package com.here.network;

import android.util.Log;
import com.umeng.analytics.pro.bz;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes4.dex */
class NetworkSSLContextFactory {
    private static final String LOGTAG = "NetworkSSLContextFactory";
    private static final String PKCS_1_PEM_FOOTER = "-----END RSA PRIVATE KEY-----";
    private static final String PKCS_1_PEM_HEADER = "-----BEGIN RSA PRIVATE KEY-----";
    private static final String PKCS_8_PEM_FOOTER = "-----END PRIVATE KEY-----";
    private static final String PKCS_8_PEM_HEADER = "-----BEGIN PRIVATE KEY-----";
    private static final String X509_CERT_PEM_FOOTER = "-----END CERTIFICATE-----";
    private static final String X509_CERT_PEM_HEADER = "-----BEGIN CERTIFICATE-----";
    private CertificateFactory m_certificateFactory;
    private KeyFactory m_keyFactory;
    private Map<Parameters, SSLContext> m_sslContextCache;

    /* loaded from: classes4.dex */
    private static class LazyHolder {
        private static final NetworkSSLContextFactory INSTANCE = new NetworkSSLContextFactory();

        private LazyHolder() {
        }
    }

    /* loaded from: classes4.dex */
    public static class Parameters {
        private final String m_caCertificatePem;
        private final String m_certificatesPath;
        private final String m_clientCertificatePem;
        private final String m_clientPrivateKeyPem;
        private final Mode m_mode;

        /* loaded from: classes4.dex */
        public enum Mode {
            PATH,
            PEM
        }

        private Parameters(Mode mode, String str, String str2, String str3, String str4) {
            this.m_mode = mode;
            this.m_certificatesPath = str;
            this.m_caCertificatePem = str2;
            this.m_clientCertificatePem = str3;
            this.m_clientPrivateKeyPem = str4;
        }

        private Object[] asObjectArray() {
            return new Object[]{this.m_mode, this.m_certificatesPath, this.m_caCertificatePem, this.m_clientCertificatePem, this.m_clientPrivateKeyPem};
        }

        public static Parameters fromPath(String str) {
            return new Parameters(Mode.PATH, str, null, null, null);
        }

        public static Parameters fromPem(String str, String str2, String str3) {
            return new Parameters(Mode.PEM, null, str, str2, str3);
        }

        public String caCertificatePem() {
            return this.m_caCertificatePem;
        }

        public String certificatesPath() {
            return this.m_certificatesPath;
        }

        public String clientCertificatePem() {
            return this.m_clientCertificatePem;
        }

        public String clientPrivateKeyPem() {
            return this.m_clientPrivateKeyPem;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            Object[] asObjectArray = asObjectArray();
            Object[] asObjectArray2 = ((Parameters) obj).asObjectArray();
            if (asObjectArray.length != asObjectArray2.length) {
                return false;
            }
            for (int i = 0; i < asObjectArray.length; i++) {
                if (!Objects.equals(asObjectArray[i], asObjectArray2[i])) {
                    return false;
                }
            }
            return true;
        }

        public int hashCode() {
            return Objects.hash(asObjectArray());
        }

        public Mode mode() {
            return this.m_mode;
        }
    }

    private NetworkSSLContextFactory() {
        this.m_sslContextCache = new HashMap();
        this.m_certificateFactory = null;
        this.m_keyFactory = null;
        try {
            this.m_certificateFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            Log.e(LOGTAG, "X509 CertificateFactory failed to create" + e);
        }
    }

    private SSLContext generateSSLContextUsingPath(Parameters parameters) {
        if (this.m_certificateFactory == null) {
            Log.w(LOGTAG, "generateSSLContext failed since certificateFactory is null");
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            List<File> listFiles = getListFiles(new File(parameters.certificatesPath()));
            for (int i = 0; i < listFiles.size(); i++) {
                File file = listFiles.get(i);
                Certificate loadCertificate = loadCertificate(file);
                if (loadCertificate != null) {
                    keyStore.setCertificateEntry(file.getName(), loadCertificate);
                } else {
                    Log.e(LOGTAG, "invalid certificate file " + file.getName());
                }
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (Exception e) {
            Log.e(LOGTAG, "generateSSLContext: Failed to generate ssl context: " + e);
            return null;
        }
    }

