package com.dejian.imapic.utils;

import android.content.Context;
import android.text.TextUtils;
import android.util.Log;
import com.umeng.analytics.pro.b;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.net.URLEncoder;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import okhttp3.OkHttpClient;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: CertifyUtils.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000F\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u000b\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0011\n\u0002\b\u0002\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u000e\u0010\b\u001a\u00020\u00042\u0006\u0010\t\u001a\u00020\u0004J\u000e\u0010\n\u001a\u00020\u00042\u0006\u0010\u000b\u001a\u00020\u0004J\u001e\u0010\f\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\r2\u0006\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u0004J\u0016\u0010\u0012\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\r2\u0006\u0010\u0013\u001a\u00020\u0004J\u001a\u0010\u0014\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\r2\b\u0010\u0015\u001a\u0004\u0018\u00010\u0016H\u0002J \u0010\u0017\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\r2\u0006\u0010\u000f\u001a\u00020\u00102\b\b\u0002\u0010\u0011\u001a\u00020\u0004J\u001a\u0010\u0018\u001a\u0004\u0018\u00010\u00162\u0006\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0019\u001a\u00020\u0004H\u0002J\u0012\u0010\u0018\u001a\u0004\u0018\u00010\u00162\u0006\u0010\u0013\u001a\u00020\u0004H\u0002J\b\u0010\u001a\u001a\u0004\u0018\u00010\u001bJ\u000e\u0010\u001a\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\rJ#\u0010\u001c\u001a\u0004\u0018\u00010\u001d2\u0012\u0010\u001e\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u00160\u001f\"\u00020\u0016H\u0002¢\u0006\u0002\u0010 R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082\u000e¢\u0006\u0002\n\u0000R\u0014\u0010\u0005\u001a\u00020\u0006X\u0086D¢\u0006\b\n\u0000\u001a\u0004\b\u0005\u0010\u0007¨\u0006!"}, d2 = {"Lcom/dejian/imapic/utils/CertifyUtils;", "", "()V", "certifyAssetName", "", "isInternationalHost", "", "()Z", "getHeaderNameEncoded", "name", "getHeaderValueEncoded", "value", "getSSLClient", "Lokhttp3/OkHttpClient;", "client", b.M, "Landroid/content/Context;", "assetsSSLFileName", "getSSLClientByCertificateString", "certificate", "getSSLClientByInputStream", "inputStream", "Ljava/io/InputStream;", "getSSLClientIgnoreExpire", "getStream", "assetsFileName", "getTrustAllSSLClient", "Ljavax/net/ssl/SSLContext;", "setCertificates", "Ljavax/net/ssl/SSLSocketFactory;", "certificates", "", "([Ljava/io/InputStream;)Ljavax/net/ssl/SSLSocketFactory;", "app_debug"}, k = 1, mv = {1, 1, 15})
/* loaded from: classes2.dex */
public final class CertifyUtils {
    public static final CertifyUtils INSTANCE = new CertifyUtils();
    private static String certifyAssetName = "merculet.crt";
    private static final boolean isInternationalHost = true;

    private CertifyUtils() {
    }

    private final OkHttpClient getSSLClientByInputStream(OkHttpClient client, InputStream inputStream) {
        SSLSocketFactory certificates;
        if (inputStream == null || (certificates = setCertificates(inputStream)) == null) {
            return client;
        }
        OkHttpClient build = client.newBuilder().sslSocketFactory(certificates).build();
        Intrinsics.checkExpressionValueIsNotNull(build, "client.newBuilder().sslS…sslSocketFactory).build()");
        return build;
    }

    public static /* synthetic */ OkHttpClient getSSLClientIgnoreExpire$default(CertifyUtils certifyUtils, OkHttpClient okHttpClient, Context context, String str, int i, Object obj) {
        if ((i & 4) != 0) {
            str = certifyAssetName;
        }
        return certifyUtils.getSSLClientIgnoreExpire(okHttpClient, context, str);
    }

    private final InputStream getStream(Context context, String assetsFileName) {
        try {
            return context.getAssets().open(assetsFileName);
        } catch (Exception e) {
            return null;
        }
    }

    private final InputStream getStream(String certificate) {
        try {
            Charset forName = Charset.forName("UTF-8");
            Intrinsics.checkExpressionValueIsNotNull(forName, "Charset.forName(charsetName)");
            if (certificate == null) {
                throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = certificate.getBytes(forName);
            Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
            return new ByteArrayInputStream(bytes);
        } catch (Exception e) {
            return null;
        }
    }

