package com.vwgroup.sdk.backendconnector.util;

import com.vwgroup.sdk.utility.logger.L;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

@Singleton
/* loaded from: classes.dex */
public class RootCertificatesRestrictingSocketFactory {
    private static String[][] CC = {new String[]{"g1c1ppca", "Class 1 Public Primary Certification Authority.cer"}, new String[]{"g1c2ppca", "Class 2 Public Primary Certification Authority.cer"}, new String[]{"g1c3ppca", "Class 3 Public Primary Certification Authority.cer"}, new String[]{"g2c1ppca", "Class 1 Public Primary Certification Authority - G2.cer"}, new String[]{"g2c2ppca", "Class 2 Public Primary Certification Authority - G2.cer"}, new String[]{"g2c3ppca", "Class 3 Public Primary Certification Authority - G2.cer"}, new String[]{"g2c4ppca", "Class 4 Public Primary Certification Authority - G2.cer"}, new String[]{"g3c1ppca", "VeriSign Class 1 Public Primary Certification Authority - G3.cer"}, new String[]{"g3c2ppca", "VeriSign Class 2 Public Primary Certification Authority - G3.cer"}, new String[]{"g3c3ppca", "VeriSign Class 3 Public Primary Certification Authority - G3.cer"}, new String[]{"g3c4ppca", "VeriSign Class 4 Public Primary Certification Authority - G3.cer"}, new String[]{"g4c3ppca", "VeriSign Class 3 Public Primary Certification Authority - G4.cer"}, new String[]{"g5c3ppca", "VeriSign Class 3 Public Primary Certification Authority - G5.cer"}, new String[]{"urca", "VeriSign Universal Root Certification Authority.cer"}, new String[]{"dcgrca", "DigiCertGlobalRootCA.cer"}};

    @Inject
    public RootCertificatesRestrictingSocketFactory() {
    }

    private Certificate createCertificate(CertificateFactory certificateFactory, String str) throws CertificateException, IOException {
        InputStream resourceAsStream = getClass().getResourceAsStream("/assets/" + str);
        try {
            return certificateFactory.generateCertificate(resourceAsStream);
        } finally {
            resourceAsStream.close();
        }
    }

    private SSLContext createContext() throws IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (String[] strArr : CC) {
                keyStore.setCertificateEntry(strArr[0], createCertificate(certificateFactory, strArr[1]));
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            L.w(e, "caught exception while checking server certificate", new Object[0]);
            throw new IOException(e);
        }
    }

    public SSLSocketFactory getPinnedCertSslSocketFactory() {
        try {
            return createContext().getSocketFactory();
        } catch (IOException e) {
            throw new RuntimeException("Could not create a SSL Context!");
        }
    }
}
