package com.amazon.whisperlink.feature.security.android;

import android.content.Context;
import com.amazon.whisperlink.platform.PlatformManager;
import com.amazon.whisperlink.platform.listener.CertificateChangeListener;
import com.amazon.whisperlink.platform.listener.PlatformStateListener;
import com.amazon.whisperlink.util.Log;
import com.amazon.whisperplay.feature.security.CertificateSourceFeature;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public final class PasswordProviderFactory {
    private static final String KEY_MANAGER_TYPE = KeyManagerFactory.getDefaultAlgorithm();
    private static final String TAG = "PasswordProviderFactory";
    private static final String TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256";
    private static final String TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
    private boolean isInitialized;
    private Context mContext;
    private KeyManager[] mKeyManagers;
    private WPSSLTransportParameters mParams;
    private SecureX509TrustManager mTrustManager = new SecureX509TrustManager();

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes2.dex */
    public static class SecureX509TrustManager implements X509TrustManager {
        private SecureX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            Log.info(PasswordProviderFactory.TAG, "Nothing to do for checkClientTrusted. Accepting all certificates");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            Log.info(PasswordProviderFactory.TAG, "Nothing to do for checkServerTrusted. Accepting all certificates");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            Log.info(PasswordProviderFactory.TAG, "Nothing to do for getAcceptedIssuers. Accepting all certificates");
            return null;
        }

        public void init(Context context) {
            try {
                ((CertificateSourceFeature) PlatformManager.getPlatformManager().getFeature(CertificateSourceFeature.class)).getTrustStore(context);
            } catch (Exception e2) {
                Log.error(PasswordProviderFactory.TAG, "Failed to initialize TrustManagerFactory ", e2);
            }
        }
    }

    public PasswordProviderFactory(Context context) {
        this.mContext = context;
        CertificateSourceFeature certificateSourceFeature = (CertificateSourceFeature) PlatformManager.getPlatformManager().getFeature(CertificateSourceFeature.class);
        WPSSLTransportParameters wPSSLTransportParameters = new WPSSLTransportParameters();
        this.mParams = wPSSLTransportParameters;
        wPSSLTransportParameters.setKeyStore(certificateSourceFeature.getPassword(this.mContext));
        this.mParams.setTrustStore(certificateSourceFeature.getPassword(this.mContext));
        WPSSLTransportParameters wPSSLTransportParameters2 = this.mParams;
        wPSSLTransportParameters2.clientAuth = true;
        wPSSLTransportParameters2.setCipherSuites(new String[]{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256});
        if (PlatformManager.getPlatformManager().isStarted()) {
            Log.debug(TAG, "Calling init from constructor");
            init();
        } else {
            PlatformManager.getPlatformManager().registerListener(new PlatformStateListener(this) { // from class: com.amazon.whisperlink.feature.security.android.PasswordProviderFactory.1
                final PasswordProviderFactory this$0;

                {
                    this.this$0 = this;
                }

                @Override // com.amazon.whisperlink.platform.listener.PlatformStateListener
                public void onStarted() {
                    Log.debug(PasswordProviderFactory.TAG, "Calling init from onStarted()");
                    this.this$0.init();
                }

                @Override // com.amazon.whisperlink.platform.listener.PlatformStateListener
                public void onStopping() {
                }
            });
        }
        PlatformManager.getPlatformManager().registerListener(new CertificateChangeListener(this) { // from class: com.amazon.whisperlink.feature.security.android.PasswordProviderFactory.2
            final PasswordProviderFactory this$0;

            {
                this.this$0 = this;
            }

            @Override // com.amazon.whisperlink.platform.listener.CertificateChangeListener
            public void certificateChanged() {
                try {
                    Log.debug(PasswordProviderFactory.TAG, "Cert changed, re-initializing");
                    this.this$0.initKeyManager();
                } catch (Exception e2) {
                    Log.error(PasswordProviderFactory.TAG, "Failed to initialize PasswordProviderFactory :" + e2.getMessage(), e2);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void init() {
        synchronized (this) {
            if (!this.isInitialized) {
                this.mTrustManager.init(this.mContext);
                try {
                    initKeyManager();
                    this.isInitialized = true;
                } catch (Exception e2) {
                    Log.error(TAG, "Failed to initialize PasswordProviderFactory ", e2);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void initKeyManager() throws Exception {
        CertificateSourceFeature certificateSourceFeature = (CertificateSourceFeature) PlatformManager.getPlatformManager().getFeature(CertificateSourceFeature.class);
        KeyStore keyStore = certificateSourceFeature.getKeyStore(this.mContext);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
        keyManagerFactory.init(keyStore, certificateSourceFeature.getPassword(this.mContext).toCharArray());
        synchronized (this) {
            this.mKeyManagers = keyManagerFactory.getKeyManagers();
        }
        Log.debug(TAG, "Initialized KeyManagers");
    }

    public KeyManager[] getKeyManagers() {
        KeyManager[] keyManagerArr;
        synchronized (this) {
            keyManagerArr = this.mKeyManagers;
        }
        return keyManagerArr;
    }

    public PasswordProvider getPasswordProvider() {
        init();
        return new PasswordProvider(this) { // from class: com.amazon.whisperlink.feature.security.android.PasswordProviderFactory.3
            final PasswordProviderFactory this$0;

            {
                this.this$0 = this;
            }

            @Override // com.amazon.whisperlink.feature.security.android.PasswordProvider
            public KeyManager[] getKeyManagers() {
                return this.this$0.getKeyManagers();
            }

            @Override // com.amazon.whisperlink.feature.security.android.PasswordProvider
            public WPSSLTransportParameters getSSLParams() {
                return this.this$0.mParams;
            }

            @Override // com.amazon.whisperlink.feature.security.android.PasswordProvider
            public TrustManager[] getTrustManagers() {
                return this.this$0.getTrustManagers();
            }

            @Override // com.amazon.whisperlink.feature.security.android.PasswordProvider
            public void validateParams() throws Exception {
                CertificateSourceFeature certificateSourceFeature = (CertificateSourceFeature) PlatformManager.getPlatformManager().getFeature(CertificateSourceFeature.class);
                if (certificateSourceFeature.verifyLoadedCertificate()) {
                    return;
                }
                Log.debug(PasswordProviderFactory.TAG, "Cert not valid. Attempting to getKeyStore again");
                certificateSourceFeature.getKeyStore(this.this$0.mContext);
                this.this$0.initKeyManager();
            }
        };
    }

    public TrustManager[] getTrustManagers() {
        SecureX509TrustManager secureX509TrustManager;
        synchronized (this) {
            secureX509TrustManager = this.mTrustManager;
        }
        return new X509TrustManager[]{secureX509TrustManager};
    }
}
