package ke;

import android.content.Context;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes7.dex */
public class k implements X509TrustManager {

    /* renamed from: c, reason: collision with root package name */
    public static final String f47191c = "SX509TM";

    /* renamed from: d, reason: collision with root package name */
    public static final String f47192d = "hmsrootcas.bks";

    /* renamed from: e, reason: collision with root package name */
    public static final String f47193e = "";

    /* renamed from: f, reason: collision with root package name */
    public static final String f47194f = "X509";

    /* renamed from: g, reason: collision with root package name */
    public static final String f47195g = "bks";

    /* renamed from: h, reason: collision with root package name */
    public static final String f47196h = "AndroidCAStore";

    /* renamed from: a, reason: collision with root package name */
    public List<X509TrustManager> f47197a;

    /* renamed from: b, reason: collision with root package name */
    public X509Certificate[] f47198b;

    public k(Context context) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, IllegalArgumentException {
        this(context, false);
    }

    public k(Context context, boolean z10) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, IllegalArgumentException {
        this.f47197a = new ArrayList();
        if (context == null) {
            throw new IllegalArgumentException("context is null");
        }
        me.c.b(context);
        if (z10) {
            a();
        }
        b(context);
        if (this.f47197a.isEmpty()) {
            throw new CertificateException("X509TrustManager is empty");
        }
    }

    public k(InputStream inputStream, String str) throws IllegalArgumentException {
        this.f47197a = new ArrayList();
        d(inputStream, str);
    }

    public k(InputStream inputStream, String str, boolean z10) throws IllegalArgumentException {
        this.f47197a = new ArrayList();
        if (z10) {
            a();
        }
        d(inputStream, str);
    }

    public k(String str) throws IllegalArgumentException, FileNotFoundException {
        this(str, false);
    }

    public k(String str, boolean z10) throws IllegalArgumentException, FileNotFoundException {
        FileInputStream fileInputStream;
        this.f47197a = new ArrayList();
        try {
            fileInputStream = new FileInputStream(str);
            try {
                d(fileInputStream, "");
                me.g.g(fileInputStream);
                if (z10) {
                    a();
                }
            } catch (Throwable th2) {
                th = th2;
                me.g.g(fileInputStream);
                throw th;
            }
        } catch (Throwable th3) {
            th = th3;
            fileInputStream = null;
        }
    }

    public final void a() {
        com.lizhi.component.tekiapm.tracer.block.d.j(37496);
        me.h.e(f47191c, "loadSystemCA");
        long currentTimeMillis = System.currentTimeMillis();
        try {
            KeyStore keyStore = KeyStore.getInstance(f47196h);
            keyStore.load(null, null);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(f47194f);
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            for (TrustManager trustManager : trustManagers) {
                if (trustManager instanceof X509TrustManager) {
                    this.f47197a.add((X509TrustManager) trustManager);
                }
            }
        } catch (IOException | NegativeArraySizeException | OutOfMemoryError | KeyStoreException | NoSuchAlgorithmException | CertificateException e10) {
            me.h.d(f47191c, "loadSystemCA: exception : " + e10.getMessage());
        }
        me.h.b(f47191c, "loadSystemCA: cost : " + (System.currentTimeMillis() - currentTimeMillis) + " ms");
        com.lizhi.component.tekiapm.tracer.block.d.m(37496);
    }

    /* JADX WARN: Code restructure failed: missing block: B:3:0x0042, code lost:
    
