package defpackage;

import android.os.Build;
import androidx.annotation.WorkerThread;
import defpackage.EnrolledCertificates;
import defpackage.c26;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

@Metadata(bv = {}, d1 = {"\u0000F\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0006\bÇ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u0018\u0010\u0019J\u0018\u0010\u0007\u001a\u00020\u00062\u0006\u0010\u0003\u001a\u00020\u00022\b\u0010\u0005\u001a\u0004\u0018\u00010\u0004J\u0014\u0010\f\u001a\u00020\u000b2\f\u0010\n\u001a\b\u0012\u0004\u0012\u00020\t0\bJ\b\u0010\u000e\u001a\u00020\rH\u0002J'\u0010\u0012\u001a\b\u0012\u0004\u0012\u00020\u00110\u00102\u0006\u0010\u000f\u001a\u00020\u00022\b\u0010\u0005\u001a\u0004\u0018\u00010\u0004H\u0002¢\u0006\u0004\b\u0012\u0010\u0013J\u001a\u0010\u0015\u001a\u00020\u00142\u0006\u0010\u0003\u001a\u00020\u00022\b\u0010\u0005\u001a\u0004\u0018\u00010\u0004H\u0002J\u0010\u0010\u0016\u001a\u00020\u00142\u0006\u0010\u0003\u001a\u00020\u0002H\u0002J\u0010\u0010\u0017\u001a\u00020\u00142\u0006\u0010\u0005\u001a\u00020\u0004H\u0002¨\u0006\u001a"}, d2 = {"Lk85;", "", "Lrv1$a;", "clientCertificate", "Ljava/security/KeyStore$PrivateKeyEntry;", "temporaryClientCert", "Ljavax/net/ssl/SSLSocketFactory;", "f", "", "Ljava/io/InputStream;", "serverCertificates", "Ljavax/net/ssl/X509TrustManager;", "g", "Ljavax/net/ssl/SSLContext;", "c", "profile", "", "Ljavax/net/ssl/KeyManager;", "b", "(Lrv1$a;Ljava/security/KeyStore$PrivateKeyEntry;)[Ljavax/net/ssl/KeyManager;", "Lc26;", "a", "d", "e", "<init>", "()V", "EndpointSecurity_webLocalizedRelease"}, k = 1, mv = {1, 6, 0})
@WorkerThread
/* loaded from: classes.dex */
public final class k85 {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    public static final k85 f1661a = new k85();

    public final c26 a(EnrolledCertificates.a clientCertificate, KeyStore.PrivateKeyEntry temporaryClientCert) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        return temporaryClientCert == null ? d(clientCertificate) : e(temporaryClientCert);
    }

    public final KeyManager[] b(EnrolledCertificates.a profile, KeyStore.PrivateKeyEntry temporaryClientCert) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, IOException {
        return new KeyManager[]{new xn5(a(profile, temporaryClientCert))};
    }

    public final SSLContext c() {
        SSLContext sSLContext = SSLContext.getInstance(Build.VERSION.SDK_INT >= 29 ? e36.TLS_1_3.c() : e36.TLS_1_2.c());
        b33.d(sSLContext, "getInstance(tlsVersion)");
        return sSLContext;
    }

    public final c26 d(EnrolledCertificates.a clientCertificate) {
        if (!(clientCertificate instanceof EnrolledCertificates.a.PKCSWithPass)) {
            return new c26(c26.a.DEFAULT);
        }
        c26 c26Var = new c26(c26.a.PKCS12);
        EnrolledCertificates.a.PKCSWithPass pKCSWithPass = (EnrolledCertificates.a.PKCSWithPass) clientCertificate;
        ByteArrayInputStream certData = pKCSWithPass.getCertData();
        char[] charArray = pKCSWithPass.getCertPassword().toCharArray();
        b33.d(charArray, "this as java.lang.String).toCharArray()");
        c26Var.f(certData, charArray);
        return c26Var;
    }

    public final c26 e(KeyStore.PrivateKeyEntry temporaryClientCert) {
        c26 c26Var = new c26(c26.a.PKCS12);
        c26Var.h("mdmCoreClientCert", temporaryClientCert.getPrivateKey(), null, temporaryClientCert.getCertificateChain());
        return c26Var;
    }

    @NotNull
    public final SSLSocketFactory f(@NotNull EnrolledCertificates.a clientCertificate, @Nullable KeyStore.PrivateKeyEntry temporaryClientCert) {
        b33.e(clientCertificate, "clientCertificate");
        SSLContext c = c();
        c.init(b(clientCertificate, temporaryClientCert), null, null);
        SSLSocketFactory socketFactory = c.getSocketFactory();
        b33.d(socketFactory, "sslContext.socketFactory");
        return socketFactory;
    }

    @NotNull
    public final X509TrustManager g(@NotNull List<? extends InputStream> serverCertificates) {
        b33.e(serverCertificates, "serverCertificates");
        return new wq5(new z83(new c26(c26.a.DEFAULT), "MDMProfile").b(serverCertificates), new c26(c26.a.CA_STORE));
    }
}
