package com.orange.otvp.managers.stick.pairing.sslConfig;

import android.content.res.Resources;
import androidx.annotation.VisibleForTesting;
import androidx.compose.runtime.internal.StabilityInferred;
import com.orange.otvp.managers.stick.R;
import com.orange.pluginframework.core.PF;
import com.orange.pluginframework.parameters.PersistentParamAcceptAllCerts;
import com.orange.pluginframework.utils.logging.LogKt;
import com.orange.pluginframework.utils.network.HttpRequestBase;
import com.orange.pluginframework.utils.network.certificate.DebugCertificateUtil;
import java.io.BufferedInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.collections.ArraysKt;
import kotlin.io.CloseableKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Ref;
import org.assertj.core.internal.cglib.core.Constants;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.ocast.sdk.core.models.SSLConfiguration;

@StabilityInferred(parameters = 0)
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0016\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\f\bÇ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u000f\u0010\bJ\b\u0010\u0003\u001a\u0004\u0018\u00010\u0002R\u001c\u0010\u0005\u001a\u00020\u00048\u0006@\u0007X\u0087T¢\u0006\f\n\u0004\b\u0005\u0010\u0006\u0012\u0004\b\u0007\u0010\bR\u001c\u0010\t\u001a\u00020\u00048\u0006@\u0007X\u0087T¢\u0006\f\n\u0004\b\t\u0010\u0006\u0012\u0004\b\n\u0010\bR\u001c\u0010\u000b\u001a\u00020\u00048\u0006@\u0007X\u0087T¢\u0006\f\n\u0004\b\u000b\u0010\u0006\u0012\u0004\b\f\u0010\bR\u001c\u0010\r\u001a\u00020\u00048\u0006@\u0007X\u0087T¢\u0006\f\n\u0004\b\r\u0010\u0006\u0012\u0004\b\u000e\u0010\b¨\u0006\u0010"}, d2 = {"Lcom/orange/otvp/managers/stick/pairing/sslConfig/SSLConfigHelper;", "", "Lorg/ocast/sdk/core/models/SSLConfiguration;", "createSSLConfig", "", "CERTIFICATE_TYPE", "Ljava/lang/String;", "getCERTIFICATE_TYPE$annotations", "()V", "CERTIFICATE_ALIAS_ROOT", "getCERTIFICATE_ALIAS_ROOT$annotations", "CERTIFICATE_ALIAS_GENERIC", "getCERTIFICATE_ALIAS_GENERIC$annotations", "SSL_PROTOCOL", "getSSL_PROTOCOL$annotations", Constants.CONSTRUCTOR_NAME, "stick_classicRelease"}, k = 1, mv = {1, 5, 1})
/* loaded from: classes14.dex */
public final class SSLConfigHelper {
    public static final int $stable = 0;

    @NotNull
    public static final String CERTIFICATE_ALIAS_GENERIC = "Orange Devices Generic3 certificate";

    @NotNull
    public static final String CERTIFICATE_ALIAS_ROOT = "Orange Devices Root certificate";

    @NotNull
    public static final String CERTIFICATE_TYPE = "X.509";

    @NotNull
    public static final SSLConfigHelper INSTANCE = new SSLConfigHelper();

    @NotNull
    public static final String SSL_PROTOCOL = "TLS";

    private SSLConfigHelper() {
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r5v2, types: [java.security.cert.Certificate, T, java.lang.Object] */
    private final Certificate a(Resources resources, CertificateFactory certificateFactory) {
        final Ref.ObjectRef objectRef = new Ref.ObjectRef();
        InputStream openRawResource = resources.openRawResource(R.raw.od23_generic3);
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(openRawResource);
            ?? generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
            Intrinsics.checkNotNullExpressionValue(generateCertificate, "certificateFactory.generateCertificate(certificateInputStream)");
            objectRef.element = generateCertificate;
            LogKt.INSTANCE.d(new Function0<String>() { // from class: com.orange.otvp.managers.stick.pairing.sslConfig.SSLConfigHelper$createCertificateAliasGeneric$1$1
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(0);
                }

                @Override // kotlin.jvm.functions.Function0
                @NotNull
                public final String invoke() {
                    return "Orange Devices Generic3 certificate = " + ((X509Certificate) objectRef.element).getSubjectDN();
                }
            });
            bufferedInputStream.close();
            Unit unit = Unit.INSTANCE;
            CloseableKt.closeFinally(openRawResource, null);
            return (Certificate) objectRef.element;
        } finally {
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r5v2, types: [java.security.cert.Certificate, T, java.lang.Object] */
    private final Certificate b(Resources resources, CertificateFactory certificateFactory) {
        final Ref.ObjectRef objectRef = new Ref.ObjectRef();
        InputStream openRawResource = resources.openRawResource(R.raw.od0_root_ca);
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(openRawResource);
            ?? generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
            Intrinsics.checkNotNullExpressionValue(generateCertificate, "certificateFactory.generateCertificate(certificateInputStream)");
            objectRef.element = generateCertificate;
            LogKt.INSTANCE.d(new Function0<String>() { // from class: com.orange.otvp.managers.stick.pairing.sslConfig.SSLConfigHelper$createCertificateAliasRoot$1$1
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(0);
                }