        if (r1 == null) goto L17;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final void b(android.content.Context r8) throws java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.KeyStoreException, java.io.IOException {
        /*
            r7 = this;
            r0 = 37497(0x9279, float:5.2544E-41)
            com.lizhi.component.tekiapm.tracer.block.d.j(r0)
            java.lang.String r1 = "loadBksCA"
            java.lang.String r2 = "SX509TM"
            me.h.e(r2, r1)
            long r3 = java.lang.System.currentTimeMillis()
            java.io.InputStream r1 = me.a.o(r8)
            if (r1 == 0) goto L42
            java.lang.String r5 = "get bks not from assets"
            me.h.e(r2, r5)     // Catch: java.io.IOException -> L20 java.security.cert.CertificateException -> L22 java.security.KeyStoreException -> L24 java.security.NoSuchAlgorithmException -> L26 java.lang.OutOfMemoryError -> L28
            r7.c(r1)     // Catch: java.io.IOException -> L20 java.security.cert.CertificateException -> L22 java.security.KeyStoreException -> L24 java.security.NoSuchAlgorithmException -> L26 java.lang.OutOfMemoryError -> L28
            goto L42
        L20:
            r1 = move-exception
            goto L29
        L22:
            r1 = move-exception
            goto L29
        L24:
            r1 = move-exception
            goto L29
        L26:
            r1 = move-exception
            goto L29
        L28:
            r1 = move-exception
        L29:
            java.lang.StringBuilder r5 = new java.lang.StringBuilder
            r5.<init>()
            java.lang.String r6 = "loadBksCA: exception : "
            r5.append(r6)
            java.lang.String r1 = r1.getMessage()
            r5.append(r1)
            java.lang.String r1 = r5.toString()
            me.h.d(r2, r1)
            goto L44
        L42:
            if (r1 != 0) goto L56
        L44:
            java.lang.String r1 = " get bks from assets "
            me.h.e(r2, r1)
            android.content.res.AssetManager r8 = r8.getAssets()
            java.lang.String r1 = "hmsrootcas.bks"
            java.io.InputStream r8 = r8.open(r1)
            r7.c(r8)
        L56:
            java.lang.StringBuilder r8 = new java.lang.StringBuilder
            r8.<init>()
            java.lang.String r1 = "loadBksCA: cost : "
            r8.append(r1)
            long r5 = java.lang.System.currentTimeMillis()
            long r5 = r5 - r3
            r8.append(r5)
            java.lang.String r1 = " ms"
            r8.append(r1)
            java.lang.String r8 = r8.toString()
            me.h.b(r2, r8)
            com.lizhi.component.tekiapm.tracer.block.d.m(r0)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: ke.k.b(android.content.Context):void");
    }

    public final void c(InputStream inputStream) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        com.lizhi.component.tekiapm.tracer.block.d.j(37498);
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(f47194f);
            KeyStore keyStore = KeyStore.getInstance("bks");
            keyStore.load(inputStream, "".toCharArray());
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    this.f47197a.add((X509TrustManager) trustManager);
                }
            }
        } finally {
            me.g.g(inputStream);
            com.lizhi.component.tekiapm.tracer.block.d.m(37498);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        com.lizhi.component.tekiapm.tracer.block.d.j(37500);
        me.h.e(f47191c, "checkClientTrusted: ");
        Iterator<X509TrustManager> it = this.f47197a.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                com.lizhi.component.tekiapm.tracer.block.d.m(37500);
                return;
            } catch (CertificateException e10) {
                me.h.d(f47191c, "checkServerTrusted CertificateException" + e10.getMessage());
            }
        }
        CertificateException certificateException = new CertificateException("checkServerTrusted CertificateException");
        com.lizhi.component.tekiapm.tracer.block.d.m(37500);
        throw certificateException;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        com.lizhi.component.tekiapm.tracer.block.d.j(37501);
        g(x509CertificateArr);
        me.h.e(f47191c, "checkServerTrusted begin,size=" + x509CertificateArr.length + ",authType=" + str);
        long currentTimeMillis = System.currentTimeMillis();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            me.h.b(f47191c, "server ca chain: getSubjectDN is :" + x509Certificate.getSubjectDN());
            me.h.b(f47191c, "IssuerDN :" + x509Certificate.getIssuerDN());
            me.h.b(f47191c, "SerialNumber : " + x509Certificate.getSerialNumber());
        }
        int size = this.f47197a.size();
        for (int i10 = 0; i10 < size; i10++) {
            try {
                me.h.e(f47191c, "check server i=" + i10);
                X509TrustManager x509TrustManager = this.f47197a.get(i10);
                X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
                if (acceptedIssuers != null) {
                    me.h.e(f47191c, "client root ca size=" + acceptedIssuers.length);
                    for (X509Certificate x509Certificate2 : acceptedIssuers) {
                        me.h.b(f47191c, "client root ca getIssuerDN :" + x509Certificate2.getIssuerDN());
                    }
                }
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
                me.h.e(f47191c, "checkServerTrusted end, " + x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                com.lizhi.component.tekiapm.tracer.block.d.m(37501);
                return;
            } catch (CertificateException e10) {
                me.h.d(f47191c, "checkServerTrusted error :" + e10.getMessage() + " , time : " + i10);
                if (i10 == size - 1) {
                    if (x509CertificateArr.length > 0) {
                        me.h.d(f47191c, "root ca issuer : " + x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                    }
                    com.lizhi.component.tekiapm.tracer.block.d.m(37501);
                    throw e10;
                }
            }
        }
        me.h.b(f47191c, "checkServerTrusted: cost : " + (System.currentTimeMillis() - currentTimeMillis) + " ms");
        com.lizhi.component.tekiapm.tracer.block.d.m(37501);
    }

