package com.shizhuang.duapp.common.helper.net.sslpining;

import android.content.Context;
import cn.leancloud.AVUser;
import com.meituan.robust.ChangeQuickRedirect;
import com.meituan.robust.PatchProxy;
import com.meituan.robust.PatchProxyResult;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import timber.log.Timber;

/* loaded from: classes10.dex */
public class TrustManagerCreator {
    public static boolean b = false;
    public static int c;
    public static ChangeQuickRedirect changeQuickRedirect;

    /* renamed from: a, reason: collision with root package name */
    public MyTrustManager f16209a;

    /* loaded from: classes10.dex */
    public class MyTrustManager implements X509TrustManager {
        public static ChangeQuickRedirect changeQuickRedirect;

        public MyTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (PatchProxy.proxy(new Object[]{x509CertificateArr, str}, this, changeQuickRedirect, false, 4305, new Class[]{X509Certificate[].class, String.class}, Void.TYPE).isSupported) {
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (PatchProxy.proxy(new Object[]{x509CertificateArr, str}, this, changeQuickRedirect, false, 4306, new Class[]{X509Certificate[].class, String.class}, Void.TYPE).isSupported) {
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 4307, new Class[0], X509Certificate[].class);
            return proxy.isSupported ? (X509Certificate[]) proxy.result : new X509Certificate[0];
        }
    }

    /* loaded from: classes10.dex */
    public class TrustAllHostnameVerifier implements HostnameVerifier {
        public static ChangeQuickRedirect changeQuickRedirect;

        public TrustAllHostnameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{str, sSLSession}, this, changeQuickRedirect, false, 4308, new Class[]{String.class, SSLSession.class}, Boolean.TYPE);
            if (proxy.isSupported) {
                return ((Boolean) proxy.result).booleanValue();
            }
            return true;
        }
    }

    public static KeyStore a(char[] cArr) throws GeneralSecurityException {
        PatchProxyResult proxy = PatchProxy.proxy(new Object[]{cArr}, null, changeQuickRedirect, true, 4302, new Class[]{char[].class}, KeyStore.class);
        if (proxy.isSupported) {
            return (KeyStore) proxy.result;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, cArr);
            return keyStore;
        } catch (IOException e2) {
            throw new AssertionError(e2);
        }
    }

    private SSLSocketFactory a() {
        PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 4300, new Class[0], SSLSocketFactory.class);
        if (proxy.isSupported) {
            return (SSLSocketFactory) proxy.result;
        }
        try {
            this.f16209a = new MyTrustManager();
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{this.f16209a}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static SSLSocketFactory a(X509TrustManager x509TrustManager) throws NoSuchAlgorithmException, KeyManagementException {
        PatchProxyResult proxy = PatchProxy.proxy(new Object[]{x509TrustManager}, null, changeQuickRedirect, true, 4304, new Class[]{X509TrustManager.class}, SSLSocketFactory.class);
        if (proxy.isSupported) {
            return (SSLSocketFactory) proxy.result;
        }
        if (x509TrustManager == null) {
            return null;
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
        return sSLContext.getSocketFactory();
    }

    public static X509TrustManager a(Context context) throws GeneralSecurityException, UnsupportedOperationException {
        PatchProxyResult proxy = PatchProxy.proxy(new Object[]{context}, null, changeQuickRedirect, true, 4301, new Class[]{Context.class}, X509TrustManager.class);
        if (proxy.isSupported) {
            return (X509TrustManager) proxy.result;
        }
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        InputStream b2 = SSLPiningUtil.b(context);
        if (b2 == null) {
            b = true;
            throw new UnsupportedOperationException("the certifications is expired");
        }
        Collection<? extends Certificate> generateCertificates = certificateFactory.generateCertificates(b2);
        Timber.c("certificates.size=%s", Integer.valueOf(generateCertificates.size()));
        c = generateCertificates.size();
        if (generateCertificates.isEmpty()) {
            throw new IllegalArgumentException("expected non-empty set of trusted certificates");
        }
        char[] charArray = AVUser.ATTR_PASSWORD.toCharArray();
        KeyStore a2 = a(charArray);
        Iterator<? extends Certificate> it = generateCertificates.iterator();
        int i2 = 0;
        while (it.hasNext()) {
            a2.setCertificateEntry(Integer.toString(i2), it.next());
            i2++;
        }
        KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).init(a2, charArray);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(a2);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
            return (X509TrustManager) trustManagers[0];
        }
        throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
    }

