package com.idsky.lingdo.utilities.basic.net.okhttp.zhy.clients;

import android.content.Context;
import android.util.Log;
import com.idsky.lingdo.utilities.basic.net.okhttp.zhy.OkHttpUtils;
import com.idsky.lingdo.utilities.basic.thirdparty.okhttp.okhttp3.OkHttpClient;
import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class BaseHostClient {
    private static final String TAG = "BaseHostClient";
    private String cerName;
    private SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");

    /* JADX INFO: Access modifiers changed from: package-private */
    public BaseHostClient(String str) {
        this.cerName = str;
    }

    public OkHttpClient createClient(final Context context) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLSv1", "AndroidOpenSSL");
            X509TrustManager x509TrustManager = new X509TrustManager() { // from class: com.idsky.lingdo.utilities.basic.net.okhttp.zhy.clients.BaseHostClient.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                    Log.d(BaseHostClient.TAG, "--- checkClientTrusted ---");
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                    Log.d(BaseHostClient.TAG, "--- checkServerTrusted ---");
                    if (OkHttpUtils.getInstance().isPacketCaptureSwitch()) {
                        return;
                    }
                    if (x509CertificateArr == null || x509CertificateArr.length == 0) {
                        throw new IllegalArgumentException("null or zero-length certificate chain");
                    }
                    if (str == null || str.length() == 0) {
                        throw new IllegalArgumentException("null or zero-length authentication type");
                    }
                    Certificate unifyCertificate = BaseHostClient.this.getUnifyCertificate(context);
                    if (unifyCertificate == null) {
                        return;
                    }
                    try {
                        Calendar calendar = Calendar.getInstance();
                        calendar.setTime(new Date());
                        calendar.add(5, 45);
                        BaseHostClient.this.formatter.format(calendar.getTime());
                        ((X509Certificate) unifyCertificate).checkValidity(calendar.getTime());
                        X509Certificate x509Certificate = x509CertificateArr[0];
                        if (!x509Certificate.equals(unifyCertificate)) {
                            try {
                                x509Certificate.verify(unifyCertificate.getPublicKey());
                            } catch (Exception e) {
                                Log.d(BaseHostClient.TAG, "Certificate not trusted : " + e.toString());
                                throw new CertificateException("Certificate not trusted , " + e.toString(), e);
                            }
                        }
                        Log.d(BaseHostClient.TAG, "------- certificate check -------");
                    } catch (CertificateExpiredException e2) {
                        Log.d(BaseHostClient.TAG, "CertificateExpiredException : " + e2.toString());
                    }
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            };
            sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
            return new OkHttpClient.Builder().sslSocketFactory(sSLContext.getSocketFactory(), x509TrustManager).hostnameVerifier(new HostnameVerifier() { // from class: com.idsky.lingdo.utilities.basic.net.okhttp.zhy.clients.BaseHostClient.2
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    Log.d(BaseHostClient.TAG, "hostname : " + str);
                    return true;
                }
            }).build();
        } catch (KeyManagementException e) {
            e.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        } catch (NoSuchProviderException e3) {
            e3.printStackTrace();
            return null;
        }
    }

    public Certificate getUnifyCertificate(Context context) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            InputStream resourceAsStream = context.getClass().getClassLoader().getResourceAsStream("assets/" + this.cerName);
            BufferedInputStream bufferedInputStream = new BufferedInputStream(resourceAsStream);
            try {
                Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
                bufferedInputStream.close();
                resourceAsStream.close();
                return generateCertificate;
            } catch (Throwable th) {
                bufferedInputStream.close();
                resourceAsStream.close();
                throw th;
            }
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        } catch (CertificateException e2) {
            e2.printStackTrace();
            return null;
        }
    }
}
