package com.tima.arms.utils;

import android.content.Context;
import android.webkit.SslErrorHandler;
import com.tima.arms.base.App;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Call;
import okhttp3.Callback;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okio.Buffer;
import org.eclipse.paho.client.mqttv3.internal.security.SSLSocketFactoryFactory;

/* loaded from: classes.dex */
public class HttpsUtils {
    private static final String CERTIFICATES = "-----BEGIN CERTIFICATE-----\nMIIG6jCCBdKgAwIBAgIQRLBDGxolhVU6ykEt+tiGtDANBgkqhkiG9w0BAQsFADB+\nMQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd\nBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj\nIENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE2MDgwMzAwMDAwMFoX\nDTE5MTEwMjIzNTk1OVoweTELMAkGA1UEBhMCQ04xEDAOBgNVBAgMB0ppYW5neGkx\nETAPBgNVBAcMCE5hbmNoYW5nMSEwHwYDVQQKDBhKaWFuZ2xpbmcgTW90b3JzIENv\nLixMVEQxCzAJBgNVBAsMAklUMRUwEwYDVQQDDAwqLmptYy5jb20uY24wggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXPaqTBvzqOZtzAPfHE7qz3Q8qCix4\nKs7479NR2Z3eZ06w+dKGaBwCq6nxPWC3Em8kaum1yV8WYKU1dLkea+nDGP37K176\niDJjVeDP9ZVoxSjuIwg7InsdiCbY7e6Z/q8Kd8BHopPbqmuVDhj+5m9Spr9BelwF\nqSxnaxm44mM4bsTiH3Cj96PbCoBcTL0KoNKkRLbpbaYkfRMpTpemOU0cDZbitUCj\nQHBBznG50GpH2PpPGiIq8HULQoy6pky7gUA4Hw1RFPVskSpD6b8+vZIQeOaCHSkB\ntezaAGYHIs5vnhAGlxKmSgvE0rnPwrTw7x02FZLISsSgx+3YwoYJQOIXAgMBAAGj\nggNnMIIDYzAjBgNVHREEHDAaggwqLmptYy5jb20uY26CCmptYy5jb20uY24wCQYD\nVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDov\nL3NzLnN5bWNiLmNvbS9zcy5jcmwwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggr\nBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwX\naHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG\nAQUFBwMCMB8GA1UdIwQYMBaAFF9gz2GQVd+EQxSKYCqy9Xr0QxjvMFcGCCsGAQUF\nBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NzLnN5bWNkLmNvbTAmBggrBgEF\nBQcwAoYaaHR0cDovL3NzLnN5bWNiLmNvbS9zcy5jcnQwggH2BgorBgEEAdZ5AgQC\nBIIB5gSCAeIB4AB3AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAAB\nVk4zYy0AAAQDAEgwRgIhAIP0VFEZwtJ6m/SsGGlmJwbwItC7p8dAIk13WPIZBpIJ\nAiEA28jqQZmJ0ZhNEDENGU7HGTlMD5qZ+yEmv9yXGAE5jpUAdQCkuQmQtBhYFIe7\nE6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVZOM2PVAAAEAwBGMEQCIGj9tyBScL1w\naAaMHeMGk0fb1ecLLbuxb3nvelMh08ciAiB2Ng4hiy3hpM6T/rLd7OUjEOTjDM5q\nwjp2AXBmYmvryAB2AGj2mPgfZIK+OozuuSgdTPxxUV1nk9RE0QpnrLtPT/vEAAAB\nVk4zY9YAAAQDAEcwRQIhAMFEV06oA48YS1dOu3EkOSoxU6eIrd54kqsTO9Otutfr\nAiB1rB89SY//HXAVfOQMWgMyLkhhuwmA296x3nFFneSHvgB2AO5Lvbd1zmC64UJp\nH6vhnmajD35fsHLYgwDEe4l6qP3LAAABVk4zZpoAAAQDAEcwRQIhAIkRsorjOT62\n8QGpivCTcImLs09yDu308J3HhCTKMgmLAiAzAfvWlJ/H28/7pLiW94sM1TIEtJwj\nanrWcoKaiyYhJDANBgkqhkiG9w0BAQsFAAOCAQEAjlRTwN1yCEFWtC7S0pS+peyV\nD4z7t50EJ9n5utvPfSK/ZrUm0TNTgyJai4+V5yoQkOl6VEs32RB2He4MghgXfa+Q\nrbg2vGWvje0dw/cFP2L0B+XrI49I7hErnbnD7/YObA8ZqiqIJYLc522MtJbBWhR2\nHTvOSPTBF6ASyQsjD2cubQX7JO8ue+jeUypH1thXX5ZMjeb87/uaFnrWhQwpyRc9\nnGPheMcgMBOzCFtrmFetjEE6DuMjEnISslnW1+pnZndY0DJxtrLIV7va/MQMHCMM\nBgusGnBzFHAuskrxq/LTWyA1tbQ+w1nCBvWqZKuFcmQwZY7nytpmBSsdh9BeQw==\n-----END CERTIFICATE-----";
    private static final String CERTIFICATES_FILE = "jmc.cer";
    public static final HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() { // from class: com.tima.arms.utils.HttpsUtils.1
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    };
    private static final String HOST_KEY = "CN=*.jmc.com.cn";

