package v0;

import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class q {

    /* renamed from: a, reason: collision with root package name */
    private SSLSocketFactory f2188a;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class b implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        private String f2189a;

        private b(X509Certificate x509Certificate) {
            this.f2189a = a(x509Certificate);
        }

        private String a(X509Certificate x509Certificate) {
            if (x509Certificate == null) {
                return "";
            }
            try {
                byte[] digest = MessageDigest.getInstance("SHA-256").digest(x509Certificate.getEncoded());
                StringBuilder sb = new StringBuilder();
                for (byte b2 : digest) {
                    String hexString = Integer.toHexString(b2 & 255);
                    if (hexString.length() == 1) {
                        sb.append("0");
                    }
                    sb.append(hexString);
                }
                return sb.toString();
            } catch (NoSuchAlgorithmException | CertificateEncodingException unused) {
                return "";
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            boolean z2 = false;
            for (X509Certificate x509Certificate : x509CertificateArr) {
                String a2 = a(x509Certificate);
                z2 = !a2.equals("") && a2.equals(this.f2189a);
                if (z2) {
                    break;
                }
            }
            if (!z2) {
                throw new CertificateException("The server does not have a valid certificate.");
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public q() {
        try {
            b();
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException unused) {
        }
    }

    private void b() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        X509Certificate x509Certificate = null;
        for (int i2 = 0; i2 < 60 && (x509Certificate = c(keyStore)) == null; i2++) {
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, null);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        b bVar = new b(x509Certificate);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagers, new X509TrustManager[]{bVar}, new SecureRandom());
        this.f2188a = sSLContext.getSocketFactory();
    }

    private X509Certificate c(KeyStore keyStore) {
        try {
            return (X509Certificate) keyStore.getCertificate("com.apple.movetoios.ca");
        } catch (RuntimeException | KeyStoreException e2) {
            r0.a.l("security", "could not get a certificate due to an android bug and will retry to get a certificate using an alternative api. error=" + e2.toString());
            try {
                return (X509Certificate) ((KeyStore.PrivateKeyEntry) keyStore.getEntry("com.apple.movetoios.ca", null)).getCertificate();
            } catch (RuntimeException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e3) {
                r0.a.e("security", "could not get a certificate even from an alternative api and all secured connections will be failed. error=" + e3.toString());
                return null;
            }
        }
    }

    public Socket a() {
        try {
            return this.f2188a.createSocket();
        } catch (IOException unused) {
            return null;
        }
    }
}
