package com.sonymobile.sonymap.cloud;

import android.content.Context;
import com.google.android.gms.common.GooglePlayServicesNotAvailableException;
import com.google.android.gms.common.GooglePlayServicesRepairableException;
import com.google.android.gms.security.ProviderInstaller;
import com.sonymobile.debug.Debug;
import java.io.BufferedInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes.dex */
public class PinUtils {
    private static final String[] TRUSTED_CERTS = {"trustedCerts/Builtin Object Token-DigiCert High Assurance EV Root CA"};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class TrustedCert {
        final String mAlias;
        final Certificate mCertificate;

        TrustedCert(String str, Certificate certificate) {
            this.mAlias = str;
            this.mCertificate = certificate;
        }
    }

    public static SSLContext create(Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            for (TrustedCert trustedCert : readTrustedCerts(context)) {
                keyStore.setCertificateEntry(trustedCert.mAlias, trustedCert.mCertificate);
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            tryInstallGMSSecurityProvider(context);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (IOException | GeneralSecurityException e) {
            if (Debug.DEBUGMODE) {
                Debug.D.logE(PinUtils.class, "Unable to initialize SSL Context ", e);
            }
            throw new IllegalStateException("Unable to initialize SSL Context", e);
        }
    }

    private static void debugPrintProviders() {
        Debug.D.logD(PinUtils.class, "Listing security providers");
        for (Provider provider : Security.getProviders()) {
            Debug.D.logD(PinUtils.class, provider.getName());
        }
    }

    private static List<TrustedCert> readTrustedCerts(Context context) throws CertificateException, IOException {
        ArrayList arrayList = new ArrayList();
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        for (String str : TRUSTED_CERTS) {
            arrayList.add(new TrustedCert(str, certificateFactory.generateCertificate(new BufferedInputStream(context.getAssets().open(str)))));
        }
        return arrayList;
    }

    private static void tryInstallGMSSecurityProvider(Context context) {
        try {
            ProviderInstaller.installIfNeeded(context);
        } catch (GooglePlayServicesNotAvailableException | GooglePlayServicesRepairableException e) {
            Debug.D.logW(PinUtils.class, "Unable to install GMS security provider");
        }
        if (Debug.DEBUGMODE) {
            debugPrintProviders();
        }
    }
}
