package com.squareup.okhttp.internal;

import com.facebook.appevents.AppEventsConstants;
import java.io.IOException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import rx.internal.util.RxRingBuffer;

/* loaded from: classes.dex */
public final class SslContextBuilder {
    private static final long ONE_DAY_MILLIS = 86400000;
    private static SSLContext localhost;
    private final String hostName;
    private long notBefore = System.currentTimeMillis();
    private long notAfter = System.currentTimeMillis() + 86400000;

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public SslContextBuilder(String str) {
        this.hostName = str;
    }

    public static synchronized SSLContext localhost() {
        SSLContext sSLContext;
        synchronized (SslContextBuilder.class) {
            if (localhost == null) {
                try {
                    localhost = new SslContextBuilder(InetAddress.getByName("localhost").getHostName()).build();
                } catch (UnknownHostException e) {
                    throw new RuntimeException(e);
                } catch (GeneralSecurityException e2) {
                    throw new RuntimeException(e2);
                }
            }
            sSLContext = localhost;
        }
        return sSLContext;
    }

    private KeyStore newEmptyKeyStore(char[] cArr) throws GeneralSecurityException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, cArr);
            return keyStore;
        } catch (IOException e) {
            throw new AssertionError(e);
        }
    }

    public SSLContext build() throws GeneralSecurityException {
        char[] charArray = "password".toCharArray();
        KeyPair generateKeyPair = generateKeyPair();
        X509Certificate selfSignedCertificate = selfSignedCertificate(generateKeyPair, AppEventsConstants.EVENT_PARAM_VALUE_YES);
        KeyStore newEmptyKeyStore = newEmptyKeyStore(charArray);
        newEmptyKeyStore.setKeyEntry("private", generateKeyPair.getPrivate(), charArray, new Certificate[]{selfSignedCertificate});
        newEmptyKeyStore.setCertificateEntry("cert", selfSignedCertificate);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(newEmptyKeyStore, charArray);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(newEmptyKeyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    public KeyPair generateKeyPair() throws GeneralSecurityException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
        keyPairGenerator.initialize(RxRingBuffer.SIZE, new SecureRandom());
        return keyPairGenerator.generateKeyPair();
    }

    public X509Certificate selfSignedCertificate(KeyPair keyPair, String str) throws GeneralSecurityException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        X500Principal x500Principal = new X500Principal("CN=" + this.hostName);
        X500Principal x500Principal2 = new X500Principal("CN=" + this.hostName);
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(str));
        x509V3CertificateGenerator.setIssuerDN(x500Principal);
        x509V3CertificateGenerator.setNotBefore(new Date(this.notBefore));
        x509V3CertificateGenerator.setNotAfter(new Date(this.notAfter));
        x509V3CertificateGenerator.setSubjectDN(x500Principal2);
        x509V3CertificateGenerator.setPublicKey(keyPair.getPublic());
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA256WithRSAEncryption");
        return x509V3CertificateGenerator.generateX509Certificate(keyPair.getPrivate(), "BC");
    }
}
