package com.ca.mas.core.io.ssl;

import com.ca.mas.core.io.http.SingleKeyX509KeyManager;
import com.ca.mas.core.io.http.TrustedCertificateConfigurationTrustManager;
import com.ca.mas.core.store.StorageProvider;
import com.ca.mas.foundation.MASConfiguration;
import com.ca.mas.foundation.MASSecurityConfiguration;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;

/* loaded from: classes2.dex */
public class MAGSocketFactory {
    private static final String SSL_TLS_PROTOCOL = "TLS";
    private static final SecureRandom secureRandom = new SecureRandom();
    private X509Certificate[] clientCertChain;
    private PrivateKey clientCertPrivateKey;
    private MASSecurityConfiguration securityConfiguration;

    public MAGSocketFactory(MASSecurityConfiguration mASSecurityConfiguration) {
        this.clientCertPrivateKey = null;
        this.clientCertChain = null;
        this.securityConfiguration = mASSecurityConfiguration;
        try {
            if (MASConfiguration.getCurrentConfiguration() != null) {
                this.clientCertPrivateKey = StorageProvider.getInstance().getTokenManager().getClientPrivateKey();
                this.clientCertChain = StorageProvider.getInstance().getTokenManager().getClientCertificateChain();
            }
        } catch (IllegalStateException unused) {
        }
    }

    private SSLContext createSslContext() {
        KeyManager[] keyManagerArr;
        try {
            SSLContext sSLContext = SSLContext.getInstance(SSL_TLS_PROTOCOL);
            TrustManager[] trustManagerArr = {new TrustedCertificateConfigurationTrustManager(this.securityConfiguration)};
            if (this.clientCertPrivateKey != null && this.clientCertChain != null) {
                keyManagerArr = new KeyManager[]{new SingleKeyX509KeyManager(this.clientCertPrivateKey, this.clientCertChain)};
                sSLContext.init(keyManagerArr, trustManagerArr, secureRandom);
                return sSLContext;
            }
            keyManagerArr = new KeyManager[0];
            sSLContext.init(keyManagerArr, trustManagerArr, secureRandom);
            return sSLContext;
        } catch (Exception e10) {
            throw new RuntimeException("Unable to create SSL Context: " + e10.getMessage(), e10);
        }
    }

    public SSLSocketFactory createTLSSocketFactory() {
        return new TLSSocketFactory(createSslContext().getSocketFactory());
    }
}
