package com.huawei.nis.android.http.ssl;

import com.huawei.nis.android.http.HttpSocketProxy;
import com.huawei.nis.android.log.Log;
import java.io.IOException;
import java.io.InputStream;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes9.dex */
public class HttpSSLContext {
    private static final String TAG = "HttpSSLContext";
    public static String certType = "X.509";
    public static String protocol = "TLS";

    public static void checkServerTrust(InputStream inputStream, X509Certificate[] x509CertificateArr) {
        try {
            if (x509CertificateArr != null) {
                try {
                } catch (Exception unused) {
                    Log.b("校验证书异常");
                    if (inputStream == null) {
                        return;
                    }
                }
                if (x509CertificateArr.length != 0) {
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(certType).generateCertificate(inputStream);
                    inputStream.close();
                    for (X509Certificate x509Certificate2 : x509CertificateArr) {
                        x509Certificate2.checkValidity();
                        if (!x509Certificate2.getPublicKey().equals(x509Certificate.getPublicKey()) || !x509Certificate2.getSubjectDN().equals(x509Certificate.getSubjectDN()) || !x509Certificate2.getIssuerDN().equals(x509Certificate.getIssuerDN()) || !x509Certificate2.getSerialNumber().equals(x509Certificate.getSerialNumber())) {
                            throw new CertificateException("socket证书校验异常");
                        }
                    }
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                            return;
                        } catch (IOException unused2) {
                            Log.b("读取证书流异常");
                            return;
                        }
                    }
                    return;
                }
            }
            throw new CertificateException("socket证书校验异常");
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException unused3) {
                    Log.b("读取证书流异常");
                }
            }
            throw th;
        }
    }

    public static SSLSocketFactory getFakeSocketFactory() {
        try {
            return HttpSocketProxy.create().getCustomSocketFactory();
        } catch (Exception unused) {
            Log.b(TAG, "can't find IHttpSocketFactory implement");
            SSLContext sSLContext = null;
            try {
                sSLContext = SSLContext.getInstance(protocol);
            } catch (NoSuchAlgorithmException unused2) {
                Log.b(TAG, "no default");
            }
            return sSLContext.getSocketFactory();
        }
    }

    public static SSLSocketFactory getFakeSocketFactory(String str) {
        try {
            return HttpSocketProxy.create(str).getCustomSocketFactory();
        } catch (Exception unused) {
            Log.b(TAG, "can't find IHttpSocketFactory implement" + str);
            try {
                return SSLContext.getInstance(protocol).getSocketFactory();
            } catch (NoSuchAlgorithmException unused2) {
                Log.b(TAG, "no default");
                return null;
            }
        }
    }

    public static SSLSocketFactory getSingleSocketFactory(InputStream inputStream) {
        try {
            return getWebSocketFactory(inputStream);
        } catch (Exception e) {
            Log.a("HTTP SSL", e.getMessage(), e);
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x001d A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static javax.net.ssl.SSLSocketFactory getSingleSocketFactoryByAssets(android.content.Context r3, java.lang.String r4) {
        /*
            java.lang.String r0 = "HTTP SSL"
            r1 = 0
            android.content.res.AssetManager r3 = r3.getAssets()     // Catch: java.io.IOException -> L12
            java.io.InputStream r3 = r3.open(r4)     // Catch: java.io.IOException -> L12
            javax.net.ssl.SSLSocketFactory r1 = getSingleSocketFactory(r3)     // Catch: java.io.IOException -> L10
            goto L1b
        L10:
            r4 = move-exception
            goto L14
        L12:
            r4 = move-exception
            r3 = r1
        L14:
            java.lang.String r2 = r4.getMessage()
            com.huawei.nis.android.log.Log.a(r0, r2, r4)
        L1b:
            if (r3 == 0) goto L29
            r3.close()     // Catch: java.io.IOException -> L21
            goto L29
        L21:
            r3 = move-exception
            java.lang.String r4 = r3.getMessage()
            com.huawei.nis.android.log.Log.a(r0, r4, r3)
        L29:
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.huawei.nis.android.http.ssl.HttpSSLContext.getSingleSocketFactoryByAssets(android.content.Context, java.lang.String):javax.net.ssl.SSLSocketFactory");
    }

    private static SSLSocketFactory getWebSocketFactory(final InputStream inputStream) {
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.huawei.nis.android.http.ssl.HttpSSLContext.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                Log.c(HttpSSLContext.TAG, "checkClientTrusted");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                HttpSSLContext.checkServerTrust(inputStream, x509CertificateArr);
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }};
        try {
            SSLContext sSLContext = SSLContext.getInstance(protocol);
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            Log.c(TAG, "setWebSocketFactory: " + e.getMessage());
            return null;
        }
    }
}