                @Override // kotlin.jvm.functions.Function0
                @NotNull
                public final String invoke() {
                    return "Orange Devices Root certificate = " + ((X509Certificate) objectRef.element).getSubjectDN();
                }
            });
            bufferedInputStream.close();
            Unit unit = Unit.INSTANCE;
            CloseableKt.closeFinally(openRawResource, null);
            return (Certificate) objectRef.element;
        } finally {
        }
    }

    @VisibleForTesting
    public static /* synthetic */ void getCERTIFICATE_ALIAS_GENERIC$annotations() {
    }

    @VisibleForTesting
    public static /* synthetic */ void getCERTIFICATE_ALIAS_ROOT$annotations() {
    }

    @VisibleForTesting
    public static /* synthetic */ void getCERTIFICATE_TYPE$annotations() {
    }

    @VisibleForTesting
    public static /* synthetic */ void getSSL_PROTOCOL$annotations() {
    }

    @Nullable
    public final SSLConfiguration createSSLConfig() {
        try {
            Boolean acceptAllCerts = ((PersistentParamAcceptAllCerts) PF.persistentParameter(PersistentParamAcceptAllCerts.class)).get();
            Intrinsics.checkNotNullExpressionValue(acceptAllCerts, "acceptAllCerts");
            if (acceptAllCerts.booleanValue()) {
                X509TrustManager insecureTrustManager = DebugCertificateUtil.getDebugTrustManagerOne();
                Intrinsics.checkNotNullExpressionValue(insecureTrustManager, "insecureTrustManager");
                SSLSocketFactory sslSocketFactoryForDebugOverride = HttpRequestBase.getSslSocketFactoryForDebugOverride(insecureTrustManager);
                Intrinsics.checkNotNullExpressionValue(sslSocketFactoryForDebugOverride, "getSslSocketFactoryForDebugOverride(insecureTrustManager)");
                return new SSLConfiguration(insecureTrustManager, sslSocketFactoryForDebugOverride, a.f13916b);
            }
            Resources resources = PF.AppCtx().getResources();
            CertificateFactory certificateFactory = CertificateFactory.getInstance(CERTIFICATE_TYPE);
            Intrinsics.checkNotNullExpressionValue(resources, "resources");
            Intrinsics.checkNotNullExpressionValue(certificateFactory, "certificateFactory");
            Certificate b2 = b(resources, certificateFactory);
            Certificate a2 = a(resources, certificateFactory);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry(CERTIFICATE_ALIAS_ROOT, b2);
            keyStore.setCertificateEntry(CERTIFICATE_ALIAS_GENERIC, a2);
            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(KeyStore.getDefaultType()).apply {\n            load(null, null)\n            setCertificateEntry(CERTIFICATE_ALIAS_ROOT, certificateAliasRoot)\n            setCertificateEntry(CERTIFICATE_ALIAS_GENERIC, certificateAliasGeneric)\n        }");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            Intrinsics.checkNotNullExpressionValue(trustManagerFactory, "trustManagerFactory.apply {\n            init(keyStore)\n        }");
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            Intrinsics.checkNotNullExpressionValue(trustManagers, "trustManagerFactory.trustManagers");
            Object first = ArraysKt.first(trustManagers);
            if (first == null) {
                throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
            }
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            Intrinsics.checkNotNullExpressionValue(sSLContext, "getInstance(SSL_PROTOCOL).apply {\n            init(null, trustManagerFactory.trustManagers, null)\n        }");
            a aVar = a.f13917c;
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            Intrinsics.checkNotNullExpressionValue(socketFactory, "sslContext.socketFactory");
            return new SSLConfiguration((X509TrustManager) first, socketFactory, aVar);
        } catch (Exception e2) {
            LogKt.INSTANCE.e(new Function0<String>() { // from class: com.orange.otvp.managers.stick.pairing.sslConfig.SSLConfigHelper$createSSLConfig$2
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(0);
                }

                @Override // kotlin.jvm.functions.Function0
                @NotNull
                public final String invoke() {
                    return String.valueOf(e2.getMessage());
                }
            });
            return null;
        }
    }
}
