package net.echotag.sdk.server.core.secured;

import android.content.Context;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.support.annotation.RawRes;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes2.dex */
public class SSLSocketFactoryBuilder {
    private static final String SERVER_TRUSTED_CERTIFICATE_ALIAS = "ca";
    private final Context mContext;
    private int mPrivateKeyResource;
    private List<Integer> mServerTrustedCertificateResources;
    private int mUserCertificateResource;
    private String mCertificateFactoryType = "X.509";
    private String mCertificateFactoryProvider = null;
    private String mKeyFactoryAlgorithm = "RSA";
    private String mKeyFactoryProvider = null;
    private X509Certificate mUserCertificate = null;
    private PrivateKey mPrivateKey = null;
    private KeyStore mUserCredentialsKeystore = null;
    private String mTrustManagerFactoryAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
    private String mKeyManagerFactoryAlgorithm = "X509";
    private SSLProtocol mSSLProtocol = SSLProtocol.TLS;

    public SSLSocketFactoryBuilder(@NonNull Context context) {
        this.mContext = context;
    }

    @NonNull
    private CertificateFactory loadCertificateFactory() throws CertificateException, NoSuchProviderException {
        return this.mCertificateFactoryProvider == null ? CertificateFactory.getInstance(this.mCertificateFactoryType) : CertificateFactory.getInstance(this.mCertificateFactoryType, this.mCertificateFactoryProvider);
    }

    @Nullable
    private KeyManagerFactory loadKMF(@Nullable X509Certificate x509Certificate, @Nullable PrivateKey privateKey) throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, UnrecoverableKeyException {
        KeyStore keyStore;
        if (this.mUserCredentialsKeystore != null) {
            keyStore = this.mUserCredentialsKeystore;
        } else {
            if (x509Certificate == null) {
                return null;
            }
            KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore2.load(null);
            String name = x509Certificate.getSubjectDN().getName();
            if (privateKey == null) {
                keyStore2.setCertificateEntry(name, x509Certificate);
            } else {
                keyStore2.setKeyEntry(name, privateKey, null, new Certificate[]{x509Certificate});
            }
            keyStore = keyStore2;
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.mKeyManagerFactoryAlgorithm);
        keyManagerFactory.init(keyStore, null);
        return keyManagerFactory;
    }

    @NonNull
    private List<X509Certificate> loadServerTrustedCertificates(@NonNull CertificateFactory certificateFactory) throws CertificateException, NoSuchProviderException, IOException {
        ArrayList arrayList = new ArrayList();
        if (this.mServerTrustedCertificateResources == null) {
            return arrayList;
        }
        Iterator<Integer> it = this.mServerTrustedCertificateResources.iterator();
        while (it.hasNext()) {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(this.mContext.getResources().openRawResource(it.next().intValue()));
            arrayList.add((X509Certificate) certificateFactory.generateCertificate(bufferedInputStream));
            bufferedInputStream.close();
        }
        return arrayList;
    }

    @Nullable
    private TrustManagerFactory loadTMF(@NonNull List<X509Certificate> list) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        if (list.size() == 0) {
            return null;
        }
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        for (int i = 0; i < list.size(); i++) {
            keyStore.setCertificateEntry(i == 0 ? SERVER_TRUSTED_CERTIFICATE_ALIAS : SERVER_TRUSTED_CERTIFICATE_ALIAS + (i + 1), list.get(i));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.mTrustManagerFactoryAlgorithm);
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    @Nullable
    private PrivateKey loadUserCertPrivateKey() throws NoSuchAlgorithmException, NoSuchProviderException, IOException, InvalidKeySpecException {
        if (this.mPrivateKey != null) {
            return this.mPrivateKey;
        }
        if (this.mPrivateKeyResource == 0) {
            return null;
        }
        KeyFactory keyFactory = this.mKeyFactoryProvider == null ? KeyFactory.getInstance(this.mKeyFactoryAlgorithm) : KeyFactory.getInstance(this.mKeyFactoryAlgorithm, this.mKeyFactoryProvider);
        BufferedInputStream bufferedInputStream = new BufferedInputStream(this.mContext.getResources().openRawResource(this.mPrivateKeyResource));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[1024];
        while (true) {
            int read = bufferedInputStream.read(bArr, 0, bArr.length);
            if (read == -1) {
                bufferedInputStream.close();
                byteArrayOutputStream.flush();
                PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(byteArrayOutputStream.toByteArray());
                byteArrayOutputStream.close();
                return keyFactory.generatePrivate(pKCS8EncodedKeySpec);
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    @Nullable
    private X509Certificate loadUserCertificate(@NonNull CertificateFactory certificateFactory) throws CertificateException {
        if (this.mUserCertificate != null) {
            return this.mUserCertificate;
        }
        if (this.mUserCertificateResource != 0) {
            return (X509Certificate) certificateFactory.generateCertificate(new BufferedInputStream(this.mContext.getResources().openRawResource(this.mUserCertificateResource)));
        }
        return null;
    }

