package com.ringapp.util;

import android.content.Context;
import com.ring.android.logger.Log;
import com.ringapp.R;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.internal.tls.OkHostnameVerifier;

@Deprecated
/* loaded from: classes3.dex */
public class RingSSLContext {
    public static final String TAG = "RingSSLContext";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class DynamicTrustManager implements X509TrustManager {
        public final X509Certificate[] mAcceptedIssuers;
        public final X509TrustManager mGlobalTrustManager;
        public final X509TrustManager mLocalTrustManager;

        public DynamicTrustManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, KeyManagementException {
            String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
            trustManagerFactory.init((KeyStore) null);
            this.mGlobalTrustManager = findX509TrustManager(trustManagerFactory);
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(defaultAlgorithm);
            trustManagerFactory2.init(keyStore);
            this.mLocalTrustManager = findX509TrustManager(trustManagerFactory2);
            ArrayList arrayList = new ArrayList();
            for (X509Certificate x509Certificate : this.mGlobalTrustManager.getAcceptedIssuers()) {
                arrayList.add(x509Certificate);
            }
            for (X509Certificate x509Certificate2 : this.mLocalTrustManager.getAcceptedIssuers()) {
                arrayList.add(x509Certificate2);
            }
            this.mAcceptedIssuers = (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        }

        public static X509TrustManager findX509TrustManager(TrustManagerFactory trustManagerFactory) throws KeyManagementException {
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
            throw new KeyManagementException("No X509TrustManager found.");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.mGlobalTrustManager.checkClientTrusted(x509CertificateArr, str);
            } catch (CertificateException unused) {
                this.mLocalTrustManager.checkClientTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.mGlobalTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException unused) {
                this.mLocalTrustManager.checkServerTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.mAcceptedIssuers;
        }
    }

    public static void init(Context context) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            InputStream openRawResource = context.getResources().openRawResource(R.raw.firmware_server_certificate);
            Certificate generateCertificate = certificateFactory.generateCertificate(openRawResource);
            openRawResource.close();
            keyStore.setCertificateEntry("firmwareServerCertificate", generateCertificate);
            DynamicTrustManager dynamicTrustManager = new DynamicTrustManager(keyStore);
            OkHostnameVerifier okHostnameVerifier = OkHostnameVerifier.INSTANCE;
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, new TrustManager[]{dynamicTrustManager}, null);
                SSLContext.setDefault(sSLContext);
                HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
                HttpsURLConnection.setDefaultHostnameVerifier(okHostnameVerifier);
                Log.i(TAG, String.format("SSL Context successfully initialized for %s build.", "RELEASE"));
            } catch (Exception e) {
                Log.e(TAG, String.format("Could not initialize SSL Context for %s build.", "RELEASE"), e);
                throw new RuntimeException(e);
            }
        } catch (Exception e2) {
            Log.e(TAG, "Could not initialize SSL Context with dynamic trust manager.", e2);
            throw new RuntimeException(e2);
        }
    }
}
