package net.poweroak.lib_mqtt.utils;

import java.io.BufferedInputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import net.poweroak.bluetticloud.ui.shop.activity.ShopRefundApplyActivity;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;

/* compiled from: SSLHelper.kt */
@Metadata(d1 = {"\u0000\"\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u000e\n\u0002\b\u0003\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J*\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\u00062\u0006\u0010\b\u001a\u00020\u00062\n\b\u0002\u0010\t\u001a\u0004\u0018\u00010\nJ\"\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u000b\u001a\u00020\u00062\n\b\u0002\u0010\f\u001a\u0004\u0018\u00010\n¨\u0006\r"}, d2 = {"Lnet/poweroak/lib_mqtt/utils/SSLHelper;", "", "()V", "getSocketFactory", "Ljavax/net/ssl/SSLSocketFactory;", "caCrtFile", "Ljava/io/InputStream;", "clientCrtFile", "clientKeyFile", "password", "", "pkcs12File", "clientPassword", "lib_mqtt_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes5.dex */
public final class SSLHelper {
    public static final SSLHelper INSTANCE = new SSLHelper();

    private SSLHelper() {
    }

    public static /* synthetic */ SSLSocketFactory getSocketFactory$default(SSLHelper sSLHelper, InputStream inputStream, InputStream inputStream2, InputStream inputStream3, String str, int i, Object obj) {
        if ((i & 8) != 0) {
            str = null;
        }
        return sSLHelper.getSocketFactory(inputStream, inputStream2, inputStream3, str);
    }

    public static /* synthetic */ SSLSocketFactory getSocketFactory$default(SSLHelper sSLHelper, InputStream inputStream, InputStream inputStream2, String str, int i, Object obj) {
        if ((i & 4) != 0) {
            str = null;
        }
        return sSLHelper.getSocketFactory(inputStream, inputStream2, str);
    }

    public final SSLSocketFactory getSocketFactory(InputStream caCrtFile, InputStream clientCrtFile, InputStream clientKeyFile, String password) {
        char[] cArr;
        char[] cArr2;
        char[] cArr3;
        Intrinsics.checkNotNullParameter(caCrtFile, "caCrtFile");
        Intrinsics.checkNotNullParameter(clientCrtFile, "clientCrtFile");
        Intrinsics.checkNotNullParameter(clientKeyFile, "clientKeyFile");
        Security.addProvider(new BouncyCastleProvider());
        BufferedInputStream bufferedInputStream = new BufferedInputStream(caCrtFile);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Intrinsics.checkNotNullExpressionValue(certificateFactory, "getInstance(\"X.509\")");
        X509Certificate x509Certificate = null;
        while (bufferedInputStream.available() > 0) {
            Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
            Intrinsics.checkNotNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
            x509Certificate = (X509Certificate) generateCertificate;
        }
        BufferedInputStream bufferedInputStream2 = new BufferedInputStream(clientCrtFile);
        X509Certificate x509Certificate2 = null;
        while (bufferedInputStream2.available() > 0) {
            Certificate generateCertificate2 = certificateFactory.generateCertificate(bufferedInputStream2);
            Intrinsics.checkNotNull(generateCertificate2, "null cannot be cast to non-null type java.security.cert.X509Certificate");
            x509Certificate2 = (X509Certificate) generateCertificate2;
        }
        Object readObject = new PEMParser(new InputStreamReader(clientKeyFile)).readObject();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(KeyStore.getDefaultType())");
        keyStore.load(null, null);
        keyStore.setCertificateEntry("cert-certificate", x509Certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        Intrinsics.checkNotNullExpressionValue(trustManagerFactory, "getInstance(TrustManager…ry.getDefaultAlgorithm())");
        trustManagerFactory.init(keyStore);
        KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
        Intrinsics.checkNotNullExpressionValue(keyStore2, "getInstance(KeyStore.getDefaultType())");
        keyStore2.load(null, null);
        keyStore2.setCertificateEntry(ShopRefundApplyActivity.CERTIFICATE, x509Certificate2);
        if (readObject instanceof PrivateKeyInfo) {
            PrivateKey privateKey = new JcaPEMKeyConverter().getPrivateKey((PrivateKeyInfo) readObject);
            if (password != null) {
                cArr3 = password.toCharArray();
                Intrinsics.checkNotNullExpressionValue(cArr3, "this as java.lang.String).toCharArray()");
            } else {
                cArr3 = null;
            }
            keyStore2.setKeyEntry("private-cert", privateKey, cArr3, new Certificate[]{x509Certificate2});
        } else {
            JcaPEMKeyConverter provider = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
            Intrinsics.checkNotNullExpressionValue(provider, "JcaPEMKeyConverter().setProvider(\"BC\")");
            Intrinsics.checkNotNull(readObject, "null cannot be cast to non-null type org.bouncycastle.openssl.PEMKeyPair");
            KeyPair keyPair = provider.getKeyPair((PEMKeyPair) readObject);
            Intrinsics.checkNotNullExpressionValue(keyPair, "converter.getKeyPair(readObject as PEMKeyPair)");
            PrivateKey privateKey2 = keyPair.getPrivate();
            if (password != null) {
                cArr = password.toCharArray();
                Intrinsics.checkNotNullExpressionValue(cArr, "this as java.lang.String).toCharArray()");
            } else {
                cArr = null;
            }
            keyStore2.setKeyEntry("private-cert", privateKey2, cArr, new Certificate[]{x509Certificate2});
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        Intrinsics.checkNotNullExpressionValue(keyManagerFactory, "getInstance(KeyManagerFa…ry.getDefaultAlgorithm())");
        if (password != null) {
            cArr2 = password.toCharArray();
            Intrinsics.checkNotNullExpressionValue(cArr2, "this as java.lang.String).toCharArray()");
        } else {
            cArr2 = null;
        }
        keyManagerFactory.init(keyStore2, cArr2);
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        Intrinsics.checkNotNullExpressionValue(sSLContext, "getInstance(\"TLSv1.2\")");
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
        Intrinsics.checkNotNullExpressionValue(socketFactory, "context.socketFactory");
        return socketFactory;
    }