    private SSLContext generateSSLContextUsingPem(Parameters parameters) {
        String str;
        if (this.m_certificateFactory == null) {
            str = "generateSSLContextUsingPem: certificateFactory is null";
        } else if (this.m_keyFactory == null) {
            str = "generateSSLContextUsingPem: keyFactory is null";
        } else {
            char[] charArray = "".toCharArray();
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null);
                ArrayList<X509Certificate> readX509PemCertificates = parameters.caCertificatePem() != null ? readX509PemCertificates(parameters.caCertificatePem()) : null;
                X509Certificate readX509PemCertificate = parameters.clientCertificatePem() != null ? readX509PemCertificate(parameters.clientCertificatePem()) : null;
                PrivateKey readPkcsPemPrivateKey = parameters.clientPrivateKeyPem() != null ? readPkcsPemPrivateKey(parameters.clientPrivateKeyPem()) : null;
                if (readX509PemCertificates != null) {
                    Iterator<X509Certificate> it = readX509PemCertificates.iterator();
                    while (it.hasNext()) {
                        X509Certificate next = it.next();
                        keyStore.setCertificateEntry(next.getSubjectX500Principal().getName(), next);
                    }
                }
                if (readX509PemCertificate != null && readPkcsPemPrivateKey != null) {
                    keyStore.setKeyEntry(readX509PemCertificate.getSubjectX500Principal().getName(), readPkcsPemPrivateKey, charArray, new Certificate[]{readX509PemCertificate});
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, charArray);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                return sSLContext;
            } catch (Exception e) {
                str = "generateSSLContextUsingPem: Failed to generate ssl context: " + e;
            }
        }
        Log.e(LOGTAG, str);
        return null;
    }

    public static NetworkSSLContextFactory getInstance() {
        return LazyHolder.INSTANCE;
    }

    private List<File> getListFiles(File file) {
        ArrayList arrayList = new ArrayList();
        for (File file2 : file.listFiles()) {
            if (file2.isDirectory()) {
                arrayList.addAll(getListFiles(file2));
            } else if (file2.length() > 1) {
                arrayList.add(file2);
            }
        }
        return arrayList;
    }

    private void initKeyFactory() {
        try {
            if (this.m_keyFactory == null) {
                this.m_keyFactory = KeyFactory.getInstance("RSA");
            }
        } catch (Exception e) {
            Log.e(LOGTAG, "initKeyFactory: Could not get instance of key factory: " + e);
        }
    }

    private Certificate loadCertificate(File file) {
        StringBuilder sb;
        if (file.exists()) {
            try {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
                Certificate generateCertificate = this.m_certificateFactory.generateCertificate(bufferedInputStream);
                bufferedInputStream.close();
                return generateCertificate;
            } catch (Exception e) {
                sb = new StringBuilder();
                sb.append("Load certificate failed ");
                sb.append(e);
            }
        } else {
            sb = new StringBuilder();
            sb.append("certificate file ");
            sb.append(file.getName());
            sb.append("does not exist");
        }
        Log.e(LOGTAG, sb.toString());
        return null;
    }

    private PrivateKey readPkcs1PrivateKey(byte[] bArr) {
        int length = bArr.length;
        int i = (length + 26) - 4;
        byte[] bArr2 = {48, -126, (byte) ((i >> 8) & 255), (byte) (i & 255), 2, 1, 0, 48, bz.k, 6, 9, 42, -122, 72, -122, -9, bz.k, 1, 1, 1, 5, 0, 4, -126, (byte) ((length >> 8) & 255), (byte) (length & 255)};
        byte[] bArr3 = new byte[bArr.length + 26];
        System.arraycopy(bArr2, 0, bArr3, 0, 26);
        System.arraycopy(bArr, 0, bArr3, 26, bArr.length);
        return readPkcs8PrivateKey(bArr3);
    }