    public SSLSocketFactoryBuilder SSLContextProtocol(@NonNull SSLProtocol sSLProtocol) {
        this.mSSLProtocol = sSLProtocol;
        return this;
    }

    public SSLSocketFactoryBuilder addServerTrustedCertificate(@RawRes int i) {
        if (this.mServerTrustedCertificateResources == null) {
            this.mServerTrustedCertificateResources = new ArrayList();
        }
        this.mServerTrustedCertificateResources.add(Integer.valueOf(i));
        return this;
    }

    public SSLSocketFactory build() throws CertificateException, NoSuchProviderException, IOException, KeyStoreException, NoSuchAlgorithmException, KeyManagementException, InvalidKeySpecException, UnrecoverableKeyException {
        CertificateFactory loadCertificateFactory = loadCertificateFactory();
        List<X509Certificate> loadServerTrustedCertificates = loadServerTrustedCertificates(loadCertificateFactory);
        X509Certificate loadUserCertificate = loadUserCertificate(loadCertificateFactory);
        PrivateKey loadUserCertPrivateKey = loadUserCertPrivateKey();
        TrustManagerFactory loadTMF = loadTMF(loadServerTrustedCertificates);
        KeyManagerFactory loadKMF = loadKMF(loadUserCertificate, loadUserCertPrivateKey);
        SSLContext sSLContext = SSLContext.getInstance(this.mSSLProtocol.toString());
        sSLContext.init(loadKMF == null ? null : loadKMF.getKeyManagers(), loadTMF == null ? null : loadTMF.getTrustManagers(), null);
        return sSLContext.getSocketFactory();
    }

    public SSLSocketFactoryBuilder certificateFactoryProvider(@NonNull String str) {
        this.mCertificateFactoryProvider = str;
        return this;
    }

    public SSLSocketFactoryBuilder certificateFactoryType(@NonNull String str) {
        this.mCertificateFactoryType = str;
        return this;
    }

    public SSLSocketFactoryBuilder keyFactoryAlgorithm(@NonNull String str) {
        this.mKeyFactoryAlgorithm = str;
        return this;
    }

    public SSLSocketFactoryBuilder keyFactoryProvider(@NonNull String str) {
        this.mKeyFactoryProvider = str;
        return this;
    }

    public SSLSocketFactoryBuilder keyManagerFactoryAlgorithm(@NonNull String str) {
        this.mKeyManagerFactoryAlgorithm = str;
        return this;
    }

    public SSLSocketFactoryBuilder privateKey(@RawRes int i) {
        this.mPrivateKeyResource = i;
        return this;
    }

    public SSLSocketFactoryBuilder privateKey(@NonNull PrivateKey privateKey) {
        this.mPrivateKey = privateKey;
        return this;
    }

    public SSLSocketFactoryBuilder trustManagerFactoryAlgorithm(@NonNull String str) {
        this.mTrustManagerFactoryAlgorithm = str;
        return this;
    }

    public SSLSocketFactoryBuilder userCertificate(@RawRes int i) {
        this.mUserCertificateResource = i;
        return this;
    }

    public SSLSocketFactoryBuilder userCertificate(@NonNull X509Certificate x509Certificate) {
        this.mUserCertificate = x509Certificate;
        return this;
    }

    public SSLSocketFactoryBuilder userCredentialsKeystore(@NonNull KeyStore keyStore) {
        this.mUserCredentialsKeystore = keyStore;
        return this;
    }
}
