package com.primeton.emp.client.core.component.net;

import android.os.Build;
import com.ibm.micro.internal.security.SSLSocketFactoryFactory;
import com.primeton.emp.client.core.component.exception.AppException;
import com.primeton.emp.client.debug.Log;
import com.primeton.emp.client.manager.ConfigManager;
import com.primeton.emp.client.manager.ResourceManager;
import com.primeton.emp.client.manager.config.ClientConfig;
import com.primeton.emp.client.uitl.Base64Utils;
import com.primeton.emp.client.uitl.FileUtil;
import com.primeton.emp.client.uitl.Tools;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: classes2.dex */
public class SSLSocketFactoryCompat extends SSLSocketFactory {
    private static final String KEY_STORE_TYPE_P12 = "PKCS12";
    private static final String LOG_TAG = "SSLSocketFactoryCompat";
    private static volatile SSLSocketFactoryCompat baseSocketFactory;
    static String[] cipherSuites;
    static String[] protocols;
    private SSLContext sslContext;

    static {
        try {
            SSLSocket sSLSocket = (SSLSocket) SSLSocketFactory.getSocketFactory().createSocket();
            if (sSLSocket != null) {
                LinkedList linkedList = new LinkedList();
                for (String str : sSLSocket.getSupportedProtocols()) {
                    if (!str.toUpperCase(Locale.getDefault()).contains("SSL")) {
                        linkedList.add(str);
                    }
                }
                protocols = (String[]) linkedList.toArray(new String[linkedList.size()]);
                if (Build.VERSION.SDK_INT < 21) {
                    List asList = Arrays.asList("TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
                    List asList2 = Arrays.asList(sSLSocket.getSupportedCipherSuites());
                    HashSet hashSet = new HashSet(asList);
                    hashSet.retainAll(asList2);
                    hashSet.addAll(new HashSet(Arrays.asList(sSLSocket.getEnabledCipherSuites())));
                    cipherSuites = (String[]) hashSet.toArray(new String[hashSet.size()]);
                }
            }
        } catch (IOException e) {
            AppException.raise(e);
        }
    }

    private SSLSocketFactoryCompat(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore);
        this.sslContext = SSLContext.getInstance(SSLSocketFactoryFactory.DEFAULT_PROTOCOL);
        if (keyStore == null) {
            this.sslContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: com.primeton.emp.client.core.component.net.SSLSocketFactoryCompat.2
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }}, null);
        } else {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            this.sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
        }
    }

    private SSLSocketFactoryCompat(KeyStore keyStore, String str, KeyStore keyStore2) throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        super(keyStore, str, keyStore2);
        this.sslContext = SSLContext.getInstance(SSLSocketFactoryFactory.DEFAULT_PROTOCOL);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, str.toCharArray());
        KeyManager[] keyManagers = keyStore != null ? keyManagerFactory.getKeyManagers() : null;
        if (keyStore2 == null) {
            this.sslContext.init(keyManagers, new TrustManager[]{new X509TrustManager() { // from class: com.primeton.emp.client.core.component.net.SSLSocketFactoryCompat.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }}, null);
            return;
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore2);
        this.sslContext.init(keyManagers, trustManagerFactory.getTrustManagers(), null);
    }

    /* JADX WARN: Code restructure failed: missing block: B:26:0x004a, code lost:
    
        if (r1 == null) goto L30;
     */
    /* JADX WARN: Code restructure failed: missing block: B:27:0x004d, code lost:
    
        return r2;
     */
    /* JADX WARN: Code restructure failed: missing block: B:28:0x0027, code lost:
    
        r1.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x0031, code lost:
    
        if (r1 == null) goto L30;
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x0025, code lost:
    
        if (r1 == null) goto L30;
     */
    /* JADX WARN: Removed duplicated region for block: B:22:0x0050  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.security.KeyStore generateKeyStore(java.lang.String r3, java.lang.String r4) throws java.io.IOException {
        /*
            java.lang.String r0 = "SSLSocketFactoryCompat"
            r1 = 0
            java.lang.String r2 = "PKCS12"
            java.security.KeyStore r2 = java.security.KeyStore.getInstance(r2)     // Catch: java.lang.Throwable -> L1d java.security.cert.CertificateException -> L1f java.security.NoSuchAlgorithmException -> L2b java.io.FileNotFoundException -> L34 java.security.KeyStoreException -> L44
            java.io.InputStream r1 = getFileInputStream(r3)     // Catch: java.io.FileNotFoundException -> L1a java.lang.Throwable -> L1d java.security.cert.CertificateException -> L20 java.security.NoSuchAlgorithmException -> L2c java.security.KeyStoreException -> L45
            char[] r3 = r4.toCharArray()     // Catch: java.io.FileNotFoundException -> L1a java.lang.Throwable -> L1d java.security.cert.CertificateException -> L20 java.security.NoSuchAlgorithmException -> L2c java.security.KeyStoreException -> L45
            r2.load(r1, r3)     // Catch: java.io.FileNotFoundException -> L1a java.lang.Throwable -> L1d java.security.cert.CertificateException -> L20 java.security.NoSuchAlgorithmException -> L2c java.security.KeyStoreException -> L45
            if (r1 == 0) goto L19
            r1.close()
        L19:
            return r2
        L1a:
            r3 = r1
            r1 = r2
            goto L35
        L1d:
            r3 = move-exception
            goto L4e
        L1f:
            r2 = r1
        L20:
            java.lang.String r3 = "https an error occurred during load the client certificate file"
            com.primeton.emp.client.core.component.exception.AppException.raise(r3)     // Catch: java.lang.Throwable -> L1d
            if (r1 == 0) goto L4d
        L27:
            r1.close()
            goto L4d
        L2b:
            r2 = r1
        L2c:
            java.lang.String r3 = "the required algorithm is not available"
            com.primeton.emp.client.debug.Log.e(r0, r3)     // Catch: java.lang.Throwable -> L1d
            if (r1 == 0) goto L4d
            goto L27
        L34:
            r3 = r1
        L35:
            java.lang.String r4 = "the certificate file does not exist"
            com.primeton.emp.client.debug.Log.e(r0, r4)     // Catch: java.lang.Throwable -> L40
            if (r3 == 0) goto L3f
            r3.close()
        L3f:
            return r1
        L40:
            r4 = move-exception
            r1 = r3
            r3 = r4
            goto L4e
        L44:
            r2 = r1
        L45:
            java.lang.String r3 = "an error occurred during the creation of the new KeyStore"
            com.primeton.emp.client.debug.Log.e(r0, r3)     // Catch: java.lang.Throwable -> L1d
            if (r1 == 0) goto L4d
            goto L27
        L4d:
            return r2
        L4e:
            if (r1 == 0) goto L53
            r1.close()
        L53:
            throw r3
        */
        throw new UnsupportedOperationException("Method not decompiled: com.primeton.emp.client.core.component.net.SSLSocketFactoryCompat.generateKeyStore(java.lang.String, java.lang.String):java.security.KeyStore");
    }

