package com.danale.sdk.http.okhttp.okhttpclient;

import android.text.TextUtils;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import okhttp3.ConnectionPool;
import okhttp3.OkHttpClient;
import okhttp3.internal.Util;
import okhttp3.internal.tls.OkHostnameVerifier;

/* loaded from: classes.dex */
public class UnSafeOkHttpsClient implements CustomOkHttpClientInterface {
    private static String DANALE_CERT_HOST = ".ictun.com";
    private static String DANALE_VERIF_HOST_A_DNS = ".a-http-dns.ictun.com";
    private static String DANALE_VERIF_HOST_D_DNS = ".d-http-dns.ictun.com";
    private static String DANALE_VERIF_HOST_S_DNS = ".cq11344.app-http-dns.ictun.com";
    private static String DANALE_VERIF_HOST_TEST_DNS = "app-api-1-slb-env-cmp-test.ictun.com";

    private TrustManager[] getAllTrustManagers() {
        return new TrustManager[]{new X509TrustManager() { // from class: com.danale.sdk.http.okhttp.okhttpclient.UnSafeOkHttpsClient.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }};
    }

    private SSLSocketFactory getAllTrustSSLSocketFactory() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            if (sSLContext == null) {
                return null;
            }
            try {
                sSLContext.init(null, getAllTrustManagers(), new SecureRandom());
                return sSLContext.getSocketFactory();
            } catch (KeyManagementException e) {
                e.printStackTrace();
                return null;
            }
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    private HostnameVerifier getTrustDanaleHostnameVerifier() {
        return new HostnameVerifier() { // from class: com.danale.sdk.http.okhttp.okhttpclient.UnSafeOkHttpsClient.2
            private List<String> getSubjectAlt(X509Certificate x509Certificate, int i) {
                Integer num;
                String str;
                ArrayList arrayList = new ArrayList();
                try {
                    Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                    if (subjectAlternativeNames == null) {
                        return Collections.emptyList();
                    }
                    for (List<?> list : subjectAlternativeNames) {
                        if (list != null && list.size() >= 2 && (num = (Integer) list.get(0)) != null && num.intValue() == i && (str = (String) list.get(1)) != null) {
                            arrayList.add(str);
                        }
                    }
                    return arrayList;
                } catch (CertificateParsingException unused) {
                    return Collections.emptyList();
                }
            }

            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                if (!Util.verifyAsIpAddress(str) && !str.endsWith(UnSafeOkHttpsClient.DANALE_VERIF_HOST_D_DNS) && !str.endsWith(UnSafeOkHttpsClient.DANALE_VERIF_HOST_A_DNS) && !str.endsWith(UnSafeOkHttpsClient.DANALE_VERIF_HOST_S_DNS) && !str.endsWith(UnSafeOkHttpsClient.DANALE_VERIF_HOST_TEST_DNS)) {
                    return OkHostnameVerifier.INSTANCE.verify(str, sSLSession);
                }
                try {
                    X509Certificate x509Certificate = (X509Certificate) sSLSession.getPeerCertificates()[0];
                    List<String> subjectAlt = getSubjectAlt(x509Certificate, 2);
                    int size = subjectAlt.size();
                    for (int i = 0; i < size; i++) {
                        String str2 = subjectAlt.get(i);
                        if (!TextUtils.isEmpty(str2) && str2.endsWith(UnSafeOkHttpsClient.DANALE_CERT_HOST)) {
                            return true;
                        }
                    }
                    String findMostSpecific = new CustomDistinguishedNameParser(x509Certificate.getSubjectX500Principal()).findMostSpecific("cn");
                    if (findMostSpecific != null) {
                        return findMostSpecific.endsWith(UnSafeOkHttpsClient.DANALE_CERT_HOST);
                    }
                    return false;
                } catch (SSLException unused) {
                    return false;
                }
            }
        };
    }

    @Override // com.danale.sdk.http.okhttp.okhttpclient.CustomOkHttpClientInterface
    public OkHttpClient newOkHttpClient() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.hostnameVerifier(getTrustDanaleHostnameVerifier());
        builder.connectionPool(new ConnectionPool(5, 1L, TimeUnit.SECONDS));
        return builder.build();
    }
}
