package com.turkcell.android.network;

import android.content.Context;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.jvm.internal.p;
import kotlin.text.f;
import okhttp3.CertificatePinner;

/* loaded from: classes2.dex */
public final class CertificateManager {
    private final Context context;
    public SSLSocketFactory sslSocketFactory;
    public X509TrustManager trustManager;

    public CertificateManager(Context context) {
        p.g(context, "context");
        this.context = context;
        try {
            setTrustManager(trustManagerForCertificates(trustedCertificatesInputStream()));
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{getTrustManager()}, null);
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            p.f(socketFactory, "sslContext.socketFactory");
            setSslSocketFactory(socketFactory);
        } catch (GeneralSecurityException e10) {
            throw new RuntimeException(e10);
        }
    }

    private final KeyStore newEmptyKeyStore(char[] cArr) throws GeneralSecurityException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, cArr);
            p.f(keyStore, "{\n            val keySto…       keyStore\n        }");
            return keyStore;
        } catch (IOException e10) {
            throw new AssertionError(e10);
        }
    }

    private final String removeUrlProtocol(String str) {
        return new f("https?://").a(str, "");
    }

    private final X509TrustManager trustManagerForCertificates(ArrayList<InputStream> arrayList) throws GeneralSecurityException {
        char[] charArray = "password".toCharArray();
        p.f(charArray, "this as java.lang.String).toCharArray()");
        KeyStore newEmptyKeyStore = newEmptyKeyStore(charArray);
        Iterator<T> it = arrayList.iterator();
        int i10 = 0;
        while (true) {
            if (!it.hasNext()) {
                KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).init(newEmptyKeyStore, charArray);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(newEmptyKeyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                    TrustManager trustManager = trustManagers[0];
                    p.e(trustManager, "null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
                    return (X509TrustManager) trustManager;
                }
                throw new IllegalStateException(("Unexpected default trust managers:" + Arrays.toString(trustManagers)).toString());
            }
            Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates((InputStream) it.next());
            if (!(true ^ generateCertificates.isEmpty())) {
                throw new IllegalArgumentException("expected non-empty set of trusted certificates".toString());
            }
            Iterator<? extends Certificate> it2 = generateCertificates.iterator();
            while (it2.hasNext()) {
                newEmptyKeyStore.setCertificateEntry(Integer.toString(i10), it2.next());
                i10++;
            }
        }
    }

    private final ArrayList<InputStream> trustedCertificatesInputStream() {
        ArrayList<InputStream> arrayList = new ArrayList<>();
        arrayList.add(this.context.getResources().openRawResource(R.raw.wc_turkcell_com_tr_20230617));
        arrayList.add(this.context.getResources().openRawResource(R.raw.turkcellcomtr20240525));
        arrayList.add(this.context.getResources().openRawResource(R.raw.superonlinenet20240525));
        return arrayList;
    }

    public final CertificatePinner getCertificatePinner(String domain) {
        p.g(domain, "domain");
        CertificatePinner build = new CertificatePinner.Builder().add(removeUrlProtocol(domain), "sha256/A5710F77E0974A599C2D7615E636C88369F0BC3BF9EF71DBCF13CFD9A885C771").build();
        p.f(build, "Builder()\n            .a…HA4)\n            .build()");
        return build;
    }

    public final SSLSocketFactory getSslSocketFactory() {
        SSLSocketFactory sSLSocketFactory = this.sslSocketFactory;
        if (sSLSocketFactory != null) {
            return sSLSocketFactory;
        }
        p.x("sslSocketFactory");
        return null;
    }

    public final X509TrustManager getTrustManager() {
        X509TrustManager x509TrustManager = this.trustManager;
        if (x509TrustManager != null) {
            return x509TrustManager;
        }
        p.x("trustManager");
        return null;
    }

    public final void setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        p.g(sSLSocketFactory, "<set-?>");
        this.sslSocketFactory = sSLSocketFactory;
    }

    public final void setTrustManager(X509TrustManager x509TrustManager) {
        p.g(x509TrustManager, "<set-?>");
        this.trustManager = x509TrustManager;
    }
}