    /* JADX WARN: Removed duplicated region for block: B:22:0x00c3 A[ADDED_TO_REGION] */
    /* JADX WARN: Removed duplicated region for block: B:26:? A[ADDED_TO_REGION, RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void a(android.content.Context r11, java.lang.String r12, java.lang.String r13, okhttp3.OkHttpClient.Builder r14) {
        /*
            java.lang.Class<java.lang.String> r0 = java.lang.String.class
            r1 = 4
            java.lang.Object[] r2 = new java.lang.Object[r1]
            r9 = 0
            r2[r9] = r11
            r10 = 1
            r2[r10] = r12
            r3 = 2
            r2[r3] = r13
            r4 = 3
            r2[r4] = r14
            com.meituan.robust.ChangeQuickRedirect r5 = com.shizhuang.duapp.common.helper.net.sslpining.TrustManagerCreator.changeQuickRedirect
            java.lang.Class[] r7 = new java.lang.Class[r1]
            java.lang.Class<android.content.Context> r1 = android.content.Context.class
            r7[r9] = r1
            r7[r10] = r0
            r7[r3] = r0
            java.lang.Class<okhttp3.OkHttpClient$Builder> r0 = okhttp3.OkHttpClient.Builder.class
            r7[r4] = r0
            java.lang.Class r8 = java.lang.Void.TYPE
            r3 = 0
            r0 = 1
            r6 = 4303(0x10cf, float:6.03E-42)
            r4 = r5
            r5 = r0
            com.meituan.robust.PatchProxyResult r0 = com.meituan.robust.PatchProxy.proxy(r2, r3, r4, r5, r6, r7, r8)
            boolean r0 = r0.isSupported
            if (r0 == 0) goto L32
            return
        L32:
            boolean r0 = com.shizhuang.duapp.common.config.DuConfig.f15581a
            if (r0 == 0) goto L45
            java.lang.String r0 = "sslpining_config"
            com.tencent.mmkv.MMKV r0 = com.tencent.mmkv.MMKV.mmkvWithID(r0)
            java.lang.String r1 = "switch"
            boolean r0 = r0.getBoolean(r1, r10)
            if (r0 != 0) goto L45
            return
        L45:
            java.lang.String r0 = "dewu.com"
            boolean r1 = r12.contains(r0)
            r2 = 0
            if (r1 == 0) goto Lc0
            boolean r0 = r13.contains(r0)
            if (r0 == 0) goto Lc0
            java.lang.Class<java.lang.Boolean> r0 = java.lang.Boolean.class
            java.lang.Boolean r1 = java.lang.Boolean.valueOf(r9)
            java.lang.String r3 = "network"
            java.lang.String r4 = "ssl"
            java.lang.Object r0 = com.shizhuang.duapp.common.helper.ConfigCenterHelper.a(r3, r4, r0, r1)
            java.lang.Boolean r0 = (java.lang.Boolean) r0
            boolean r0 = r0.booleanValue()
            if (r0 == 0) goto Lc0
            javax.net.ssl.X509TrustManager r11 = a(r11)     // Catch: java.lang.Exception -> L75
            javax.net.ssl.SSLSocketFactory r2 = a(r11)     // Catch: java.lang.Exception -> L73
            goto Lc1
        L73:
            r0 = move-exception
            goto L77
        L75:
            r0 = move-exception
            r11 = r2
        L77:
            r0.printStackTrace()
            java.util.HashMap r1 = new java.util.HashMap
            r1.<init>()
            if (r11 != 0) goto L83
            r11 = r2
            goto L87
        L83:
            java.lang.String r11 = r11.toString()
        L87:
            java.lang.String r3 = "X509TrustManager"
            r1.put(r3, r11)
            java.lang.StringBuilder r11 = new java.lang.StringBuilder
            r11.<init>()
            r11.append(r12)
            java.lang.String r12 = "/n"
            r11.append(r12)
            r11.append(r13)
            java.lang.String r11 = r11.toString()
            java.lang.String r12 = "url"
            r1.put(r12, r11)
            boolean r11 = com.shizhuang.duapp.common.helper.net.sslpining.TrustManagerCreator.b
            java.lang.String r11 = java.lang.Boolean.toString(r11)
            java.lang.String r12 = "expired"
            r1.put(r12, r11)
            int r11 = com.shizhuang.duapp.common.helper.net.sslpining.TrustManagerCreator.c
            java.lang.String r11 = java.lang.Integer.toString(r11)
            java.lang.String r12 = "certSize"
            r1.put(r12, r11)
            java.lang.String r11 = "sslpining"
            com.shizhuang.duapp.common.helper.BusinessHelper.a(r11, r0, r1)
        Lc0:
            r11 = r2
        Lc1:
            if (r2 == 0) goto Lc8
            if (r11 == 0) goto Lc8
            r14.sslSocketFactory(r2, r11)
        Lc8:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.shizhuang.duapp.common.helper.net.sslpining.TrustManagerCreator.a(android.content.Context, java.lang.String, java.lang.String, okhttp3.OkHttpClient$Builder):void");
    }
}
