package br.com.closmaq.sdkclosmaqpay.pix.utils;

import android.util.Log;
import br.com.closmaq.sdkclosmaqpay.pix.exceptions.CertificadoException;
import br.com.closmaq.sdkclosmaqpay.pix.exceptions.CertificadoExpiradoException;
import br.com.closmaq.sdkclosmaqpay.pix.exceptions.CertificadoNaoEncontradoException;
import br.com.closmaq.sdkclosmaqpay.pix.exceptions.SdkException;
import br.com.closmaq.sdkclosmaqpay.pix.model.Erro;
import com.elgin.e1.Pagamento.Brigde.Constantes;
import cz.msebera.android.httpclient.config.RegistryBuilder;
import cz.msebera.android.httpclient.conn.ssl.SSLConnectionSocketFactory;
import cz.msebera.android.httpclient.impl.conn.BasicHttpClientConnectionManager;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: SslUtils.kt */
@Metadata(d1 = {"\u0000:\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0000\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0016\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\u0006J\u0018\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000b2\u0006\u0010\u0007\u001a\u00020\u0006H\u0002J\u0018\u0010\f\u001a\u00020\r2\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\u0006H\u0002J\u0012\u0010\u000e\u001a\u0004\u0018\u00010\u000f2\u0006\u0010\u0010\u001a\u00020\u000bH\u0002J\u0018\u0010\u0011\u001a\u00020\u000b2\b\u0010\u0005\u001a\u0004\u0018\u00010\u00062\u0006\u0010\u0007\u001a\u00020\u0006J\u001a\u0010\u0012\u001a\u0004\u0018\u00010\u000f2\b\u0010\u0005\u001a\u0004\u0018\u00010\u00062\u0006\u0010\u0007\u001a\u00020\u0006J\u0018\u0010\u0013\u001a\u00020\u000b2\u0006\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0007\u001a\u00020\u0006H\u0002¨\u0006\u0016"}, d2 = {"Lbr/com/closmaq/sdkclosmaqpay/pix/utils/SslUtils;", "", "()V", "buildConnectionManager", "Lcz/msebera/android/httpclient/impl/conn/BasicHttpClientConnectionManager;", "certificate", "", Constantes.JSON_PASSWORD, "buildKeyManagerFactory", "Ljavax/net/ssl/KeyManagerFactory;", "keyStrore", "Ljava/security/KeyStore;", "buildSslContext", "Ljavax/net/ssl/SSLContext;", "checkExpiration", "Ljava/util/Date;", "keyStore", "getKeyStore", "isCloseToExpire", "loadCertificate", "fileInputStream", "Ljava/io/FileInputStream;", "SdkClosmaqPay_release"}, k = 1, mv = {1, 9, 0}, xi = 48)
/* loaded from: classes.dex */
public final class SslUtils {
    public static final SslUtils INSTANCE = new SslUtils();

    private SslUtils() {
    }

    private final KeyManagerFactory buildKeyManagerFactory(KeyStore keyStrore, String password) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        char[] charArray = password.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
        keyManagerFactory.init(keyStrore, charArray);
        Intrinsics.checkNotNull(keyManagerFactory);
        return keyManagerFactory;
    }

    private final SSLContext buildSslContext(String certificate, String password) throws SdkException {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            KeyStore keyStore = getKeyStore(certificate, password);
            checkExpiration(keyStore);
            sSLContext.init(buildKeyManagerFactory(keyStore, password).getKeyManagers(), null, new SecureRandom());
            Intrinsics.checkNotNull(sSLContext);
            return sSLContext;
        } catch (KeyManagementException e) {
            Log.e("PIX_SDK", "Erro no Certificado! : " + e);
            throw new CertificadoException(e.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e.getMessage()).build());
        } catch (KeyStoreException e2) {
            Log.e("PIX_SDK", "Erro no Certificado! : " + e2);
            throw new CertificadoException(e2.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e2.getMessage()).build());
        } catch (NoSuchAlgorithmException e3) {
            Log.e("PIX_SDK", "Erro no Certificado! : " + e3);
            throw new CertificadoException(e3.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e3.getMessage()).build());
        } catch (UnrecoverableKeyException e4) {
            Log.e("PIX_SDK", "Erro no Certificado! : " + e4);
            throw new CertificadoException(e4.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e4.getMessage()).build());
        }
    }

    private final Date checkExpiration(KeyStore keyStore) throws SdkException {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            Intrinsics.checkNotNullExpressionValue(aliases, "aliases(...)");
            Date date = null;
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Intrinsics.checkNotNull(nextElement, "null cannot be cast to non-null type kotlin.String");
                Certificate certificate = keyStore.getCertificate(nextElement);
                Intrinsics.checkNotNull(certificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
                X509Certificate x509Certificate = (X509Certificate) certificate;
                Calendar calendar = Calendar.getInstance();
                calendar.setTime(new Date());
                calendar.add(5, 30);
                if (x509Certificate.getNotAfter().before(calendar.getTime())) {
                    date = x509Certificate.getNotAfter();
                }
                if (x509Certificate.getNotAfter().before(new Date())) {
                    throw new CertificadoExpiradoException();
                }
            }
            return date;
        } catch (KeyStoreException e) {
            Log.e("PIX_SDK", "Erro no Certificado! : " + e);
            throw new CertificadoException(e.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e.getMessage()).build());
        }
    }

    private final KeyStore loadCertificate(FileInputStream fileInputStream, String password) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException {
        KeyStore keyStore = KeyStore.getInstance("pkcs12");
        char[] charArray = password.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
        keyStore.load(fileInputStream, charArray);
        Intrinsics.checkNotNull(keyStore);
        return keyStore;
    }

    public final BasicHttpClientConnectionManager buildConnectionManager(String certificate, String password) throws SdkException {
        Intrinsics.checkNotNullParameter(certificate, "certificate");
        Intrinsics.checkNotNullParameter(password, "password");
        if (!new File(certificate).exists()) {
            throw new CertificadoNaoEncontradoException(certificate);
        }
        return new BasicHttpClientConnectionManager(RegistryBuilder.create().register("https", new SSLConnectionSocketFactory(buildSslContext(certificate, password))).build());
    }

    public final KeyStore getKeyStore(String certificate, String password) throws SdkException {
        Intrinsics.checkNotNullParameter(password, "password");
        try {
            FileInputStream fileInputStream = new FileInputStream(certificate);
            KeyStore loadCertificate = loadCertificate(fileInputStream, password);
            fileInputStream.close();
            return loadCertificate;
        } catch (IOException e) {
            Log.e("PIX_SDK", "Erro durante execução do SDK! : " + e);
            throw new SdkException(e.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e.getMessage()).build());
        } catch (KeyStoreException e2) {
            Log.e("PIX_SDK", "Erro no Certificado! : " + e2);
            throw new CertificadoException(e2.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e2.getMessage()).build());
        } catch (NoSuchAlgorithmException e3) {
            Log.e("PIX_SDK", "Erro no Certificado! : " + e3);
            throw new CertificadoException(e3.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e3.getMessage()).build());
        } catch (CertificateException e4) {
            Log.e("PIX_SDK", "Erro no Certificado! : " + e4);
            throw new CertificadoException(e4.getMessage(), new Erro.Builder(null, null, null, null, null, 31, null).title("Erro no Certificado!").detail(e4.getMessage()).build());
        }
    }

    public final Date isCloseToExpire(String certificate, String password) throws SdkException {
        Intrinsics.checkNotNullParameter(password, "password");
        return checkExpiration(getKeyStore(certificate, password));
    }
}