    public final void d(InputStream inputStream, String str) {
        com.lizhi.component.tekiapm.tracer.block.d.j(37499);
        if (inputStream == null || str == null) {
            IllegalArgumentException illegalArgumentException = new IllegalArgumentException("inputstream or trustPwd is null");
            com.lizhi.component.tekiapm.tracer.block.d.m(37499);
            throw illegalArgumentException;
        }
        long currentTimeMillis = System.currentTimeMillis();
        try {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(f47194f);
                KeyStore keyStore = KeyStore.getInstance("bks");
                keyStore.load(inputStream, str.toCharArray());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                for (TrustManager trustManager : trustManagers) {
                    if (trustManager instanceof X509TrustManager) {
                        this.f47197a.add((X509TrustManager) trustManager);
                    }
                }
                me.g.g(inputStream);
            } catch (Throwable th2) {
                me.g.g(inputStream);
                com.lizhi.component.tekiapm.tracer.block.d.m(37499);
                throw th2;
            }
        } catch (IOException | NegativeArraySizeException | OutOfMemoryError | KeyStoreException | NoSuchAlgorithmException | CertificateException e10) {
            me.h.d(f47191c, "loadInputStream: exception : " + e10.getMessage());
            me.g.g(inputStream);
        }
        me.h.b(f47191c, "loadInputStream: cost : " + (System.currentTimeMillis() - currentTimeMillis) + " ms");
        com.lizhi.component.tekiapm.tracer.block.d.m(37499);
    }

    public X509Certificate[] e() {
        return this.f47198b;
    }

    public List<X509TrustManager> f() {
        return this.f47197a;
    }

    public void g(X509Certificate[] x509CertificateArr) {
        this.f47198b = x509CertificateArr;
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        com.lizhi.component.tekiapm.tracer.block.d.j(37502);
        try {
            ArrayList arrayList = new ArrayList();
            Iterator<X509TrustManager> it = this.f47197a.iterator();
            while (it.hasNext()) {
                arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
            }
            X509Certificate[] x509CertificateArr = (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
            com.lizhi.component.tekiapm.tracer.block.d.m(37502);
            return x509CertificateArr;
        } catch (Exception e10) {
            me.h.d(f47191c, "getAcceptedIssuers exception : " + e10.getMessage());
            X509Certificate[] x509CertificateArr2 = new X509Certificate[0];
            com.lizhi.component.tekiapm.tracer.block.d.m(37502);
            return x509CertificateArr2;
        }
    }

    public void h(List<X509TrustManager> list) {
        this.f47197a = list;
    }
}
