package es.aeat.pin24h.data.webservices;

import android.annotation.SuppressLint;
import android.content.Context;
import es.aeat.pin24h.BuildConfig;
import es.aeat.pin24h.presentation.model.CertificadoNfcData;
import es.aeat.pin24h.presentation.model.CertificadoSoftwareData;
import java.io.ByteArrayInputStream;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.security.cert.CertificateException;
import kotlin.jvm.internal.Intrinsics;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;

/* compiled from: SecuredHttpClient.kt */
/* loaded from: classes2.dex */
public final class SecuredHttpClient {
    public final Context context;

    public SecuredHttpClient(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.context = context;
    }

    public static final boolean getCustomUnsafeOkHttpClient$lambda$3(String str, SSLSession sSLSession) {
        return true;
    }

    public static final boolean getUnsafeOkHttpClient$lambda$0(String str, SSLSession sSLSession) {
        return true;
    }

    public final OkHttpClient getCustomUnsafeOkHttpClient(Interceptor[] interceptor, CertificadoSoftwareData certificadoSoftwareData, CertificadoNfcData certificadoNfcData, boolean z2) {
        SSLSocketFactory dnieSSLSocketFactory;
        Intrinsics.checkNotNullParameter(interceptor, "interceptor");
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: es.aeat.pin24h.data.webservices.SecuredHttpClient$getCustomUnsafeOkHttpClient$trustAllCerts$1
                @Override // javax.net.ssl.X509TrustManager
                @SuppressLint({"TrustAllX509TrustManager"})
                public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    Intrinsics.checkNotNullParameter(chain, "chain");
                    Intrinsics.checkNotNullParameter(authType, "authType");
                }

                @Override // javax.net.ssl.X509TrustManager
                @SuppressLint({"TrustAllX509TrustManager"})
                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    Intrinsics.checkNotNullParameter(chain, "chain");
                    Intrinsics.checkNotNullParameter(authType, "authType");
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            if (z2) {
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                Intrinsics.checkNotNull(certificadoSoftwareData);
                String certificado = certificadoSoftwareData.getCertificado();
                Charset forName = Charset.forName("Cp1252");
                Intrinsics.checkNotNullExpressionValue(forName, "forName(\n               …                        )");
                byte[] bytes = certificado.getBytes(forName);
                Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bytes);
                char[] charArray = certificadoSoftwareData.getPassword().toCharArray();
                Intrinsics.checkNotNullExpressionValue(charArray, "this as java.lang.String).toCharArray()");
                keyStore.load(byteArrayInputStream, charArray);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
                char[] charArray2 = certificadoSoftwareData.getPassword().toCharArray();
                Intrinsics.checkNotNullExpressionValue(charArray2, "this as java.lang.String).toCharArray()");
                keyManagerFactory.init(keyStore, charArray2);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerArr, new SecureRandom());
                dnieSSLSocketFactory = sSLContext.getSocketFactory();
                Intrinsics.checkNotNullExpressionValue(dnieSSLSocketFactory, "sslContext.socketFactory");
            } else {
                Intrinsics.checkNotNull(certificadoNfcData);
                dnieSSLSocketFactory = certificadoNfcData.getDnieSSLSocketFactory();
                Intrinsics.checkNotNull(dnieSSLSocketFactory);
            }
            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            TrustManager trustManager = trustManagerArr[0];
            Intrinsics.checkNotNull(trustManager, "null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
            OkHttpClient.Builder sslSocketFactory = builder.sslSocketFactory(dnieSSLSocketFactory, (X509TrustManager) trustManager);
            TimeUnit timeUnit = TimeUnit.SECONDS;
            OkHttpClient.Builder hostnameVerifier = sslSocketFactory.connectTimeout(190L, timeUnit).readTimeout(190L, timeUnit).writeTimeout(190L, timeUnit).hostnameVerifier(new HostnameVerifier() { // from class: es.aeat.pin24h.data.webservices.SecuredHttpClient$$ExternalSyntheticLambda0
                @Override // javax.net.ssl.HostnameVerifier
                public final boolean verify(String str, SSLSession sSLSession) {
                    boolean customUnsafeOkHttpClient$lambda$3;
                    customUnsafeOkHttpClient$lambda$3 = SecuredHttpClient.getCustomUnsafeOkHttpClient$lambda$3(str, sSLSession);
                    return customUnsafeOkHttpClient$lambda$3;
                }
            });
            for (Interceptor interceptor2 : interceptor) {
                hostnameVerifier.addInterceptor(interceptor2);
            }
            return hostnameVerifier.build();
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public final OkHttpClient getOkHttpClient(Interceptor... interceptor) {
        Intrinsics.checkNotNullParameter(interceptor, "interceptor");
        Boolean IGNORE_SECURE_HTTP = BuildConfig.IGNORE_SECURE_HTTP;
        Intrinsics.checkNotNullExpressionValue(IGNORE_SECURE_HTTP, "IGNORE_SECURE_HTTP");
        return IGNORE_SECURE_HTTP.booleanValue() ? getUnsafeOkHttpClient((Interceptor[]) Arrays.copyOf(interceptor, interceptor.length)) : getSafeOkHttpClient((Interceptor[]) Arrays.copyOf(interceptor, interceptor.length));
    }

