package com.citrix.commoncomponents.universal.helpers;

import android.content.Context;
import android.content.res.Resources;
import com.citrix.commoncomponents.utils.Log;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Properties;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class KeyStoreLoader {
    private static final String PROPERTY_PASSPHRASE = "passphrase";
    private static String certificateType = null;
    private static Context context = null;
    private static String keystorePassphrase = "";
    private static KeyStore liveTrustedKeystore;
    private static KeyStore testTrustedKeystore;
    private static TrustManager[] trustManagers;

    /* loaded from: classes.dex */
    public enum CertType {
        LIVE,
        TEST,
        TRUST_ALL;

        public static String[] toStringArray() {
            String[] strArr = new String[values().length];
            CertType[] values = values();
            int length = values.length;
            int i = 0;
            int i2 = 0;
            while (i < length) {
                strArr[i2] = values[i].toString();
                i++;
                i2++;
            }
            return strArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static class MultiTrustStoreManager implements X509TrustManager {
        private X509TrustManager colTrustManager;
        private X509TrustManager defaultTrustManager;
        private X509Certificate[] x509Certificates;

        MultiTrustStoreManager(X509TrustManager x509TrustManager, X509TrustManager x509TrustManager2) throws IllegalArgumentException {
            this.defaultTrustManager = null;
            this.colTrustManager = null;
            this.x509Certificates = null;
            if (x509TrustManager2 == null) {
                throw new IllegalArgumentException("The COL trustManager cannot be null");
            }
            ArrayList arrayList = new ArrayList();
            if (x509TrustManager == null) {
                this.defaultTrustManager = x509TrustManager2;
            } else {
                this.defaultTrustManager = x509TrustManager;
                Collections.addAll(arrayList, x509TrustManager.getAcceptedIssuers());
            }
            this.colTrustManager = x509TrustManager2;
            Collections.addAll(arrayList, x509TrustManager2.getAcceptedIssuers());
            this.x509Certificates = (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
            } catch (CertificateException unused) {
                this.colTrustManager.checkClientTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException unused) {
                this.colTrustManager.checkServerTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.x509Certificates;
        }
    }

    private KeyStoreLoader() {
    }

    private static TrustManager[] getAcceptAllCertificatesTestTrustManager() {
        return new TrustManager[]{new X509TrustManager() { // from class: com.citrix.commoncomponents.universal.helpers.KeyStoreLoader.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        }};
    }

    private static KeyStore getKeystore() {
        return certificateType.equals(CertType.TEST.toString()) ? testTrustedKeystore : liveTrustedKeystore;
    }

    private static X509TrustManager getTrustManager(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    public static TrustManager[] getTrustManagers() {
        return trustManagers;
    }

    public static synchronized void init(int i, int i2, int i3, String str, Context context2) {
        synchronized (KeyStoreLoader.class) {
            certificateType = str;
            context = context2;
            try {
                loadProperties(i3);
                loadKeystores(i, i2);
                loadTrustManager();
            } catch (Throwable unused) {
                Log.error("Unable to initialize KeyStoreLoader, will not be able to authenticate ssl connections. KeyStore loaded = false.");
            }
        }
    }

    private static synchronized void loadKeystores(int i, int i2) throws Exception {
        synchronized (KeyStoreLoader.class) {
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance("BKS");
                    liveTrustedKeystore = keyStore;
                    keyStore.load(context.getResources().openRawResource(i2), keystorePassphrase.toCharArray());
                    KeyStore keyStore2 = KeyStore.getInstance("BKS");
                    testTrustedKeystore = keyStore2;
                    keyStore2.load(context.getResources().openRawResource(i), keystorePassphrase.toCharArray());
                } catch (KeyStoreException e) {
                    Log.error("Error: Unable to load keystore");
                    throw new Exception(e);
                } catch (CertificateException e2) {
                    Log.error("Error: Unable to load keystore");
                    throw new Exception(e2);
                }
            } catch (IOException e3) {
                Log.error("Error: Unable to open/read keystore file");
                throw new Exception(e3);
            } catch (NoSuchAlgorithmException e4) {
                Log.error("Error: Unable to find a suitable algorithm");
                throw new Exception(e4);
            }
        }
    }

    private static void loadProperties(int i) throws Exception {
        try {
            InputStream openRawResource = context.getResources().openRawResource(i);
            Properties properties = new Properties();
            properties.load(openRawResource);
            keystorePassphrase = properties.getProperty(PROPERTY_PASSPHRASE);
        } catch (Resources.NotFoundException e) {
            System.out.println("Error: Unable to find the keystore properties file, cannot retrieve keystore's passphrase");
            throw new Exception(e);
        } catch (IOException e2) {
            System.out.println("Error: Unable to open/read the keystore properties file, cannot retrieve keystore's passphrase");
            throw new Exception(e2);
        }
    }

    public static void loadTrustManager() throws Exception {
        Log.info("KeyStoreLoader.loadTrustManager(): CertificateType to use: " + certificateType);
        if (certificateType.equals(CertType.TRUST_ALL.toString())) {
            trustManagers = getAcceptAllCertificatesTestTrustManager();
            return;
        }
        try {
            trustManagers = new TrustManager[]{new MultiTrustStoreManager(getTrustManager(null), getTrustManager(getKeystore()))};
        } catch (Resources.NotFoundException e) {
            Log.error("Error: Unable to find keystore file");
            throw new Exception(e);
        } catch (IllegalArgumentException e2) {
            Log.error("Error: Unable to create MultiTrustStoreManager");
            throw new Exception(e2);
        } catch (KeyStoreException e3) {
            Log.error("Error: Unable to load keystore");
            throw new Exception(e3);
        } catch (NoSuchAlgorithmException e4) {
            Log.error("Error: Unable to find a suitable algorithm");
            throw new Exception(e4);
        }
    }

    static void setKeyStore(KeyStore keyStore, KeyStore keyStore2) {
        liveTrustedKeystore = keyStore;
        testTrustedKeystore = keyStore2;
    }
}
