package com.fbs.coreNetwork.mtls;

import android.content.Context;
import android.util.Base64;
import com.e7;
import com.fbs.archBase.log.FbsLog;
import com.getkeepsafe.relinker.ReLinkerInstance;
import java.io.ByteArrayInputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.ranges.IntProgressionIterator;
import kotlin.ranges.IntRange;
import kotlin.ranges.RangesKt;
import kotlin.text.Charsets;
import kotlin.text.StringsKt;
import org.jetbrains.annotations.NotNull;

/* compiled from: OkHttpTrustClient.kt */
@Metadata(d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0004\bÆ\u0002\u0018\u00002\u00020\u0001:\u0001\u0004B\t\b\u0002¢\u0006\u0004\b\u0002\u0010\u0003¨\u0006\u0005"}, d2 = {"Lcom/fbs/coreNetwork/mtls/OkHttpTrustClient;", "", "<init>", "()V", "TrustClientConfig", "core-network_release"}, k = 1, mv = {1, 9, 0})
@SourceDebugExtension
/* loaded from: classes3.dex */
public final class OkHttpTrustClient {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    public static final OkHttpTrustClient f6012a = new OkHttpTrustClient();

    /* compiled from: OkHttpTrustClient.kt */
    @Metadata(d1 = {"\u0000\n\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\u0018\u00002\u00020\u0001¨\u0006\u0002"}, d2 = {"Lcom/fbs/coreNetwork/mtls/OkHttpTrustClient$TrustClientConfig;", "", "core-network_release"}, k = 1, mv = {1, 9, 0})
    /* loaded from: classes3.dex */
    public static final class TrustClientConfig {

        /* renamed from: a, reason: collision with root package name */
        @NotNull
        public final SSLSocketFactory f6013a;

        @NotNull
        public final X509TrustManager b;

        @NotNull
        public final PrivateKey c;

        public TrustClientConfig(@NotNull SSLSocketFactory sSLSocketFactory, @NotNull X509TrustManager x509TrustManager, @NotNull PrivateKey privateKey) {
            this.f6013a = sSLSocketFactory;
            this.b = x509TrustManager;
            this.c = privateKey;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @NotNull
    public static ArrayList a(@NotNull Context context) {
        NdkCloudflareCertManager.f6011a.getClass();
        new ReLinkerInstance().b(context);
        NdkCloudflareCertManager ndkCloudflareCertManager = new NdkCloudflareCertManager();
        List<String> c = ndkCloudflareCertManager.c();
        ArrayList arrayList = new ArrayList();
        for (Object obj : c) {
            if (true ^ StringsKt.y((String) obj)) {
                arrayList.add(obj);
            }
        }
        List<String> a2 = ndkCloudflareCertManager.a();
        ArrayList arrayList2 = new ArrayList();
        for (Object obj2 : a2) {
            if (!StringsKt.y((String) obj2)) {
                arrayList2.add(obj2);
            }
        }
        char[] b = ndkCloudflareCertManager.b();
        int min = Math.min(arrayList.size(), arrayList2.size());
        if (arrayList.size() != arrayList2.size() || min == 0) {
            FbsLog.b(FbsLog.f5959a, null, new IllegalStateException("Certs error: " + arrayList.size() + " keys, " + arrayList2.size() + " certs"), new Function0<String>() { // from class: com.fbs.coreNetwork.mtls.OkHttpTrustClient$setUpClientConfigs$1
                @Override // kotlin.jvm.functions.Function0
                public final /* bridge */ /* synthetic */ String invoke() {
                    return "Certs error";
                }
            }, 1);
        }
        IntRange m = RangesKt.m(0, min);
        ArrayList arrayList3 = new ArrayList(CollectionsKt.o(m, 10));
        IntProgressionIterator it = m.iterator();
        while (it.c) {
            int a3 = it.a();
            String str = (String) arrayList.get(a3);
            String str2 = (String) arrayList2.get(a3);
            f6012a.getClass();
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(str, 0)));
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(e7.s("-----BEGIN CERTIFICATE-----\n", str2, "\n-----END CERTIFICATE-----").getBytes(Charsets.b));
            Certificate generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, b);
            keyStore.setKeyEntry("client", generatePrivate, b, new Certificate[]{generateCertificate});
            byteArrayInputStream.close();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, b);
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            sSLContext.init(keyManagers, trustManagers, new SecureRandom());
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            X509TrustManager x509TrustManager = (X509TrustManager) trustManagers[0];
            new X509Certificate[1][0] = generateCertificate;
            arrayList3.add(new TrustClientConfig(socketFactory, x509TrustManager, generatePrivate));
        }
        return arrayList3;
    }
}
