package okhttp3.tls.internal;

import j20.k;
import java.net.InetAddress;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import kotlin.collections.l;
import kotlin.e;
import kotlin.f;
import kotlin.jvm.internal.s;
import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement;
import p20.a;
import p20.b;

/* compiled from: TlsUtil.kt */
/* loaded from: classes21.dex */
public final class TlsUtil {

    /* renamed from: a, reason: collision with root package name */
    public static final char[] f68566a;

    /* renamed from: b, reason: collision with root package name */
    public static final e f68567b;

    /* renamed from: c, reason: collision with root package name */
    public static final TlsUtil f68568c = new TlsUtil();

    static {
        char[] charArray = "password".toCharArray();
        s.g(charArray, "(this as java.lang.String).toCharArray()");
        f68566a = charArray;
        f68567b = f.b(new o10.a<p20.a>() { // from class: okhttp3.tls.internal.TlsUtil$localhost$2
            @Override // o10.a
            public final p20.a invoke() {
                b.a c12 = new b.a().c("localhost");
                InetAddress byName = InetAddress.getByName("localhost");
                s.g(byName, "InetAddress.getByName(\"localhost\")");
                String canonicalHostName = byName.getCanonicalHostName();
                s.g(canonicalHostName, "InetAddress.getByName(\"l…lhost\").canonicalHostName");
                p20.b b12 = c12.a(canonicalHostName).b();
                return new a.C1213a().d(b12, new X509Certificate[0]).b(b12.a()).c();
            }
        });
    }

    private TlsUtil() {
    }

    public static final X509KeyManager b(String str, p20.b bVar, X509Certificate... intermediates) {
        s.h(intermediates, "intermediates");
        KeyStore a12 = f68568c.a(str);
        if (bVar != null) {
            Certificate[] certificateArr = new Certificate[intermediates.length + 1];
            certificateArr[0] = bVar.a();
            l.i(intermediates, certificateArr, 1, 0, 0, 12, null);
            a12.setKeyEntry("private", bVar.b().getPrivate(), f68566a, certificateArr);
        }
        KeyManagerFactory factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        factory.init(a12, f68566a);
        s.g(factory, "factory");
        KeyManager[] keyManagers = factory.getKeyManagers();
        s.e(keyManagers);
        if (keyManagers.length == 1 && (keyManagers[0] instanceof X509KeyManager)) {
            KeyManager keyManager = keyManagers[0];
            if (keyManager != null) {
                return (X509KeyManager) keyManager;
            }
            throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509KeyManager");
        }
        StringBuilder sb2 = new StringBuilder();
        sb2.append("Unexpected key managers:");
        String arrays = Arrays.toString(keyManagers);
        s.g(arrays, "java.util.Arrays.toString(this)");
        sb2.append(arrays);
        throw new IllegalStateException(sb2.toString().toString());
    }

    @IgnoreJRERequirement
    public static final X509TrustManager c(String str, List<? extends X509Certificate> trustedCertificates, List<String> insecureHosts) {
        s.h(trustedCertificates, "trustedCertificates");
        s.h(insecureHosts, "insecureHosts");
        KeyStore a12 = f68568c.a(str);
        int size = trustedCertificates.size();
        for (int i12 = 0; i12 < size; i12++) {
            a12.setCertificateEntry("cert_" + i12, trustedCertificates.get(i12));
        }
        TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        factory.init(a12);
        s.g(factory, "factory");
        TrustManager[] trustManagers = factory.getTrustManagers();
        s.e(trustManagers);
        if (!(trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager))) {
            StringBuilder sb2 = new StringBuilder();
            sb2.append("Unexpected trust managers: ");
            String arrays = Arrays.toString(trustManagers);
            s.g(arrays, "java.util.Arrays.toString(this)");
            sb2.append(arrays);
            throw new IllegalStateException(sb2.toString().toString());
        }
        TrustManager trustManager = trustManagers[0];
        if (trustManager == null) {
            throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
        }
        X509TrustManager x509TrustManager = (X509TrustManager) trustManager;
        if (insecureHosts.isEmpty()) {
            return x509TrustManager;
        }
        return k.f57027c.h() ? new a(x509TrustManager, insecureHosts) : new b((X509ExtendedTrustManager) x509TrustManager, insecureHosts);
    }

    public final KeyStore a(String str) {
        if (str == null) {
            str = KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(null, f68566a);
        s.g(keyStore, "KeyStore.getInstance(key…utStream, password)\n    }");
        return keyStore;
    }
}