    /* loaded from: classes3.dex */
    private static class NotValidateTimeTrustManager implements X509TrustManager {
        private X509TrustManager defaultTrustManager;

        public NotValidateTimeTrustManager(X509TrustManager x509TrustManager) {
            this.defaultTrustManager = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                e.printStackTrace();
                for (Throwable th = e; th != null; th = th.getCause()) {
                    if ((th instanceof CertificateExpiredException) || (th instanceof CertificateNotYetValidException)) {
                        return;
                    }
                }
                throw e;
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.defaultTrustManager.getAcceptedIssuers();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class SafeHostnameVerifier implements HostnameVerifier {
        private SafeHostnameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            try {
                String peerHost = sSLSession.getPeerHost();
                for (X509Certificate x509Certificate : (X509Certificate[]) sSLSession.getPeerCertificates()) {
                    for (String str2 : x509Certificate.getSubjectX500Principal().getName().split(",")) {
                        if (str2.startsWith("CN") && peerHost.equals(str) && str2.contains(HttpsUtils.HOST_KEY)) {
                            return true;
                        }
                    }
                }
            } catch (SSLPeerUnverifiedException e) {
                e.printStackTrace();
            }
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static class Tls12SocketFactory extends SSLSocketFactory {
        private final String[] TLS_SUPPORT_VERSION = {"TLSv1.2"};
        final SSLSocketFactory delegate;

        public Tls12SocketFactory(SSLSocketFactory sSLSocketFactory) {
            this.delegate = sSLSocketFactory;
        }

        private Socket patch(Socket socket) {
            if (socket instanceof SSLSocket) {
                ((SSLSocket) socket).setEnabledProtocols(this.TLS_SUPPORT_VERSION);
            }
            return socket;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
            return patch(this.delegate.createSocket(str, i));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
            return patch(this.delegate.createSocket(str, i, inetAddress, i2));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
            return patch(this.delegate.createSocket(inetAddress, i));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
            return patch(this.delegate.createSocket(inetAddress, i, inetAddress2, i2));
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
            return patch(this.delegate.createSocket(socket, str, i, z));
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getDefaultCipherSuites() {
            return this.delegate.getDefaultCipherSuites();
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getSupportedCipherSuites() {
            return this.delegate.getSupportedCipherSuites();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class UnSafeTrustManager implements X509TrustManager {
        private UnSafeTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public static void OnCertificateOfVerification(final SslErrorHandler sslErrorHandler, String str) {
        OkHttpClient.Builder certificates = setCertificates(new OkHttpClient.Builder());
        certificates.build().newCall(new Request.Builder().url(str).build()).enqueue(new Callback() { // from class: com.tima.arms.utils.HttpsUtils.2
            @Override // okhttp3.Callback
            public void onFailure(Call call, IOException iOException) {
                LogUtils.debugInfo("证书验证失败", iOException.getMessage());
                sslErrorHandler.cancel();
            }

