String f24603b = "TLS";

    private b() {
    }

    private final List<X509Certificate> b(InputStream inputStream) {
        try {
            byte[][] a10 = a.f24601c.a(inputStream);
            ArrayList arrayList = new ArrayList(a10.length);
            for (byte[] bArr : a10) {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(new ByteArrayInputStream(bArr));
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                m.b(certificateFactory, "CertificateFactory.getInstance(\"X.509\")");
                Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
                if (generateCertificate == null) {
                    throw new r("null cannot be cast to non-null type java.security.cert.X509Certificate");
                }
                arrayList.add((X509Certificate) generateCertificate);
            }
            tj.b.a(inputStream, null);
            return arrayList;
        } catch (Throwable th2) {
            try {
                throw th2;
            } catch (Throwable th3) {
                tj.b.a(inputStream, th2);
                throw th3;
            }
        }
    }

    public final SSLContext a(InputStream inputStream, InputStream inputStream2, InputStream inputStream3) {
        int i10;
        KeyManager[] keyManagerArr;
        TrustManager[] trustManagerArr;
        String defaultType = KeyStore.getDefaultType();
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(f24602a);
        KeyStore keyStore = KeyStore.getInstance(defaultType);
        keyStore.load(null, null);
        if (inputStream2 == null || inputStream3 == null) {
            i10 = 0;
            keyManagerArr = null;
        } else {
            char[] charArray = "meiyoumima".toCharArray();
            m.b(charArray, "(this as java.lang.String).toCharArray()");
            List<X509Certificate> b10 = b(inputStream2);
            Iterator it = b10.iterator();
            int i11 = 0;
            while (it.hasNext()) {
                Object next = it.next();
                int i12 = i11 + 1;
                if (i11 < 0) {
                    p.o();
                }
                String str = "client" + i11;
                d.f39751a.l("SslContextHelper", "set client " + i11 + " as " + str);
                keyStore.setCertificateEntry(str, (X509Certificate) next);
                it = it;
                i11 = i12;
            }
            try {
                byte[] c10 = a.f24601c.c(inputStream3);
                tj.b.a(inputStream3, null);
                PrivateKey generatePrivate = (g.f25444a.b() ? KeyFactory.getInstance("RSA") : KeyFactory.getInstance("RSA", "BC")).generatePrivate(c(null, c10));
                i10 = 0;
                Object[] array = b10.toArray(new X509Certificate[0]);
                if (array == null) {
                    throw new r("null cannot be cast to non-null type kotlin.Array<T>");
                }
                keyStore.setKeyEntry(x0.KEY_RES_9_KEY, generatePrivate, charArray, (Certificate[]) array);
                d.f39751a.l("SslContextHelper", "set privateKey & clients(" + b10.size() + ')');
                kmf.init(keyStore, charArray);
                m.b(kmf, "kmf");
                keyManagerArr = kmf.getKeyManagers();
            } finally {
            }
        }
        if (inputStream != null) {
            try {
                for (Object obj : f24604c.b(inputStream)) {
                    int i13 = i10 + 1;
                    if (i10 < 0) {
                        p.o();
                    }
                    String str2 = com.igexin.push.core.b.f13303ac + i10;
                    d.f39751a.l("SslContextHelper", "set ca " + i10 + " as " + str2);
                    keyStore.setCertificateEntry(str2, (X509Certificate) obj);
                    i10 = i13;
                }
                String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
                m.b(defaultAlgorithm, "TrustManagerFactory.getDefaultAlgorithm()");
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
                trustManagerFactory.init(keyStore);
                m.b(trustManagerFactory, "TrustManagerFactory.getI…t(keyStore)\n            }");
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                tj.b.a(inputStream, null);
                trustManagerArr = trustManagers;
            } finally {
            }
        } else {
            trustManagerArr = null;
        }
        SSLContext sSLContext = SSLContext.getInstance(f24603b);
        sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
        m.b(sSLContext, "SSLContext.getInstance(t…SecureRandom())\n        }");
        return sSLContext;
    }

    public final PKCS8EncodedKeySpec c(char[] cArr, byte[] bArr) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidKeyException, InvalidAlgorithmParameterException {
        if (cArr == null) {
            return new PKCS8EncodedKeySpec(bArr);
        }
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(bArr);
        SecretKey generateSecret = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(cArr));
        Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
        cipher.init(2, generateSecret, encryptedPrivateKeyInfo.getAlgParameters());
        return encryptedPrivateKeyInfo.getKeySpec(cipher);
    }
}
