package com.unascribed.sup.lib.okhttp3.tls.internal;

import com.unascribed.sup.lib.kotlin.Lazy;
import com.unascribed.sup.lib.kotlin.LazyKt;
import com.unascribed.sup.lib.kotlin.collections.ArraysKt;
import com.unascribed.sup.lib.kotlin.jvm.internal.Intrinsics;
import com.unascribed.sup.lib.okhttp3.internal.platform.Platform;
import com.unascribed.sup.lib.okhttp3.tls.HeldCertificate;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: TlsUtil.kt */
/* loaded from: input_file:com/unascribed/sup/lib/okhttp3/tls/internal/TlsUtil.class */
public final class TlsUtil {

    @NotNull
    public static final TlsUtil INSTANCE = new TlsUtil();

    @NotNull
    private static final char[] password;

    @NotNull
    private static final Lazy localhost$delegate;

    private TlsUtil() {
    }

    @IgnoreJRERequirement
    @NotNull
    public static final X509TrustManager newTrustManager(@Nullable String str, @NotNull List<? extends X509Certificate> list, @NotNull List<String> list2) {
        Intrinsics.checkNotNullParameter(list, "");
        Intrinsics.checkNotNullParameter(list2, "");
        KeyStore newEmptyKeyStore = INSTANCE.newEmptyKeyStore(str);
        int size = list.size();
        for (int i = 0; i < size; i++) {
            newEmptyKeyStore.setCertificateEntry("cert_" + i, list.get(i));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(newEmptyKeyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        Intrinsics.checkNotNull(trustManagers);
        if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
            TrustManager trustManager = trustManagers[0];
            Intrinsics.checkNotNull(trustManager);
            X509TrustManager x509TrustManager = (X509TrustManager) trustManager;
            return list2.isEmpty() ? x509TrustManager : Platform.Companion.isAndroid() ? new InsecureAndroidTrustManager(x509TrustManager, list2) : new InsecureExtendedTrustManager((X509ExtendedTrustManager) x509TrustManager, list2);
        }
        StringBuilder append = new StringBuilder().append("Unexpected trust managers: ");
        String arrays = Arrays.toString(trustManagers);
        Intrinsics.checkNotNullExpressionValue(arrays, "");
        throw new IllegalStateException(append.append(arrays).toString().toString());
    }

    @NotNull
    public static final X509KeyManager newKeyManager(@Nullable String str, @Nullable HeldCertificate heldCertificate, @NotNull X509Certificate... x509CertificateArr) {
        Intrinsics.checkNotNullParameter(x509CertificateArr, "");
        KeyStore newEmptyKeyStore = INSTANCE.newEmptyKeyStore(str);
        if (heldCertificate != null) {
            Certificate[] certificateArr = new Certificate[1 + x509CertificateArr.length];
            certificateArr[0] = heldCertificate.certificate();
            ArraysKt.copyInto$default(x509CertificateArr, certificateArr, 1, 0, 0, 12, (Object) null);
            PrivateKey privateKey = heldCertificate.keyPair().getPrivate();
            TlsUtil tlsUtil = INSTANCE;
            newEmptyKeyStore.setKeyEntry("private", privateKey, password, certificateArr);
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        TlsUtil tlsUtil2 = INSTANCE;
        keyManagerFactory.init(newEmptyKeyStore, password);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        Intrinsics.checkNotNull(keyManagers);
        if (keyManagers.length == 1 && (keyManagers[0] instanceof X509KeyManager)) {
            KeyManager keyManager = keyManagers[0];
            Intrinsics.checkNotNull(keyManager);
            return (X509KeyManager) keyManager;
        }
        StringBuilder append = new StringBuilder().append("Unexpected key managers:");
        String arrays = Arrays.toString(keyManagers);
        Intrinsics.checkNotNullExpressionValue(arrays, "");
        throw new IllegalStateException(append.append(arrays).toString().toString());
    }

    private final KeyStore newEmptyKeyStore(String str) {
        String str2 = str;
        if (str2 == null) {
            str2 = KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(str2);
        TlsUtil tlsUtil = INSTANCE;
        keyStore.load(null, password);
        Intrinsics.checkNotNullExpressionValue(keyStore, "");
        return keyStore;
    }

    static {
        char[] charArray = "password".toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "");
        password = charArray;
        localhost$delegate = LazyKt.lazy(TlsUtil$localhost$2.INSTANCE);
    }
}