            @Override // okhttp3.Callback
            public void onResponse(Call call, Response response) throws IOException {
                LogUtils.debugInfo("证书验证成功", response.body().string());
                sslErrorHandler.proceed();
            }
        });
    }

    public static InputStream getCertificates(Context context) {
        try {
            return context.getAssets().open(CERTIFICATES_FILE);
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static InputStream getCertificates(Context context, String str) {
        try {
            return context.getAssets().open(str);
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static InputStream[] getCertificates(Context context, String... strArr) {
        if (context == null || strArr == null || strArr.length <= 0) {
            return null;
        }
        try {
            InputStream[] inputStreamArr = new InputStream[strArr.length];
            for (int i = 0; i < strArr.length; i++) {
                inputStreamArr[i] = context.getAssets().open(strArr[i]);
            }
            return inputStreamArr;
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static InputStream getCertificatesbyString() {
        return new Buffer().writeUtf8(CERTIFICATES).inputStream();
    }

    private static NotValidateTimeTrustManager[] getNotValidateTimeTrustManagers(X509TrustManager[] x509TrustManagerArr) {
        NotValidateTimeTrustManager[] notValidateTimeTrustManagerArr = new NotValidateTimeTrustManager[x509TrustManagerArr.length];
        for (int i = 0; i < x509TrustManagerArr.length; i++) {
            notValidateTimeTrustManagerArr[i] = new NotValidateTimeTrustManager(x509TrustManagerArr[i]);
        }
        return notValidateTimeTrustManagerArr;
    }

    public static SSLSocketFactory getSSLSocketFactory(InputStream inputStream, String str, InputStream... inputStreamArr) {
        try {
            prepareKeyManager(inputStream, str);
            SSLContext sSLContext = SSLContext.getInstance(SSLSocketFactoryFactory.DEFAULT_PROTOCOL);
            sSLContext.init(null, new TrustManager[]{new UnSafeTrustManager()}, new SecureRandom());
            return new Tls12SocketFactory(sSLContext.getSocketFactory());
        } catch (GeneralSecurityException e) {
            throw new AssertionError(e);
        }
    }

    public static SafeHostnameVerifier getSafeHostnameVerifier() {
        return new SafeHostnameVerifier();
    }

    public static void initHttpsUrlConnection(Context context) {
        InputStream certificatesbyString = getCertificatesbyString();
        HttpsURLConnection.setDefaultSSLSocketFactory(getSSLSocketFactory(null, null, certificatesbyString));
        if (certificatesbyString == null) {
            HttpsURLConnection.setDefaultHostnameVerifier(getSafeHostnameVerifier());
        }
    }

    private static KeyManager[] prepareKeyManager(InputStream inputStream, String str) {
        if (inputStream == null || str == null) {
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("BKS");
            keyStore.load(inputStream, str.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, str.toCharArray());
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static TrustManager[] prepareTrustManager(InputStream... inputStreamArr) {
        if (inputStreamArr == null || inputStreamArr.length <= 0) {
            return null;
        }
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            int length = inputStreamArr.length;
            int i = 0;
            int i2 = 0;
            while (i < length) {
                InputStream inputStream = inputStreamArr[i];
                int i3 = i2 + 1;
                keyStore.setCertificateEntry(Integer.toString(i2), certificateFactory.generateCertificate(inputStream));
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                    }
                }
                i++;
                i2 = i3;
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    private static OkHttpClient.Builder setCertificates(OkHttpClient.Builder builder) {
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.tima.arms.utils.HttpsUtils.3
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            builder.sslSocketFactory(sSLContext.getSocketFactory(), new UnSafeTrustManager());
        } catch (Exception e) {
            e.printStackTrace();
        }
        return builder;
    }

    public static void setSSLCertificatesOkHttpClient(OkHttpClient.Builder builder) {
        builder.sslSocketFactory(getSSLSocketFactory(null, null, getCertificates(App.INSTANCE, "jmcuat.cer")));
        builder.hostnameVerifier(DO_NOT_VERIFY);
        builder.retryOnConnectionFailure(true);
    }
}
