package com.nearme.play.net.websocket.b;

import android.content.Context;
import com.nearme.play.log.c;
import com.nearme.play.net.websocket.encrypt.WSEncryptUtil;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: ClientSslContextFactory.java */
/* loaded from: classes5.dex */
public class a {

    /* renamed from: a, reason: collision with root package name */
    private SSLContext f18672a;

    /* renamed from: b, reason: collision with root package name */
    private Context f18673b;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: ClientSslContextFactory.java */
    /* renamed from: com.nearme.play.net.websocket.b.a$a, reason: collision with other inner class name */
    /* loaded from: classes5.dex */
    public class C0433a implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ X509TrustManager f18674a;

        C0433a(X509TrustManager x509TrustManager) {
            this.f18674a = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            try {
                this.f18674a.checkClientTrusted(x509CertificateArr, str);
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            try {
                this.f18674a.checkServerTrusted(x509CertificateArr, str);
            } catch (Exception e2) {
                e2.printStackTrace();
                if (x509CertificateArr != null) {
                    try {
                        if (x509CertificateArr.length > 0) {
                            for (X509Certificate x509Certificate : x509CertificateArr) {
                                x509Certificate.checkValidity();
                                Certificate a2 = a.this.a(x509Certificate);
                                if (a2 instanceof X509Certificate) {
                                    x509Certificate.verify(((X509Certificate) a2).getPublicKey());
                                }
                            }
                        }
                    } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException e3) {
                        e3.printStackTrace();
                    }
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            try {
                return this.f18674a.getAcceptedIssuers();
            } catch (Exception e2) {
                e2.printStackTrace();
                return null;
            }
        }
    }

    private KeyManager[] c(Context context) {
        return WSEncryptUtil.h(context);
    }

    private TrustManager[] d() throws Exception {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        X509TrustManager x509TrustManager = null;
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        int length = trustManagers.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            TrustManager trustManager = trustManagers[i];
            if (trustManager instanceof X509TrustManager) {
                x509TrustManager = (X509TrustManager) trustManager;
                break;
            }
            i++;
        }
        return new TrustManager[]{new C0433a(x509TrustManager)};
    }

    public Certificate a(Certificate certificate) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            return keyStore.getCertificate(keyStore.getCertificateAlias(certificate));
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public SSLContext b() {
        return this.f18672a;
    }

    public void e(Context context) throws Exception {
        this.f18673b = context;
        this.f18672a = SSLContext.getInstance("TLS");
        KeyManager[] c2 = c(this.f18673b);
        if (c2 == null || c2.length == 0) {
            c.q("ClientSslContextFactory", "get keyManagers failed");
            throw new Exception("get clientSSLContext failed");
        }
        TrustManager[] d2 = d();
        if (d2 == null || d2.length == 0) {
            c.q("ClientSslContextFactory", "get trustManagers failed");
            throw new Exception("get clientSSLContext failed");
        }
        this.f18672a.init(c2, d2, null);
    }
}
