package com.livenation.tap.services.auth;

import com.livenation.tap.services.TAPWebService;
import com.mobileroadie.constants.Fmt;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class TAPSSLSocketFactory extends SSLSocketFactory {
    private static Logger logger = LoggerFactory.getLogger(TAPSSLSocketFactory.class);
    private SSLContext sslcontext;

    public TAPSSLSocketFactory(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore);
        this.sslcontext = null;
    }

    private static KeyManager[] createKeyManagers(KeyStore keyStore, String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore may not be null");
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, str != null ? str.toCharArray() : null);
        return keyManagerFactory.getKeyManagers();
    }

    private KeyStore createKeyStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance("BKS");
        InputStream inputStream = null;
        try {
            inputStream = TAPSSLHttpClient.openTAPCert();
            keyStore.load(inputStream, TAPWebService.getClientCertPassword().toCharArray());
            return keyStore;
        } finally {
            if (inputStream != null) {
                inputStream.close();
            }
        }
    }

    private SSLContext createSSLContext() {
        if (TAPWebService.DEBUG_ENABLED) {
            logger.error("createSSLContext");
        }
        try {
            KeyStore createKeyStore = createKeyStore();
            if (TAPWebService.DEBUG_ENABLED) {
                Enumeration<String> aliases = createKeyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    Certificate[] certificateChain = createKeyStore.getCertificateChain(nextElement);
                    if (certificateChain != null) {
                        logger.debug("Certificate chain '" + nextElement + "':");
                        for (int i = 0; i < certificateChain.length; i++) {
                            if (certificateChain[i] instanceof X509Certificate) {
                                X509Certificate x509Certificate = (X509Certificate) certificateChain[i];
                                logger.debug(" Certificate " + (i + 1) + Fmt.COLON);
                                logger.debug("  Subject DN: " + x509Certificate.getSubjectDN());
                                logger.debug("  Signature Algorithm: " + x509Certificate.getSigAlgName());
                                logger.debug("  Valid from: " + x509Certificate.getNotBefore());
                                logger.debug("  Valid until: " + x509Certificate.getNotAfter());
                                logger.debug("  Issuer: " + x509Certificate.getIssuerDN());
                            }
                        }
                    }
                }
            }
            KeyManager[] createKeyManagers = createKeyManagers(createKeyStore, TAPWebService.getClientCertPassword());
            KeyStore createKeyStore2 = createKeyStore();
            if (TAPWebService.DEBUG_ENABLED) {
                Enumeration<String> aliases2 = createKeyStore2.aliases();
                while (aliases2.hasMoreElements()) {
                    String nextElement2 = aliases2.nextElement();
                    logger.debug("Trusted certificate '" + nextElement2 + "':");
                    Certificate certificate = createKeyStore2.getCertificate(nextElement2);
                    if (certificate != null && (certificate instanceof X509Certificate)) {
                        X509Certificate x509Certificate2 = (X509Certificate) certificate;
                        logger.debug("  Subject DN: " + x509Certificate2.getSubjectDN());
                        logger.debug("  Signature Algorithm: " + x509Certificate2.getSigAlgName());
                        logger.debug("  Valid from: " + x509Certificate2.getNotBefore());
                        logger.debug("  Valid until: " + x509Certificate2.getNotAfter());
                        logger.debug("  Issuer: " + x509Certificate2.getIssuerDN());
                    }
                }
            }
            TrustManager[] createTrustManagers = createTrustManagers(createKeyStore2);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(createKeyManagers, createTrustManagers, null);
            return sSLContext;
        } catch (IOException e) {
            logger.error(e.getMessage());
            throw new AuthSSLInitializationError("I/O error reading keystore/truststore file: " + e.getMessage());
        } catch (KeyStoreException e2) {
            logger.error(e2.getMessage());
            throw new AuthSSLInitializationError("Keystore exception: " + e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            logger.error(e3.getMessage());
            throw new AuthSSLInitializationError("Unsupported algorithm exception: " + e3.getMessage());
        } catch (GeneralSecurityException e4) {
            logger.error(e4.getMessage());
            throw new AuthSSLInitializationError("Key management exception: " + e4.getMessage());
        }
    }

    private static TrustManager[] createTrustManagers(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException {
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore may not be null");
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                trustManagers[i] = new AuthSSLX509TrustManager((X509TrustManager) trustManagers[i]);
            }
        }
        return trustManagers;
    }

    private SSLContext getSSLContext() {
        if (this.sslcontext == null) {
            this.sslcontext = createSSLContext();
        }
        return this.sslcontext;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        if (TAPWebService.DEBUG_ENABLED) {
            logger.debug("createSocket");
        }
        return getSSLContext().getSocketFactory().createSocket();
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        if (TAPWebService.DEBUG_ENABLED) {
            logger.debug("createSocket(Socket socket,String host,int port,boolean autoClose)");
        }
        return getSSLContext().getSocketFactory().createSocket(socket, str, i, z);
    }
}