    /* JADX WARN: Code restructure failed: missing block: B:13:0x0096, code lost:
    
        if (r8 == null) goto L15;
     */
    /* JADX WARN: Code restructure failed: missing block: B:9:0x0079, code lost:
    
        if (r4 == null) goto L10;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final javax.net.ssl.SSLSocketFactory getSocketFactory(java.io.InputStream r6, java.io.InputStream r7, java.lang.String r8) {
        /*
            r5 = this;
            java.lang.String r0 = "caCrtFile"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r6, r0)
            java.lang.String r0 = "pkcs12File"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r7, r0)
            org.bouncycastle.jce.provider.BouncyCastleProvider r0 = new org.bouncycastle.jce.provider.BouncyCastleProvider
            r0.<init>()
            java.security.Provider r0 = (java.security.Provider) r0
            java.security.Security.addProvider(r0)
            java.io.BufferedInputStream r0 = new java.io.BufferedInputStream
            r0.<init>(r6)
            java.lang.String r6 = "X.509"
            java.security.cert.CertificateFactory r6 = java.security.cert.CertificateFactory.getInstance(r6)
            java.lang.String r1 = "getInstance(\"X.509\")"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r6, r1)
            r1 = 0
            r2 = r1
        L26:
            int r3 = r0.available()
            if (r3 <= 0) goto L3b
            r2 = r0
            java.io.InputStream r2 = (java.io.InputStream) r2
            java.security.cert.Certificate r2 = r6.generateCertificate(r2)
            java.lang.String r3 = "null cannot be cast to non-null type java.security.cert.X509Certificate"
            kotlin.jvm.internal.Intrinsics.checkNotNull(r2, r3)
            java.security.cert.X509Certificate r2 = (java.security.cert.X509Certificate) r2
            goto L26
        L3b:
            java.lang.String r6 = java.security.KeyStore.getDefaultType()
            java.security.KeyStore r6 = java.security.KeyStore.getInstance(r6)
            java.lang.String r0 = "getInstance(KeyStore.getDefaultType())"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r6, r0)
            r6.load(r1, r1)
            java.lang.String r0 = "cert-certificate"
            java.security.cert.Certificate r2 = (java.security.cert.Certificate) r2
            r6.setCertificateEntry(r0, r2)
            java.lang.String r0 = javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm()
            javax.net.ssl.TrustManagerFactory r0 = javax.net.ssl.TrustManagerFactory.getInstance(r0)
            java.lang.String r2 = "getInstance(TrustManager…ry.getDefaultAlgorithm())"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r0, r2)
            r0.init(r6)
            java.lang.String r6 = "PKCS12"
            java.security.KeyStore r6 = java.security.KeyStore.getInstance(r6)
            java.lang.String r2 = "getInstance(\"PKCS12\")"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r6, r2)
            java.lang.String r2 = "this as java.lang.String).toCharArray()"
            r3 = 0
            if (r8 == 0) goto L7b
            char[] r4 = r8.toCharArray()
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r4, r2)
            if (r4 != 0) goto L7d
        L7b:
            char[] r4 = new char[r3]
        L7d:
            r6.load(r7, r4)
            java.lang.String r7 = javax.net.ssl.KeyManagerFactory.getDefaultAlgorithm()
            javax.net.ssl.KeyManagerFactory r7 = javax.net.ssl.KeyManagerFactory.getInstance(r7)
            java.lang.String r4 = "getInstance(KeyManagerFa…ry.getDefaultAlgorithm())"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r7, r4)
            if (r8 == 0) goto L98
            char[] r8 = r8.toCharArray()
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r8, r2)
            if (r8 != 0) goto L9a
        L98:
            char[] r8 = new char[r3]
        L9a:
            r7.init(r6, r8)
            java.lang.String r6 = "TLSv1.2"
            javax.net.ssl.SSLContext r6 = javax.net.ssl.SSLContext.getInstance(r6)
            java.lang.String r8 = "getInstance(\"TLSv1.2\")"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r6, r8)
            javax.net.ssl.KeyManager[] r7 = r7.getKeyManagers()
            javax.net.ssl.TrustManager[] r8 = r0.getTrustManagers()
            r6.init(r7, r8, r1)
            javax.net.ssl.SSLSocketFactory r6 = r6.getSocketFactory()
            java.lang.String r7 = "context.socketFactory"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r6, r7)
            return r6
        */
        throw new UnsupportedOperationException("Method not decompiled: net.poweroak.lib_mqtt.utils.SSLHelper.getSocketFactory(java.io.InputStream, java.io.InputStream, java.lang.String):javax.net.ssl.SSLSocketFactory");
    }
}
