package org.littleshoot.proxy.mitm;

import java.security.KeyManagementException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.Date;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes3.dex */
public final class CertificateHelper {
    private static final int FAKE_KEYSIZE = 1024;
    private static final String KEYGEN_ALGORITHM = "RSA";
    private static final Date NOT_AFTER;
    private static final Date NOT_BEFORE;
    private static final long ONE_DAY = 86400000;
    private static final int ROOT_KEYSIZE = 2048;
    private static final String SECURE_RANDOM_ALGORITHM = "SHA1PRNG";
    private static final String SIGNATURE_ALGORITHM;
    private static final String SSL_CONTEXT_FALLBACK_PROTOCOL = "TLSv1";
    private static final String SSL_CONTEXT_PROTOCOL = "TLSv1.2";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CertificateHelper.class);

    static {
        SIGNATURE_ALGORITHM = (is32BitJvm() ? "SHA256" : "SHA512") + "WithRSAEncryption";
        NOT_BEFORE = new Date(System.currentTimeMillis() - 31536000000L);
        NOT_AFTER = new Date(System.currentTimeMillis() + 630720000000L);
    }

    private CertificateHelper() {
    }

    public static KeyPair generateKeyPair(int i) throws NoSuchAlgorithmException, NoSuchProviderException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(i, SecureRandom.getInstance("SHA1PRNG"));
        return keyPairGenerator.generateKeyPair();
    }

    public static KeyManager[] getKeyManagers(KeyStore keyStore, Authority authority) throws NoSuchAlgorithmException, NoSuchProviderException, UnrecoverableKeyException, KeyStoreException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, authority.password());
        return keyManagerFactory.getKeyManagers();
    }

    private static boolean is32BitJvm() {
        Integer integer = Integer.getInteger("sun.arch.data.model");
        return integer != null && integer.intValue() == 32;
    }

    public static SSLContext newClientContext(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr) throws NoSuchAlgorithmException, KeyManagementException, NoSuchProviderException {
        SSLContext newClientSSLContext = newClientSSLContext();
        newClientSSLContext.init(keyManagerArr, trustManagerArr, null);
        return newClientSSLContext;
    }

    private static SSLContext newClientSSLContext() throws NoSuchAlgorithmException {
        try {
            log.debug("Using default protocol {}", "TLS");
            return SSLContext.getInstance("TLS");
        } catch (NoSuchAlgorithmException e) {
            try {
                log.debug("Using protocol {}", SSL_CONTEXT_PROTOCOL);
                return SSLContext.getInstance(SSL_CONTEXT_PROTOCOL);
            } catch (NoSuchAlgorithmException e2) {
                log.warn("Protocol {} not available, falling back to {}", SSL_CONTEXT_PROTOCOL, SSL_CONTEXT_FALLBACK_PROTOCOL);
                return SSLContext.getInstance(SSL_CONTEXT_FALLBACK_PROTOCOL);
            }
        }
    }

    public static SSLContext newServerContext(KeyManager[] keyManagerArr) throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException {
        SSLContext newServerSSLContext = newServerSSLContext();
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.setSeed(System.currentTimeMillis());
        newServerSSLContext.init(keyManagerArr, null, secureRandom);
        return newServerSSLContext;
    }

    private static SSLContext newServerSSLContext() throws NoSuchAlgorithmException {
        try {
            log.debug("Using protocol {}", SSL_CONTEXT_PROTOCOL);
            return SSLContext.getInstance(SSL_CONTEXT_PROTOCOL);
        } catch (NoSuchAlgorithmException e) {
            log.warn("Protocol {} not available, falling back to {}", SSL_CONTEXT_PROTOCOL, SSL_CONTEXT_FALLBACK_PROTOCOL);
            return SSLContext.getInstance(SSL_CONTEXT_FALLBACK_PROTOCOL);
        }
    }
}