    public final OkHttpClient getSafeOkHttpClient(Interceptor... interceptorArr) {
        try {
            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            TimeUnit timeUnit = TimeUnit.SECONDS;
            OkHttpClient.Builder writeTimeout = builder.connectTimeout(190L, timeUnit).readTimeout(190L, timeUnit).writeTimeout(190L, timeUnit);
            for (Interceptor interceptor : interceptorArr) {
                writeTimeout.addInterceptor(interceptor);
            }
            return writeTimeout.build();
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public final OkHttpClient getUnsafeOkHttpClient(Interceptor... interceptorArr) {
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: es.aeat.pin24h.data.webservices.SecuredHttpClient$getUnsafeOkHttpClient$trustAllCerts$1
                @Override // javax.net.ssl.X509TrustManager
                @SuppressLint({"TrustAllX509TrustManager"})
                public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    Intrinsics.checkNotNullParameter(chain, "chain");
                    Intrinsics.checkNotNullParameter(authType, "authType");
                }

                @Override // javax.net.ssl.X509TrustManager
                @SuppressLint({"TrustAllX509TrustManager"})
                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    Intrinsics.checkNotNullParameter(chain, "chain");
                    Intrinsics.checkNotNullParameter(authType, "authType");
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            SSLSocketFactory sslSocketFactory = sSLContext.getSocketFactory();
            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            Intrinsics.checkNotNullExpressionValue(sslSocketFactory, "sslSocketFactory");
            TrustManager trustManager = trustManagerArr[0];
            Intrinsics.checkNotNull(trustManager, "null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
            OkHttpClient.Builder sslSocketFactory2 = builder.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustManager);
            TimeUnit timeUnit = TimeUnit.SECONDS;
            OkHttpClient.Builder hostnameVerifier = sslSocketFactory2.connectTimeout(190L, timeUnit).readTimeout(190L, timeUnit).writeTimeout(190L, timeUnit).hostnameVerifier(new HostnameVerifier() { // from class: es.aeat.pin24h.data.webservices.SecuredHttpClient$$ExternalSyntheticLambda1
                @Override // javax.net.ssl.HostnameVerifier
                public final boolean verify(String str, SSLSession sSLSession) {
                    boolean unsafeOkHttpClient$lambda$0;
                    unsafeOkHttpClient$lambda$0 = SecuredHttpClient.getUnsafeOkHttpClient$lambda$0(str, sSLSession);
                    return unsafeOkHttpClient$lambda$0;
                }
            });
            for (Interceptor interceptor : interceptorArr) {
                hostnameVerifier.addInterceptor(interceptor);
            }
            return hostnameVerifier.build();
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }
}
