package ru.yoomoney.sdk.kassa.payments.utils;

import android.content.Context;
import android.net.http.SslCertificate;
import android.net.http.SslError;
import android.util.Base64;
import com.google.firebase.messaging.Constants;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.lang.reflect.Field;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.Result;
import kotlin.ResultKt;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.io.ByteStreamsKt;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;

@Metadata(d1 = {"\u00004\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0000\u0018\u00002\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002J\u0018\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\bH\u0017J\u0010\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\fH\u0002J\u0010\u0010\r\u001a\u00020\n2\u0006\u0010\u000e\u001a\u00020\fH\u0002J\u0018\u0010\u000f\u001a\u00020\f2\u0006\u0010\u0010\u001a\u00020\u00062\u0006\u0010\u0011\u001a\u00020\fH\u0002J\u0010\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0005\u001a\u00020\u0006H\u0002J\u0018\u0010\u0014\u001a\u00020\n2\u0006\u0010\u0010\u001a\u00020\u00062\u0006\u0010\u0011\u001a\u00020\fH\u0002J\f\u0010\u0015\u001a\u00020\f*\u00020\fH\u0002¨\u0006\u0016"}, d2 = {"Lru/yoomoney/sdk/kassa/payments/utils/WebTrustManagerImpl;", "Lru/yoomoney/sdk/kassa/payments/utils/WebTrustManager;", "()V", "checkCertificate", "", "context", "Landroid/content/Context;", Constants.IPC_BUNDLE_KEY_SEND_ERROR, "Landroid/net/http/SslError;", "fromBase64String", "Ljava/io/InputStream;", "base64cert", "", "fromPem", "pem", "getPemAsString", "contex", "certName", "initTrustStore", "Ljavax/net/ssl/TrustManagerFactory;", "readPemCert", "pemKeyContent", "library_metricaRealRelease"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes5.dex */
public final class WebTrustManagerImpl implements WebTrustManager {
    private final InputStream fromBase64String(String base64cert) {
        return new ByteArrayInputStream(Base64.decode(base64cert, 2));
    }

    private final InputStream fromPem(String pem) {
        return fromBase64String(pemKeyContent(pem));
    }

    private final String getPemAsString(Context contex, String certName) {
        InputStream openRawResource = contex.getResources().openRawResource(contex.getResources().getIdentifier(certName, "raw", contex.getPackageName()));
        Intrinsics.checkNotNullExpressionValue(openRawResource, "contex.resources.openRaw…e\n            )\n        )");
        byte[] readBytes = ByteStreamsKt.readBytes(openRawResource);
        Charset ISO_8859_1 = StandardCharsets.ISO_8859_1;
        Intrinsics.checkNotNullExpressionValue(ISO_8859_1, "ISO_8859_1");
        return new String(readBytes, ISO_8859_1);
    }

    private final TrustManagerFactory initTrustStore(Context context) {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Intrinsics.checkNotNullExpressionValue(certificateFactory, "getInstance(\"X.509\")");
        List listOf = CollectionsKt.listOf((Object[]) new String[]{"ym_root_ca", "ym_sub_ca"});
        List list = listOf;
        ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(list, 10));
        Iterator it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(readPemCert(context, (String) it.next()));
        }
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        int i = 0;
        for (Object obj : arrayList) {
            int i2 = i + 1;
            if (i < 0) {
                CollectionsKt.throwIndexOverflow();
            }
            InputStream inputStream = (InputStream) obj;
            try {
                Certificate generateCertificate = certificateFactory.generateCertificate(inputStream);
                CloseableKt.closeFinally(inputStream, null);
                keyStore.setCertificateEntry((String) listOf.get(i), generateCertificate);
                i = i2;
            } finally {
            }
        }
        Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(KeyStore.get…)\n            }\n        }");
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init(keyStore);
        Intrinsics.checkNotNullExpressionValue(tmf, "tmf");
        return tmf;
    }

    private final String pemKeyContent(String str) {
        return StringsKt.replace$default(StringsKt.replace$default(StringsKt.replace$default(StringsKt.replace$default(StringsKt.replace$default(StringsKt.replace$default(str, "\\s+", "", false, 4, (Object) null), "\n", "", false, 4, (Object) null), "-----BEGIN PUBLIC KEY-----", "", false, 4, (Object) null), "-----END PUBLIC KEY-----", "", false, 4, (Object) null), "-----BEGIN CERTIFICATE-----", "", false, 4, (Object) null), "-----END CERTIFICATE-----", "", false, 4, (Object) null);
    }

    private final InputStream readPemCert(Context contex, String certName) {
        return fromPem(StringsKt.trimIndent(getPemAsString(contex, certName)));
    }

    @Override // ru.yoomoney.sdk.kassa.payments.utils.WebTrustManager
    public boolean checkCertificate(Context context, SslError error) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(error, "error");
        boolean z = false;
        if (error.getPrimaryError() != 3) {
            return false;
        }
        SslCertificate certificate = error.getCertificate();
        try {
            Result.Companion companion = Result.INSTANCE;
            Field declaredField = certificate.getClass().getDeclaredField("mX509Certificate");
            Intrinsics.checkNotNullExpressionValue(declaredField, "cert.javaClass.getDeclar…Field(\"mX509Certificate\")");
            declaredField.setAccessible(true);
            Object obj = declaredField.get(certificate);
            Intrinsics.checkNotNull(obj, "null cannot be cast to non-null type java.security.cert.X509Certificate");
            X509Certificate[] x509CertificateArr = {(X509Certificate) obj};
            TrustManager[] trustManagers = initTrustStore(context).getTrustManagers();
            Intrinsics.checkNotNullExpressionValue(trustManagers, "trustManagerFactory.trustManagers");
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    try {
                        ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, "generic");
                        z = true;
                        break;
                    } catch (Exception unused) {
                        continue;
                    }
                }
                i++;
            }
            Result.m741constructorimpl(Unit.INSTANCE);
        } catch (Throwable th) {
            Result.Companion companion2 = Result.INSTANCE;
            Result.m741constructorimpl(ResultKt.createFailure(th));
        }
        return z;
    }
}
