package com.qihoo.esv.sdk.huawei.http.https;

import android.content.Context;
import android.os.Build;
import android.text.TextUtils;
import com.qihoo.esv.sdk.huawei.utils.EsvLog;
import java.net.Socket;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;

/* loaded from: classes.dex */
public class HttpsUtils {
    private static final String TAG = "HttpsClientUtils";
    private static X509TrustManager sX509TrustManager = new X509TrustManager() { // from class: com.qihoo.esv.sdk.huawei.http.https.HttpsUtils.1
        @Override // javax.net.ssl.X509TrustManager
        public final void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            HttpsUtils.checkClientTrustedWrapper(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public final void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            HttpsUtils.checkServerTrustedWrapper(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public final X509Certificate[] getAcceptedIssuers() {
            return HttpsUtils.getAcceptedIssuersWrapper();
        }
    };
    private static X509TrustManager systemDefaultTrustManager;

    public static void checkClientTrustedWrapper(X509Certificate[] x509CertificateArr, String str) {
        EsvLog.d(TAG, "checkClientTrustedWrapper");
        if (checkSystemDefaultTrustManager()) {
            getSystemDefaultTrustManager().checkClientTrusted(x509CertificateArr, str);
        }
    }

    public static void checkServerTrustedWrapper(X509Certificate[] x509CertificateArr, String str) {
        try {
            if (!checkSystemDefaultTrustManager()) {
                throw new CertificateException("checkServerTrusted checkSystemDefaultTrustManager fail!");
            }
            getSystemDefaultTrustManager().checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            EsvLog.e(TAG, "checkServerTrusted", e);
            throw e;
        }
    }

    private static boolean checkSystemDefaultTrustManager() {
        return getSystemDefaultTrustManager() != null;
    }

    public static X509Certificate[] getAcceptedIssuersWrapper() {
        EsvLog.d(TAG, "getAcceptedIssuersWrapper");
        return checkSystemDefaultTrustManager() ? getSystemDefaultTrustManager().getAcceptedIssuers() : new X509Certificate[0];
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:28:0x006b A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Type inference failed for: r5v0, types: [android.content.Context] */
    /* JADX WARN: Type inference failed for: r5v2 */
    /* JADX WARN: Type inference failed for: r5v3, types: [java.io.InputStream] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static javax.net.ssl.SSLContext getSSLContext(android.content.Context r5, java.lang.String r6) {
        /*
            java.lang.String r0 = "initCert"
            java.lang.String r1 = "HttpsClientUtils"
            r2 = 0
            android.content.res.AssetManager r5 = r5.getAssets()     // Catch: java.lang.Throwable -> L56 java.lang.Throwable -> L59
            java.io.InputStream r5 = r5.open(r6)     // Catch: java.lang.Throwable -> L56 java.lang.Throwable -> L59
            java.lang.String r6 = "X.509"
            java.security.cert.CertificateFactory r6 = java.security.cert.CertificateFactory.getInstance(r6)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            java.lang.String r3 = java.security.KeyStore.getDefaultType()     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            java.security.KeyStore r3 = java.security.KeyStore.getInstance(r3)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            r3.load(r2)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            r4 = 0
            java.lang.String r4 = java.lang.Integer.toString(r4)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            java.security.cert.Certificate r6 = r6.generateCertificate(r5)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            r3.setCertificateEntry(r4, r6)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            java.lang.String r6 = "TLS"
            javax.net.ssl.SSLContext r6 = javax.net.ssl.SSLContext.getInstance(r6)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            java.lang.String r4 = javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm()     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            javax.net.ssl.TrustManagerFactory r4 = javax.net.ssl.TrustManagerFactory.getInstance(r4)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            r4.init(r3)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            javax.net.ssl.TrustManager[] r3 = r4.getTrustManagers()     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            java.security.SecureRandom r4 = new java.security.SecureRandom     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            r4.<init>()     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            r6.init(r2, r3, r4)     // Catch: java.lang.Throwable -> L52 java.lang.Throwable -> L54
            if (r5 == 0) goto L51
            r5.close()     // Catch: java.lang.Throwable -> L4d
            goto L51
        L4d:
            r5 = move-exception
            com.qihoo.esv.sdk.huawei.utils.EsvLog.e(r1, r0, r5)
        L51:
            return r6
        L52:
            r6 = move-exception
            goto L69
        L54:
            r6 = move-exception
            goto L5b
        L56:
            r6 = move-exception
            r5 = r2
            goto L69
        L59:
            r6 = move-exception
            r5 = r2
        L5b:
            com.qihoo.esv.sdk.huawei.utils.EsvLog.e(r1, r0, r6)     // Catch: java.lang.Throwable -> L52
            if (r5 == 0) goto L68
            r5.close()     // Catch: java.lang.Throwable -> L64
            goto L68
        L64:
            r5 = move-exception
            com.qihoo.esv.sdk.huawei.utils.EsvLog.e(r1, r0, r5)
        L68:
            return r2
        L69:
            if (r5 == 0) goto L73
            r5.close()     // Catch: java.lang.Throwable -> L6f
            goto L73
        L6f:
            r5 = move-exception
            com.qihoo.esv.sdk.huawei.utils.EsvLog.e(r1, r0, r5)
        L73:
            throw r6
        */
        throw new UnsupportedOperationException("Method not decompiled: com.qihoo.esv.sdk.huawei.http.https.HttpsUtils.getSSLContext(android.content.Context, java.lang.String):javax.net.ssl.SSLContext");
    }

    public static SSLContext getSSLContextCommon() {
        return getSSLContextCommon(null);
    }

    public static SSLContext getSSLContextCommon(Context context) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{sX509TrustManager}, null);
            return sSLContext;
        } catch (Throwable th) {
            EsvLog.e(TAG, "initCertCommon", th);
            return null;
        }
    }

    private static X509TrustManager getSystemDefaultTrustManager() {
        if (systemDefaultTrustManager == null) {
            systemDefaultTrustManager = systemDefaultTrustManager();
        }
        return systemDefaultTrustManager;
    }

    public static X509TrustManager getTrustManager() {
        return sX509TrustManager;
    }

    public static void initCertCommon(OkHttpClient.Builder builder) {
        try {
            builder.sslSocketFactory(getSSLContextCommon().getSocketFactory(), sX509TrustManager);
        } catch (Throwable th) {
            EsvLog.e(TAG, "initCertCommon", th);
        }
    }

    private static void setSNI2Socket(Socket socket, String str, String str2) {
        EsvLog.v(TAG, "getSchemeRegistry setSNI2Socket sock = " + socket + " host = " + str + " Build.VERSION.SDK_INT = " + Build.VERSION.SDK_INT + " url = " + str2);
        if (!TextUtils.isEmpty(str) && Build.VERSION.SDK_INT < 23) {
            if (!(socket instanceof SSLSocket)) {
                EsvLog.v(TAG, "getSchemeRegistry setSNI2Socket is not SSLSocket!");
                return;
            }
            EsvLog.v(TAG, "getSchemeRegistry setSNI2Socket sock instanceof SSLSocket~");
            try {
                socket.getClass().getMethod("setHostname", String.class).invoke(socket, str);
                EsvLog.v(TAG, "getSchemeRegistry setSNI2Socket Method setHostname invoke success!");
            } catch (Throwable th) {
                EsvLog.e(TAG, "getSchemeRegistry setSNI2Socket", th);
            }
        }
    }

    private static X509TrustManager systemDefaultTrustManager() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return (X509TrustManager) trustManagers[0];
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (Throwable th) {
            EsvLog.e(TAG, "systemDefaultTrustManager", th);
            return null;
        }
    }
}