    private final SSLSocketFactory setCertificates(InputStream... certificates) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            int i = 0;
            int length = certificates.length;
            int i2 = 0;
            while (i2 < length) {
                InputStream inputStream = certificates[i2];
                int i3 = i + 1;
                keyStore.setCertificateEntry(Integer.toString(i), certificateFactory.generateCertificate(inputStream));
                try {
                    inputStream.close();
                } catch (Exception e) {
                    e.printStackTrace();
                }
                i2++;
                i = i3;
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sslContext = SSLContext.getInstance("TLS");
            Intrinsics.checkExpressionValueIsNotNull(trustManagerFactory, "trustManagerFactory");
            sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
            Intrinsics.checkExpressionValueIsNotNull(sslContext, "sslContext");
            return sslContext.getSocketFactory();
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    @NotNull
    public final String getHeaderNameEncoded(@NotNull String name) {
        Intrinsics.checkParameterIsNotNull(name, "name");
        if (TextUtils.isEmpty(name)) {
            return "null";
        }
        int length = name.length();
        for (int i = 0; i < length; i++) {
            char charAt = name.charAt(i);
            if (charAt <= ' ' || charAt >= 127) {
                try {
                    String encode = URLEncoder.encode(name, "UTF-8");
                    Intrinsics.checkExpressionValueIsNotNull(encode, "URLEncoder.encode(name, \"UTF-8\")");
                    return encode;
                } catch (Exception e) {
                    e.printStackTrace();
                    return " ";
                }
            }
        }
        return name;
    }

    @NotNull
    public final String getHeaderValueEncoded(@NotNull String value) {
        Intrinsics.checkParameterIsNotNull(value, "value");
        if (TextUtils.isEmpty(value)) {
            return " ";
        }
        int length = value.length();
        for (int i = 0; i < length; i++) {
            char charAt = value.charAt(i);
            if ((charAt <= 31 && charAt != '\t') || charAt >= 127) {
                try {
                    String encode = URLEncoder.encode(value, "UTF-8");
                    Intrinsics.checkExpressionValueIsNotNull(encode, "URLEncoder.encode(value, \"UTF-8\")");
                    return encode;
                } catch (Exception e) {
                    e.printStackTrace();
                    return " ";
                }
            }
        }
        return value;
    }

    @NotNull
    public final OkHttpClient getSSLClient(@NotNull OkHttpClient client, @NotNull Context context, @NotNull String assetsSSLFileName) {
        Intrinsics.checkParameterIsNotNull(client, "client");
        Intrinsics.checkParameterIsNotNull(context, "context");
        Intrinsics.checkParameterIsNotNull(assetsSSLFileName, "assetsSSLFileName");
        return getSSLClientByInputStream(client, getStream(context, assetsSSLFileName));
    }

    @NotNull
    public final OkHttpClient getSSLClientByCertificateString(@NotNull OkHttpClient client, @NotNull String certificate) {
        Intrinsics.checkParameterIsNotNull(client, "client");
        Intrinsics.checkParameterIsNotNull(certificate, "certificate");
        return getSSLClientByInputStream(client, getStream(certificate));
    }

    @NotNull
    public final OkHttpClient getSSLClientIgnoreExpire(@NotNull OkHttpClient client, @NotNull Context context, @NotNull String assetsSSLFileName) {
        Intrinsics.checkParameterIsNotNull(client, "client");
        Intrinsics.checkParameterIsNotNull(context, "context");
        Intrinsics.checkParameterIsNotNull(assetsSSLFileName, "assetsSSLFileName");
        InputStream stream = getStream(context, assetsSSLFileName);
        Throwable th = (Throwable) null;
        try {
            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(stream);
            if (generateCertificate == null) {
                throw new TypeCastException("null cannot be cast to non-null type java.security.cert.X509Certificate");
            }
            X500Principal pubSubjectDN = ((X509Certificate) generateCertificate).getSubjectX500Principal();
            X500Principal pubIssuerDN = ((X509Certificate) generateCertificate).getIssuerX500Principal();
            Intrinsics.checkExpressionValueIsNotNull(pubSubjectDN, "pubSubjectDN");
            final String name = pubSubjectDN.getName();
            Intrinsics.checkExpressionValueIsNotNull(name, "pubSubjectDN.name");
            Intrinsics.checkExpressionValueIsNotNull(pubIssuerDN, "pubIssuerDN");
            final String name2 = pubIssuerDN.getName();
            Intrinsics.checkExpressionValueIsNotNull(name2, "pubIssuerDN.name");
            X509TrustManager[] x509TrustManagerArr = {new X509TrustManager() { // from class: com.dejian.imapic.utils.CertifyUtils$getSSLClientIgnoreExpire$1$trustManagers$1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(@NotNull X509Certificate[] chain, @NotNull String authType) throws CertificateException {
                    Intrinsics.checkParameterIsNotNull(chain, "chain");
                    Intrinsics.checkParameterIsNotNull(authType, "authType");
                    try {
                        TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
                        tmf.init((KeyStore) null);
                        Intrinsics.checkExpressionValueIsNotNull(tmf, "tmf");
                        for (TrustManager trustManager : tmf.getTrustManagers()) {
                            if (trustManager == null) {
                                throw new TypeCastException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
                            }
                            ((X509TrustManager) trustManager).checkClientTrusted(chain, authType);
                        }
                    } catch (Exception e) {
                        throw new CertificateException(e);
                    }
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(@NotNull X509Certificate[] chain, @NotNull String authType) throws CertificateException {
                    Intrinsics.checkParameterIsNotNull(chain, "chain");
                    Intrinsics.checkParameterIsNotNull(authType, "authType");
                    try {
                        TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
                        tmf.init((KeyStore) null);
                        Intrinsics.checkExpressionValueIsNotNull(tmf, "tmf");
                        for (TrustManager trustManager : tmf.getTrustManagers()) {
                            if (trustManager == null) {
                                throw new TypeCastException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
                            }
                            ((X509TrustManager) trustManager).checkServerTrusted(chain, authType);
                        }
                        Intrinsics.checkExpressionValueIsNotNull(chain[0].getSubjectX500Principal(), "chain[0].subjectX500Principal");
                        if (!Intrinsics.areEqual(r0.getName(), name)) {
                            throw new CertificateException("server's SubjectDN is not equals to client's SubjectDN");
                        }
                        Intrinsics.checkExpressionValueIsNotNull(chain[0].getIssuerX500Principal(), "chain[0].issuerX500Principal");
                        if (!Intrinsics.areEqual(r0.getName(), name2)) {
                            throw new CertificateException("server's IssuerDN is not equals to client's IssuerDN");
                        }
                    } catch (Exception e) {
                        throw new CertificateException(e);
                    }
                }