    private PrivateKey readPkcs8PrivateKey(byte[] bArr) {
        try {
            return this.m_keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception e) {
            Log.e(LOGTAG, "readPkcs8PrivateKey: Unable to decode private key: " + e);
            return null;
        }
    }

    private X509Certificate readX509PemCertificate(String str) {
        if (str == null || !str.contains(X509_CERT_PEM_HEADER) || !str.contains(X509_CERT_PEM_FOOTER)) {
            Log.e(LOGTAG, "readX509PemCertificate: bad input");
            return null;
        }
        try {
            return (X509Certificate) this.m_certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(str.substring(str.indexOf(X509_CERT_PEM_HEADER) + 27, str.indexOf(X509_CERT_PEM_FOOTER)).replace("\n", ""))));
        } catch (Exception e) {
            Log.e(LOGTAG, "readX509PemCertificate: Failed to read PEM: " + e);
            return null;
        }
    }

    private ArrayList<X509Certificate> readX509PemCertificates(String str) {
        String str2;
        if (str != null && str.contains(X509_CERT_PEM_HEADER) && str.contains(X509_CERT_PEM_FOOTER)) {
            ArrayList<X509Certificate> arrayList = new ArrayList<>();
            for (String str3 : str.replace("\n", "").replace(X509_CERT_PEM_FOOTER, "-----END CERTIFICATE-----\n").split("\n")) {
                X509Certificate readX509PemCertificate = readX509PemCertificate(str3);
                if (readX509PemCertificate == null) {
                    str2 = "readX509PemCertificates: Failed to read PEM";
                } else {
                    arrayList.add(readX509PemCertificate);
                }
            }
            return arrayList;
        }
        str2 = "readX509PemCertificates: bad input";
        Log.e(LOGTAG, str2);
        return null;
    }

    public synchronized SSLContext getSSLContext(Parameters parameters) {
        SSLContext sSLContext;
        sSLContext = this.m_sslContextCache.get(parameters);
        if (sSLContext == null) {
            if (parameters.mode() == Parameters.Mode.PEM) {
                initKeyFactory();
                sSLContext = generateSSLContextUsingPem(parameters);
            } else if (parameters.mode() == Parameters.Mode.PATH) {
                sSLContext = generateSSLContextUsingPath(parameters);
            }
            if (sSLContext != null) {
                this.m_sslContextCache.put(parameters, sSLContext);
            } else {
                Log.e(LOGTAG, "getOrGenerateSslContext: Could not create SSL context - invalid parameters");
            }
        }
        return sSLContext;
    }

    public PrivateKey readPkcsPemPrivateKey(String str) {
        String str2;
        if (str == null) {
            str2 = "readPkcsPemPrivateKey: bad input";
        } else {
            if (str.contains(PKCS_1_PEM_HEADER) && str.contains(PKCS_1_PEM_FOOTER)) {
                return readPkcs1PrivateKey(Base64.getDecoder().decode(str.substring(str.indexOf(PKCS_1_PEM_HEADER) + 31, str.indexOf(PKCS_1_PEM_FOOTER)).replace("\n", "")));
            }
            if (str.contains(PKCS_8_PEM_HEADER) && str.contains(PKCS_8_PEM_FOOTER)) {
                return readPkcs8PrivateKey(Base64.getDecoder().decode(str.substring(str.indexOf(PKCS_8_PEM_HEADER) + 27, str.indexOf(PKCS_8_PEM_FOOTER)).replace("\n", "")));
            }
            str2 = "readPkcsPemPrivateKey: Key in unsupported format";
        }
        Log.e(LOGTAG, str2);
        return null;
    }
}
