package sberid.sdk.auth.network.tsl;

import android.content.res.Resources;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt__CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import sberid.sdk.auth.R;

@Metadata
/* loaded from: classes7.dex */
public final class X509TrustManagerProviderKt {

    /* renamed from: a, reason: collision with root package name */
    public static final List f123293a;

    static {
        List q;
        q = CollectionsKt__CollectionsKt.q(Integer.valueOf(R.raw.f123185f), Integer.valueOf(R.raw.f123186g), Integer.valueOf(R.raw.f123187h), Integer.valueOf(R.raw.i), Integer.valueOf(R.raw.f123184e), Integer.valueOf(R.raw.f123183d), Integer.valueOf(R.raw.f123180a), Integer.valueOf(R.raw.f123181b), Integer.valueOf(R.raw.f123182c));
        f123293a = q;
    }

    public static final KeyStore a(KeyStore keyStore) {
        TrustManager[] trustManagers;
        boolean z;
        int i;
        try {
            TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            factory.init((KeyStore) null);
            Intrinsics.checkNotNullExpressionValue(factory, "factory");
            trustManagers = factory.getTrustManagers();
            Intrinsics.h(trustManagers);
            z = true;
            if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
                z = false;
            }
        } catch (KeyStoreException | NoSuchAlgorithmException unused) {
        }
        if (!z) {
            StringBuilder sb = new StringBuilder();
            sb.append("Unexpected default trust managers: ");
            String arrays = Arrays.toString(trustManagers);
            Intrinsics.checkNotNullExpressionValue(arrays, "java.util.Arrays.toString(this)");
            sb.append(arrays);
            throw new IllegalStateException(sb.toString().toString());
        }
        TrustManager trustManager = trustManagers[0];
        if (trustManager == null) {
            throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
        }
        X509Certificate[] acceptedIssuers = ((X509TrustManager) trustManager).getAcceptedIssuers();
        Intrinsics.checkNotNullExpressionValue(acceptedIssuers, "(trustManagers[0] as X50…tManager).acceptedIssuers");
        int length = acceptedIssuers.length;
        for (i = 0; i < length; i++) {
            keyStore.setCertificateEntry("item_" + i, acceptedIssuers[i]);
        }
        return keyStore;
    }

    public static final void b(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (IOException unused) {
            }
        }
    }

    public static final CertificateFactory c() {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            Intrinsics.checkNotNullExpressionValue(certificateFactory, "CertificateFactory.getInstance(CERTIFICATE_FORMAT)");
            return certificateFactory;
        } catch (CertificateException e2) {
            throw new Exception("X.509 is supported everywhere", e2);
        }
    }

    public static final KeyStore d(Resources resources, boolean z) {
        CertificateFactory c2 = c();
        KeyStore e2 = e();
        Iterator it = f123293a.iterator();
        while (it.hasNext()) {
            g(c2, e2, resources, ((Number) it.next()).intValue());
        }
        return !z ? e2 : a(e2);
    }

    public static final KeyStore e() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            Intrinsics.checkNotNullExpressionValue(keyStore, "KeyStore.getInstance(Key…oad(null, null)\n        }");
            return keyStore;
        } catch (IOException e2) {
            throw new Exception("There must be no error with this KeyStore's format", e2);
        } catch (KeyStoreException e3) {
            throw new Exception("KeyStore with default type can be always created", e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new Exception("KeyStore is empty now, there is no need for integrity checking algorithm", e4);
        } catch (CertificateException e5) {
            throw new Exception("There are no certificates in KeyStore, so no exception may be thrown", e5);
        }
    }

    public static final X509TrustManager f(Resources resources, boolean z) {
        Intrinsics.checkNotNullParameter(resources, "resources");
        try {
            TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            tmf.init(d(resources, z));
            Intrinsics.checkNotNullExpressionValue(tmf, "tmf");
            TrustManager trustManager = tmf.getTrustManagers()[0];
            if (trustManager != null) {
                return (X509TrustManager) trustManager;
            }
            throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
        } catch (KeyStoreException | NoSuchAlgorithmException | Exception unused) {
            return null;
        }
    }

    public static final void g(CertificateFactory certificateFactory, KeyStore keyStore, Resources resources, int i) {
        InputStream inputStream = null;
        try {
            try {
                inputStream = resources.openRawResource(i);
                keyStore.setCertificateEntry(resources.getResourceName(i), certificateFactory.generateCertificate(inputStream));
            } catch (KeyStoreException e2) {
                throw new Exception("KeyStore is inited already, aliases aren't repeated certainly", e2);
            } catch (CertificateException e3) {
                throw new Exception("Certificate is certainly valid", e3);
            }
        } finally {
            b(inputStream);
        }
    }
}