                @Override // javax.net.ssl.X509TrustManager
                @NotNull
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sslContext = SSLContext.getInstance("SSL");
            sslContext.init(null, x509TrustManagerArr, new SecureRandom());
            Intrinsics.checkExpressionValueIsNotNull(sslContext, "sslContext");
            SSLSocketFactory socketFactory = sslContext.getSocketFactory();
            OkHttpClient.Builder newBuilder = client.newBuilder();
            newBuilder.sslSocketFactory(socketFactory, x509TrustManagerArr[0]);
            OkHttpClient build = newBuilder.build();
            Intrinsics.checkExpressionValueIsNotNull(build, "builder.build()");
            return build;
        } finally {
            CloseableKt.closeFinally(stream, th);
        }
    }

    @Nullable
    public final SSLContext getTrustAllSSLClient() {
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.dejian.imapic.utils.CertifyUtils$getTrustAllSSLClient$trustAllCerts$1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(@NotNull X509Certificate[] chain, @NotNull String authType) throws CertificateException {
                Intrinsics.checkParameterIsNotNull(chain, "chain");
                Intrinsics.checkParameterIsNotNull(authType, "authType");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(@NotNull X509Certificate[] chain, @NotNull String authType) throws CertificateException {
                Intrinsics.checkParameterIsNotNull(chain, "chain");
                Intrinsics.checkParameterIsNotNull(authType, "authType");
            }

            @Override // javax.net.ssl.X509TrustManager
            @NotNull
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }};
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            return sSLContext;
        } catch (Exception e) {
            return null;
        }
    }

    @NotNull
    public final OkHttpClient getTrustAllSSLClient(@NotNull OkHttpClient client) {
        Intrinsics.checkParameterIsNotNull(client, "client");
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.dejian.imapic.utils.CertifyUtils$getTrustAllSSLClient$trustManagers$1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(@NotNull X509Certificate[] chain, @NotNull String authType) throws CertificateException {
                    Intrinsics.checkParameterIsNotNull(chain, "chain");
                    Intrinsics.checkParameterIsNotNull(authType, "authType");
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(@NotNull X509Certificate[] chain, @NotNull String authType) throws CertificateException {
                    Intrinsics.checkParameterIsNotNull(chain, "chain");
                    Intrinsics.checkParameterIsNotNull(authType, "authType");
                }

                @Override // javax.net.ssl.X509TrustManager
                @NotNull
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sslContext = SSLContext.getInstance("SSL");
            sslContext.init(null, trustManagerArr, new SecureRandom());
            Intrinsics.checkExpressionValueIsNotNull(sslContext, "sslContext");
            SSLSocketFactory socketFactory = sslContext.getSocketFactory();
            OkHttpClient.Builder newBuilder = client.newBuilder();
            newBuilder.sslSocketFactory(socketFactory);
            newBuilder.hostnameVerifier(new HostnameVerifier() { // from class: com.dejian.imapic.utils.CertifyUtils$getTrustAllSSLClient$1
                @Override // javax.net.ssl.HostnameVerifier
                public final boolean verify(String str, SSLSession sSLSession) {
                    Log.e("verify", str);
                    return true;
                }
            });
            OkHttpClient build = newBuilder.build();
            Intrinsics.checkExpressionValueIsNotNull(build, "builder.build()");
            return build;
        } catch (Exception e) {
            return client;
        }
    }

    public final boolean isInternationalHost() {
        return isInternationalHost;
    }
}
