package com.ticketmaster.voltron;

import androidx.annotation.NonNull;
import com.ticketmaster.voltron.datamodel.TapCookieJar;
import com.ticketmaster.voltron.exception.AuthException;
import com.ticketmaster.voltron.internal.security.TapX509TrustManager;
import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Cache;
import okhttp3.OkHttpClient;
import okhttp3.logging.HttpLoggingInterceptor;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class TrustClient {
    protected static final String ALIAS = "";
    private static final String CACHE_DIRECTORY = "lksdfi7783lhjkadf90";
    private static final int CACHE_SIZE = 5000000;
    protected static final char[] PASSWORD = new char[0];
    private static final String SSL_PROTOCOL = "TLS";
    private Cache httpCache;

    private TrustClient() throws AuthException {
    }

    private Cache getHttpCache() {
        if (this.httpCache == null) {
            this.httpCache = new Cache(new File(Voltron.getAppContext().getCacheDir() + CACHE_DIRECTORY), 5000000L);
        }
        return this.httpCache;
    }

    public static TrustClient getInstance() {
        return new TrustClient();
    }

    private SSLContext sslContextForTrustedCertificates() throws AuthException {
        try {
            KeyStore createKeystore = createKeystore();
            TrustManager[] createTrustManagers = createTrustManagers(createKeystore);
            KeyManager[] createKeyManagers = createKeyManagers(createKeystore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(createKeyManagers, createTrustManagers, null);
            return sSLContext;
        } catch (IOException | GeneralSecurityException e) {
            throw new AuthException("There is something wrong with the keystore. This should never happen in production.", e);
        }
    }

    protected KeyManager[] createKeyManagers(@NonNull KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, PASSWORD);
        return keyManagerFactory.getKeyManagers();
    }

    protected KeyStore createKeystore() throws GeneralSecurityException, IOException {
        TapCertificate tapCertificate = Ticketmaster.getInstance().getTapCertificate();
        PrivateKey privateKey = tapCertificate.getPrivateKey();
        Certificate[] certificateChain = tapCertificate.getCertificateChain();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, PASSWORD);
        keyStore.setKeyEntry("", privateKey, PASSWORD, certificateChain);
        return keyStore;
    }

    protected TrustManager[] createTrustManagers(@NonNull KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                trustManagers[i] = new TapX509TrustManager((X509TrustManager) trustManagers[i]);
            }
        }
        return trustManagers;
    }

    public OkHttpClient overrideDefaultOkHttpClient(OkHttpClient okHttpClient) {
        SSLContext sslContextForTrustedCertificates = sslContextForTrustedCertificates();
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.setLevel(Voltron.getConfig().isLoggingEnabled() ? HttpLoggingInterceptor.Level.BODY : HttpLoggingInterceptor.Level.NONE);
        TrustManager[] trustManagerArr = new TrustManager[0];
        try {
            trustManagerArr = createTrustManagers(createKeystore());
        } catch (IOException e) {
            e.printStackTrace();
        } catch (GeneralSecurityException e2) {
            e2.printStackTrace();
        }
        OkHttpClient.Builder newBuilder = okHttpClient.newBuilder();
        newBuilder.addInterceptor(new TapWSProxyInterceptor()).addInterceptor(httpLoggingInterceptor).sslSocketFactory(sslContextForTrustedCertificates.getSocketFactory(), (X509TrustManager) trustManagerArr[0]).cookieJar(new TapCookieJar()).cache(getHttpCache());
        return newBuilder.build();
    }
}
