package sccba.ebank.base.okhttp.https;

import com.bangcle.andJni.JniLib1555402563;
import com.brtbeacon.sdk.BRTThrowable;
import com.ums.xutils.CertificateUtils;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.spongycastle.crypto.tls.CipherSuite;
import sccba.ebank.base.log.SELog;
import sccba.ebank.base.network.URLManager;
import sccba.ebank.base.utils.Switch;

/* loaded from: classes.dex */
public class HttpsUtils {
    private static final String TAG = "HttpsUtils";

    /* loaded from: classes4.dex */
    private static class MyTrustManager implements X509TrustManager {
        private X509TrustManager defaultTrustManager;
        private X509TrustManager localTrustManager;

        public MyTrustManager(X509TrustManager x509TrustManager) throws NoSuchAlgorithmException, KeyStoreException {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            this.defaultTrustManager = HttpsUtils.chooseTrustManager(trustManagerFactory.getTrustManagers());
            this.localTrustManager = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            JniLib1555402563.cV(this, x509CertificateArr, str, Integer.valueOf(BRTThrowable.CODE_DISCOVERSERVICES_133));
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (Switch.isCertVerify) {
                try {
                    this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
                } catch (CertificateException e) {
                    String message = e.getMessage();
                    if (message == null || !message.contains("Certificate expired at")) {
                        SELog.e(HttpsUtils.TAG, "校验服务器证书失败： " + message);
                        throw new CertificateException("AE1002:服务器证书不合法，请您在安全的网络条件下使用本应用。");
                    }
                    SELog.e(HttpsUtils.TAG, "证书已经过期或是失效!");
                    for (int i = 0; i < x509CertificateArr.length; i++) {
                        String name = x509CertificateArr[i].getSubjectDN().getName();
                        SELog.e(HttpsUtils.TAG, "i: " + i + "\n subjectDN: " + name + "\n issuer: " + x509CertificateArr[i].getIssuerDN().getName());
                        if (name != null && (name.contains(URLManager.getBaseDomain()) || name.contains("*.qlbchina.com") || name.contains(".qsbank.cc") || name.contains(".bankwf.com") || name.contains(".dzbchina.com") || name.contains(".dyccb.net") || name.contains(".lsbankchina.com") || name.contains(".lsbchina.com") || name.contains(".taccb.com") || name.contains(".yantaibank.net"))) {
                            return;
                        }
                    }
                    throw new CertificateException("AE1003:服务器证书不可信，请您在安全的网络条件下使用本应用。");
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* loaded from: classes.dex */
    public static class SSLParams {
        public SSLSocketFactory sSLSocketFactory;
        public X509TrustManager trustManager;
    }

    /* loaded from: classes4.dex */
    private class UnSafeHostnameVerifier implements HostnameVerifier {
        private UnSafeHostnameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return JniLib1555402563.cZ(this, str, sSLSession, 134);
        }
    }

    /* loaded from: classes4.dex */
    private static class UnSafeTrustManager implements X509TrustManager {
        private UnSafeTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            JniLib1555402563.cV(this, x509CertificateArr, str, 135);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            JniLib1555402563.cV(this, x509CertificateArr, str, 136);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static X509TrustManager chooseTrustManager(TrustManager[] trustManagerArr) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    public static SSLParams getSslSocketFactory(InputStream[] inputStreamArr, InputStream inputStream, String str) {
        return (SSLParams) JniLib1555402563.cL(inputStreamArr, inputStream, str, 137);
    }

    private static KeyManager[] prepareKeyManager(InputStream inputStream, String str) {
        return (KeyManager[]) JniLib1555402563.cL(inputStream, str, Integer.valueOf(CipherSuite.TLS_PSK_WITH_RC4_128_SHA));
    }

    private static TrustManager[] prepareTrustManager(InputStream... inputStreamArr) {
        if (inputStreamArr != null && inputStreamArr.length > 0) {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateUtils.X509, "BC");
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null);
                int length = inputStreamArr.length;
                int i = 0;
                int i2 = 0;
                while (i2 < length) {
                    InputStream inputStream = inputStreamArr[i2];
                    int i3 = i + 1;
                    keyStore.setCertificateEntry(Integer.toString(i), certificateFactory.generateCertificate(inputStream));
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (IOException unused) {
                        }
                    }
                    i2++;
                    i = i3;
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                return trustManagerFactory.getTrustManagers();
            } catch (KeyStoreException e) {
                e.printStackTrace();
            } catch (NoSuchAlgorithmException e2) {
                e2.printStackTrace();
            } catch (CertificateException e3) {
                e3.printStackTrace();
            } catch (Exception e4) {
                e4.printStackTrace();
            }
        }
        return null;
    }
}
