package com.tomtom.mydrive.communication;

import com.tomtom.mydrive.communication.common.AdditionalKeyStoresTrustManager;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyManagementException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import nl.nspyre.commons.logging.Logger;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.X500NameBuilder;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public class IdxConnectionHelper {
    public static final String CLIENT_COMMON_NAME = "SSLUnitTest";
    private static final int EXPIRATION_IN_DAYS = 3650;
    private static final String JCA_SIGNATURE_ALGORITHM = "SHA256WithRSAEncryption";
    private static final String KEYSTORE_KEY_ENTRY_ALIAS = "key";
    private static final String KEYSTORE_TYPE = "PKCS12";
    private static final char[] KEY_MANAGER_PASSWORD = "42flatskaas".toCharArray();
    private static final String KEY_PAIR_GENERATOR_ALGORITHM = "RSA";
    private static final int KEY_PAIR_SIZE = 2048;
    private static final int SERIAL_RANDOM_ADDITION = 10000;

    private static X509Certificate createCertificate(PublicKey publicKey, PrivateKey privateKey) {
        try {
            X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
            x500NameBuilder.addRDN(BCStyle.CN, CLIENT_COMMON_NAME);
            X500Name build = x500NameBuilder.build();
            BigInteger valueOf = BigInteger.valueOf((System.currentTimeMillis() * 10000) + new SecureRandom().nextInt(10000));
            Date date = new Date();
            Calendar calendar = Calendar.getInstance();
            calendar.setTime(date);
            calendar.add(5, EXPIRATION_IN_DAYS);
            X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(new JcaX509v3CertificateBuilder(build, valueOf, date, calendar.getTime(), build, publicKey).build(new JcaContentSignerBuilder(JCA_SIGNATURE_ALGORITHM).build(privateKey)));
            certificate.verify(publicKey);
            return certificate;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException | OperatorCreationException e) {
            e.printStackTrace();
            return null;
        }
    }

    private static KeyStore initializeKeyStore() throws IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
            keyStore.load(null, null);
            resetPrivateKey(keyStore, KEYSTORE_KEY_ENTRY_ALIAS);
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Logger.e(e, "Exception");
            return null;
        }
    }

    private static void resetPrivateKey(KeyStore keyStore, String str) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_PAIR_GENERATOR_ALGORITHM);
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        PublicKey publicKey = generateKeyPair.getPublic();
        PrivateKey privateKey = generateKeyPair.getPrivate();
        keyStore.setKeyEntry(str, privateKey, KEY_MANAGER_PASSWORD, new Certificate[]{createCertificate(publicKey, privateKey)});
    }

    public SSLContext createSslContext() throws IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException {
        KeyStore initializeKeyStore = initializeKeyStore();
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(initializeKeyStore, KEY_MANAGER_PASSWORD);
        AdditionalKeyStoresTrustManager additionalKeyStoresTrustManager = new AdditionalKeyStoresTrustManager(false, initializeKeyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{additionalKeyStoresTrustManager}, null);
        return sSLContext;
    }
}
