package io.mewtant.lib_network.kits;

import android.content.Context;
import android.os.Build;
import io.mewtant.lib_network.R;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Regex;
import kotlin.text.StringsKt;
import okhttp3.OkHttpClient;

/* compiled from: MTLSKits.kt */
@Metadata(d1 = {"\u0000\u0014\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\u001a\u0010\u0010\u0002\u001a\u0004\u0018\u00010\u00032\u0006\u0010\u0004\u001a\u00020\u0005\"\u000e\u0010\u0000\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000¨\u0006\u0006"}, d2 = {"SECRET", "", "getMTLSClient", "Lokhttp3/OkHttpClient$Builder;", "context", "Landroid/content/Context;", "lib-network_release"}, k = 2, mv = {1, 9, 0}, xi = 48)
/* loaded from: classes5.dex */
public final class MTLSKitsKt {
    private static final String SECRET = "secret";

    public static final OkHttpClient.Builder getMTLSClient(Context context) {
        byte[] decode;
        Intrinsics.checkNotNullParameter(context, "context");
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            Intrinsics.checkNotNullExpressionValue(certificateFactory, "getInstance(...)");
            InputStream openRawResource = context.getResources().openRawResource(R.raw.pixai);
            Intrinsics.checkNotNullExpressionValue(openRawResource, "openRawResource(...)");
            byte[] bArr = new byte[openRawResource.available()];
            openRawResource.read(bArr);
            Charset defaultCharset = Charset.defaultCharset();
            Intrinsics.checkNotNullExpressionValue(defaultCharset, "defaultCharset(...)");
            String replace$default = StringsKt.replace$default(new String(bArr, defaultCharset), "-----BEGIN PRIVATE KEY-----", "", false, 4, (Object) null);
            String lineSeparator = System.lineSeparator();
            Intrinsics.checkNotNullExpressionValue(lineSeparator, "lineSeparator(...)");
            String replace$default2 = StringsKt.replace$default(new Regex(lineSeparator).replace(replace$default, ""), "-----END PRIVATE KEY-----", "", false, 4, (Object) null);
            if (Build.VERSION.SDK_INT >= 26) {
                decode = Base64.getDecoder().decode(replace$default2);
                Intrinsics.checkNotNull(decode);
            } else {
                decode = android.util.Base64.decode(replace$default2, 0);
                Intrinsics.checkNotNull(decode);
            }
            KeyFactory keyFactory = KeyFactory.getInstance("EC");
            Intrinsics.checkNotNullExpressionValue(keyFactory, "getInstance(...)");
            PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(decode);
            InputStream openRawResource2 = context.getResources().openRawResource(R.raw.pixai_pub);
            Intrinsics.checkNotNullExpressionValue(openRawResource2, "openRawResource(...)");
            Certificate generateCertificate = certificateFactory.generateCertificate(openRawResource2);
            Intrinsics.checkNotNullExpressionValue(generateCertificate, "generateCertificate(...)");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(...)");
            char[] charArray = SECRET.toCharArray();
            Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
            keyStore.load(null, charArray);
            PrivateKey generatePrivate = keyFactory.generatePrivate(pKCS8EncodedKeySpec);
            char[] charArray2 = SECRET.toCharArray();
            Intrinsics.checkNotNullExpressionValue(charArray2, "toCharArray(...)");
            keyStore.setKeyEntry("client", generatePrivate, charArray2, new Certificate[]{generateCertificate});
            openRawResource2.close();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            Intrinsics.checkNotNullExpressionValue(trustManagerFactory, "getInstance(...)");
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            Intrinsics.checkNotNullExpressionValue(trustManagers, "getTrustManagers(...)");
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            Intrinsics.checkNotNullExpressionValue(keyManagerFactory, "getInstance(...)");
            char[] charArray3 = SECRET.toCharArray();
            Intrinsics.checkNotNullExpressionValue(charArray3, "toCharArray(...)");
            keyManagerFactory.init(keyStore, charArray3);
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            Intrinsics.checkNotNullExpressionValue(keyManagers, "getKeyManagers(...)");
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            Intrinsics.checkNotNullExpressionValue(sSLContext, "getInstance(...)");
            sSLContext.init(keyManagers, trustManagers, new SecureRandom());
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            Intrinsics.checkNotNullExpressionValue(socketFactory, "getSocketFactory(...)");
            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            TrustManager trustManager = trustManagers[0];
            Intrinsics.checkNotNull(trustManager, "null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
            return builder.sslSocketFactory(socketFactory, (X509TrustManager) trustManager);
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        } catch (KeyManagementException e2) {
            e2.printStackTrace();
            return null;
        } catch (KeyStoreException e3) {
            e3.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e4) {
            e4.printStackTrace();
            return null;
        } catch (UnrecoverableKeyException e5) {
            e5.printStackTrace();
            return null;
        } catch (CertificateException e6) {
            e6.printStackTrace();
            return null;
        } catch (InvalidKeySpecException e7) {
            e7.printStackTrace();
            return null;
        }
    }
}