    private static KeyStore generateTrustStore() throws IOException {
        KeyStore keyStore = null;
        try {
            KeyStore keyStore2 = KeyStore.getInstance("AndroidCAStore");
            try {
                keyStore2.load(null);
                return keyStore2;
            } catch (FileNotFoundException unused) {
                keyStore = keyStore2;
                Log.e(LOG_TAG, "the certificate file does not exist");
                AppException.raise("https the server certificate file does not exist");
                return keyStore;
            } catch (KeyStoreException unused2) {
                keyStore = keyStore2;
                Log.e(LOG_TAG, "an error occurred during the creation of the new KeyStore");
                return keyStore;
            } catch (NoSuchAlgorithmException unused3) {
                keyStore = keyStore2;
                Log.e(LOG_TAG, "the required algorithm is not available");
                return keyStore;
            } catch (CertificateException e) {
                e = e;
                keyStore = keyStore2;
                AppException.raise("https " + e.getMessage());
                return keyStore;
            }
        } catch (FileNotFoundException unused4) {
        } catch (KeyStoreException unused5) {
        } catch (NoSuchAlgorithmException unused6) {
        } catch (CertificateException e2) {
            e = e2;
        }
    }

    private static InputStream getFileInputStream(String str) throws FileNotFoundException {
        InputStream fileInputStream = FileUtil.getFileInputStream(ResourceManager.getCertsDir() + str);
        if (fileInputStream != null) {
            return fileInputStream;
        }
        throw new FileNotFoundException();
    }

    public static SSLSocketFactoryCompat getSSLSocketFactory() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, IOException {
        if (baseSocketFactory == null) {
            synchronized (SSLSocketFactoryCompat.class) {
                ClientConfig clientConfig = ConfigManager.getClientConfig();
                String clientCertificateFile = clientConfig.getClientCertificateFile();
                boolean hasVerifyServer = clientConfig.hasVerifyServer();
                if (!hasVerifyServer && Tools.isStrEmpty(clientCertificateFile)) {
                    baseSocketFactory = new SSLSocketFactoryCompat(null);
                } else if (!hasVerifyServer && !Tools.isStrEmpty(clientCertificateFile)) {
                    String str = new String(Base64Utils.decodeToBytes(clientConfig.getClientAuthPassword()));
                    baseSocketFactory = new SSLSocketFactoryCompat(generateKeyStore(clientCertificateFile, str), str, null);
                } else if (Tools.isStrEmpty(clientCertificateFile)) {
                    baseSocketFactory = new SSLSocketFactoryCompat(generateTrustStore());
                } else {
                    String str2 = new String(Base64Utils.decodeToBytes(clientConfig.getClientAuthPassword()));
                    baseSocketFactory = new SSLSocketFactoryCompat(generateKeyStore(clientCertificateFile, str2), str2, generateTrustStore());
                }
            }
        }
        return baseSocketFactory;
    }

    private Socket upgradeTLS(Socket socket) {
        boolean z = socket instanceof SSLSocket;
        Socket socket2 = socket;
        if (z) {
            SSLSocket sSLSocket = (SSLSocket) socket;
            String[] strArr = protocols;
            if (strArr != null) {
                sSLSocket.setEnabledProtocols(strArr);
            }
            socket2 = sSLSocket;
            if (Build.VERSION.SDK_INT < 21) {
                String[] strArr2 = cipherSuites;
                socket2 = sSLSocket;
                if (strArr2 != null) {
                    sSLSocket.setEnabledCipherSuites(strArr2);
                    socket2 = sSLSocket;
                }
            }
        }
        return socket2;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        return upgradeTLS(this.sslContext.getSocketFactory().createSocket());
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        return upgradeTLS(this.sslContext.getSocketFactory().createSocket(socket, str, i, z));
    }
}
