package com.assaabloy.stg.cliq.go.android.backend.administration;

import com.assaabloy.stg.cliq.android.common.util.log.Logger;
import com.assaabloy.stg.cliq.go.android.backend.AbstractSslCertificateHandler;
import com.assaabloy.stg.cliq.go.android.backend.TestModeUtil;
import com.assaabloy.stg.cliq.go.android.domain.AuthorizationEntry;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import okhttp3.internal.tls.OkHostnameVerifier;

/* loaded from: classes.dex */
public class CwmSslCertificateHandler extends AbstractSslCertificateHandler {
    private static final String CLIENT_CERTIFICATE_TYPE = "PKCS12";
    public static final String TAG = "CwmSslCertificateHandler";
    private static volatile CwmSslCertificateHandler instance;
    private X509Certificate certificate;
    private Key key;
    private final Logger logger = new Logger(this, TAG);
    private final Map<String, Listener> listeners = new ConcurrentHashMap();

    /* loaded from: classes.dex */
    public static final class CallFromTestsOnly {
        private static final String TEST_CLIENT_CERTIFICATE_FILE = "src/test/resources/3-AESTestSyst003-137412b8-4a00-11e4-9e35-164230d1df67.p12";
        private static final char[] TEST_CLIENT_CERTIFICATE_PASSWORD = {'1', '2', '3', '4', '5', '6'};

        private CallFromTestsOnly() {
        }

        static /* synthetic */ KeyStore access$100() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
            return getTestClientKeyStore();
        }

        private static KeyStore getTestClientKeyStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
            InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(TEST_CLIENT_CERTIFICATE_FILE);
            KeyStore keyStore = KeyStore.getInstance(CwmSslCertificateHandler.CLIENT_CERTIFICATE_TYPE);
            keyStore.load(resourceAsStream, TEST_CLIENT_CERTIFICATE_PASSWORD);
            return keyStore;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public interface Listener {
        void onChange(CwmSslCertificateHandler cwmSslCertificateHandler);
    }

    private CwmSslCertificateHandler() {
    }

    private KeyStore getClientKeyStore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        return TestModeUtil.isTestMode() ? CallFromTestsOnly.access$100() : getRealClientKeyStore();
    }

    private static char[] getClientKeyStorePassword() {
        if (TestModeUtil.isTestMode()) {
            return CallFromTestsOnly.TEST_CLIENT_CERTIFICATE_PASSWORD;
        }
        return null;
    }

    public static CwmSslCertificateHandler getInstance() {
        CwmSslCertificateHandler cwmSslCertificateHandler = instance;
        if (cwmSslCertificateHandler == null) {
            synchronized (CwmSslCertificateHandler.class) {
                try {
                    cwmSslCertificateHandler = instance;
                    if (cwmSslCertificateHandler == null) {
                        CwmSslCertificateHandler cwmSslCertificateHandler2 = new CwmSslCertificateHandler();
                        try {
                            instance = cwmSslCertificateHandler2;
                            cwmSslCertificateHandler = cwmSslCertificateHandler2;
                        } catch (Throwable th) {
                            th = th;
                            throw th;
                        }
                    }
                } catch (Throwable th2) {
                    th = th2;
                }
            }
        }
        return cwmSslCertificateHandler;
    }

    private KeyStore getRealClientKeyStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        Certificate[] certificateArr = {this.certificate};
        KeyStore keyStore = KeyStore.getInstance(CLIENT_CERTIFICATE_TYPE);
        keyStore.load(null, null);
        keyStore.setKeyEntry(AuthorizationEntry.CURRENT, this.key, null, certificateArr);
        return keyStore;
    }

    private void notifyListeners() {
        Iterator<Listener> it = this.listeners.values().iterator();
        while (it.hasNext()) {
            it.next().onChange(this);
        }
    }

    private static String toLogString(X509Certificate x509Certificate) {
        return String.valueOf(x509Certificate == null ? null : x509Certificate.getSubjectDN());
    }

    public void deleteAllCerts() {
        this.logger.debug("deleteAllCerts()");
        this.certificate = null;
        this.key = null;
        notifyListeners();
    }

    @Override // com.assaabloy.stg.cliq.go.android.backend.AbstractSslCertificateHandler
    protected HostnameVerifier getHostnameVerifier() {
        return OkHostnameVerifier.INSTANCE;
    }

    @Override // com.assaabloy.stg.cliq.go.android.backend.AbstractSslCertificateHandler
    protected KeyManagerFactory getKeyManagerFactory() {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(getClientKeyStore(), getClientKeyStorePassword());
            return keyManagerFactory;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new AbstractSslCertificateHandler.SslCertificateHandlingException(e.getMessage(), e);
        }
    }

    @Override // com.assaabloy.stg.cliq.go.android.backend.AbstractSslCertificateHandler
    protected String getSslAssetDirectory() {
        return "ssl/cliqwebmanager";
    }

    public void registerListener(String str, Listener listener) {
        this.listeners.put(str, listener);
    }

    public void setCredential(X509Certificate x509Certificate, Key key) {
        this.logger.debug(String.format("setCredential(certificate=[%s], key=[%s])", toLogString(x509Certificate), key));
        this.certificate = x509Certificate;
        this.key = key;
        try {
            try {
                KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).init(getClientKeyStore(), getClientKeyStorePassword());
                notifyListeners();
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
                throw new AbstractSslCertificateHandler.SslCertificateHandlingException(e.getMessage(), e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new AbstractSslCertificateHandler.SslCertificateHandlingException(e2.getMessage(), e2);
        }
    }
}
