package org.equeim.tremotesf.rpc;

import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.LazyKt__LazyKt;
import kotlin.TuplesKt;
import kotlin.UnsignedKt;
import kotlin.collections.ArraysKt___ArraysKt;
import kotlin.collections.ReversedListReadOnly;
import kotlin.text.FlagEnum;
import kotlin.text.MatcherMatchResult;
import kotlin.text.Regex;
import kotlin.text.RegexOption;
import kotlin.text.StringsKt__StringsKt;

/* loaded from: classes.dex */
public abstract class TlsConfigurationKt {
    public static final Regex PRIVATE_KEY_REGEX;

    static {
        Iterator it = ArraysKt___ArraysKt.toSet(new RegexOption[]{RegexOption.MULTILINE, RegexOption.DOT_MATCHES_ALL}).iterator();
        int i = 0;
        while (it.hasNext()) {
            i |= ((RegexOption) ((FlagEnum) it.next())).value;
        }
        if ((i & 2) != 0) {
            i |= 64;
        }
        Pattern compile = Pattern.compile(".*-----BEGIN PRIVATE KEY-----([A-Za-z0-9+/=\\n]+)-----END PRIVATE KEY-----.*", i);
        LazyKt__LazyKt.checkNotNullExpressionValue("compile(...)", compile);
        PRIVATE_KEY_REGEX = new Regex(compile);
    }

    public static final KeyManager createKeyManagerForClientCertificate(String str, List list) {
        try {
            Regex regex = PRIVATE_KEY_REGEX;
            regex.getClass();
            Matcher matcher = regex.nativePattern.matcher(str);
            LazyKt__LazyKt.checkNotNullExpressionValue("matcher(...)", matcher);
            MatcherMatchResult matcherMatchResult = !matcher.matches() ? null : new MatcherMatchResult(matcher, str);
            if (matcherMatchResult == null) {
                throw new IllegalStateException("Failed to find private key in string".toString());
            }
            if (matcherMatchResult.groupValues_ == null) {
                matcherMatchResult.groupValues_ = new ReversedListReadOnly(matcherMatchResult);
            }
            ReversedListReadOnly reversedListReadOnly = matcherMatchResult.groupValues_;
            LazyKt__LazyKt.checkNotNull(reversedListReadOnly);
            PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(StringsKt__StringsKt.trim((String) reversedListReadOnly.get(1)).toString(), 0)));
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setKeyEntry("client", generatePrivate, null, (Certificate[]) list.toArray(new Certificate[0]));
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, null);
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            LazyKt__LazyKt.checkNotNullExpressionValue("getKeyManagers(...)", keyManagers);
            Object single = ArraysKt___ArraysKt.single(keyManagers);
            LazyKt__LazyKt.checkNotNullExpressionValue("single(...)", single);
            return (KeyManager) single;
        } catch (Exception unused) {
            throw new RuntimeException("Failed to parse client certificate's private key");
        }
    }

    public static final X509TrustManager createTrustManagerForCertificateChain(ByteArrayInputStream byteArrayInputStream, CertificateFactory certificateFactory) {
        try {
            Collection<? extends Certificate> generateCertificates = certificateFactory.generateCertificates(byteArrayInputStream);
            TuplesKt.closeFinally(byteArrayInputStream, null);
            LazyKt__LazyKt.checkNotNull(generateCertificates);
            if (generateCertificates.isEmpty()) {
                throw new RuntimeException("Did not read any certificates");
            }
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            int i = 0;
            for (Object obj : generateCertificates) {
                int i2 = i + 1;
                if (i < 0) {
                    UnsignedKt.throwIndexOverflow();
                    throw null;
                }
                keyStore.setCertificateEntry(String.valueOf(i), (Certificate) obj);
                i = i2;
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            LazyKt__LazyKt.checkNotNullExpressionValue("getTrustManagers(...)", trustManagers);
            Object single = ArraysKt___ArraysKt.single(trustManagers);
            LazyKt__LazyKt.checkNotNull("null cannot be cast to non-null type javax.net.ssl.X509TrustManager", single);
            return (X509TrustManager) single;
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                TuplesKt.closeFinally(byteArrayInputStream, th);
                throw th2;
            }
        }
    }
}
