package com.nykj.flathttp.core.ssl;

import com.ny.jiuyi160_doctor.common.util.h;
import com.ny.jiuyi160_doctor.common.util.p;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.eclipse.paho.client.mqttv3.internal.security.SSLSocketFactoryFactory;

/* loaded from: classes3.dex */
public class NyHttpsTrustManager implements X509TrustManager {
    private static final String TAG = NyHttpsTrustManager.class.getSimpleName();

    /* renamed from: tm, reason: collision with root package name */
    private final X509TrustManager f95040tm = platformTrustManager();

    public static SSLSocketFactory getSslSocketFactory(X509TrustManager x509TrustManager) {
        try {
            SSLContext sSLContext = SSLContext.getInstance(SSLSocketFactoryFactory.DEFAULT_PROTOCOL);
            sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private boolean isCertArrayValid(X509Certificate[] x509CertificateArr) {
        boolean z11;
        int length = x509CertificateArr.length;
        if (x509CertificateArr.length <= 0) {
            return false;
        }
        Iterator<String> it2 = h.i(x509CertificateArr[0].getSubjectDN().getName(), ",").iterator();
        while (true) {
            if (!it2.hasNext()) {
                z11 = false;
                break;
            }
            String next = it2.next();
            if (next != null && next.contains("91160.com")) {
                z11 = true;
                break;
            }
        }
        return z11;
    }

    private static void log(String str) {
        p.a(TAG, str);
    }

    private static X509TrustManager platformTrustManager() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return (X509TrustManager) trustManagers[0];
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("No System TLS", e);
        }
    }

    private static void traceCert(X509Certificate x509Certificate) {
        try {
            log("版本：" + x509Certificate.getVersion());
            log("序列号：" + x509Certificate.getSerialNumber());
            log("签名：" + x509Certificate.getSignature());
            log("签名算法：" + x509Certificate.getSigAlgName());
            log("签发者：" + x509Certificate.getIssuerX500Principal());
            log("签发者ID：" + x509Certificate.getIssuerUniqueID());
            log("签发者DN：" + x509Certificate.getIssuerDN());
            log("使用者：" + x509Certificate.getSubjectX500Principal());
            log("使用者ID：" + x509Certificate.getSubjectUniqueID());
            log("使用者DN：" + x509Certificate.getSubjectDN());
            log("从：" + x509Certificate.getNotBefore());
            log("到：" + x509Certificate.getNotAfter());
            log("秘钥用法：" + x509Certificate.getKeyUsage());
            log("基本约束：" + x509Certificate.getBasicConstraints());
            log("公钥算法：" + x509Certificate.getPublicKey().getAlgorithm());
            log("公钥格式：" + x509Certificate.getPublicKey().getFormat());
            log("公钥编码：" + x509Certificate.getPublicKey().getEncoded());
            log("公钥：" + x509Certificate.getPublicKey());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.f95040tm.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.f95040tm.checkServerTrusted(x509CertificateArr, str);
        if (!isCertArrayValid(x509CertificateArr)) {
            throw new CertificateException("certificate chain is invalid.");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Certificate[] acceptedIssuers = this.f95040tm.getAcceptedIssuers();
        p.a(TAG, "getAcceptedIssuers " + acceptedIssuers);
        return acceptedIssuers;
    }
}
