package com.huawei.common.net.retrofit.safe;

import android.text.TextUtils;
import com.fmxos.platform.sdk.xiaoyaos.k2.u;
import com.huawei.audiodevicekit.utils.LogUtils;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class LogSslSocketFactory extends SSLSocketFactory {
    public static final String ALIAS_TRUST_STORE = "trust";
    public static final String KEY_ALGORITHM = "X509";
    public static final String KEY_BKS = "bks";
    public static final String KEY_CERTIFICATE = "X.509";
    public static final String SSL_SOCKET_EXCEPTION_MESSAGE = "SSLSocket checkServerTrusted error";
    public static final String TAG = "LogSslSocketFactory";
    public static final String TLS_SUPPORT_VERSION = "TLSv1.2";
    public static final String[] TLS_SUPPORT_VERSIONS = {"TLSv1.2"};
    public static final String TRUST_CHAR = "";
    public SSLContext mSslContext;
    public ArrayList<X509TrustManager> mX509TrustManagers = new ArrayList<>(10);

    /* loaded from: classes2.dex */
    public class a implements X509TrustManager {
        public a() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            if (LogSslSocketFactory.this.mX509TrustManagers.size() <= 0) {
                throw new CertificateException(LogSslSocketFactory.SSL_SOCKET_EXCEPTION_MESSAGE);
            }
            X509TrustManager x509TrustManager = (X509TrustManager) LogSslSocketFactory.this.mX509TrustManagers.get(0);
            if (x509TrustManager != null) {
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r8v10 */
    /* JADX WARN: Type inference failed for: r8v11 */
    /* JADX WARN: Type inference failed for: r8v24 */
    /* JADX WARN: Type inference failed for: r8v25 */
    /* JADX WARN: Type inference failed for: r8v26 */
    /* JADX WARN: Type inference failed for: r8v27 */
    /* JADX WARN: Type inference failed for: r8v28 */
    /* JADX WARN: Type inference failed for: r8v29 */
    /* JADX WARN: Type inference failed for: r8v3 */
    /* JADX WARN: Type inference failed for: r8v30 */
    /* JADX WARN: Type inference failed for: r8v31 */
    /* JADX WARN: Type inference failed for: r8v32 */
    /* JADX WARN: Type inference failed for: r8v33 */
    /* JADX WARN: Type inference failed for: r8v34 */
    /* JADX WARN: Type inference failed for: r8v35 */
    /* JADX WARN: Type inference failed for: r8v36 */
    /* JADX WARN: Type inference failed for: r8v37 */
    /* JADX WARN: Type inference failed for: r8v38 */
    /* JADX WARN: Type inference failed for: r8v4 */
    /* JADX WARN: Type inference failed for: r8v5, types: [java.io.InputStream] */
    public LogSslSocketFactory(KeyStore keyStore, String str, String str2) {
        InputStream open;
        this.mSslContext = SSLContext.getInstance("TLSv1.2");
        if (TextUtils.equals("TLSv1.2", str2)) {
            this.mSslContext = SSLContext.getInstance("TLSv1.2");
        }
        if (keyStore == null || TextUtils.isEmpty(str)) {
            return;
        }
        ?? r8 = 0;
        InputStream inputStream = null;
        InputStream inputStream2 = null;
        InputStream inputStream3 = null;
        InputStream inputStream4 = null;
        try {
            try {
                open = u.a().getResources().getAssets().open(str);
            } catch (Throwable th) {
                th = th;
            }
        } catch (IOException unused) {
        } catch (KeyStoreException unused2) {
        } catch (NoSuchAlgorithmException unused3) {
        } catch (CertificateException unused4) {
        }
        try {
            String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
            if (TextUtils.equals(keyStore.getType(), KEY_BKS)) {
                open.reset();
                keyStore.load(open, "".toCharArray());
                defaultAlgorithm = KEY_ALGORITHM;
            } else {
                Certificate generateCertificate = CertificateFactory.getInstance(KEY_CERTIFICATE).generateCertificate(open);
                keyStore.load(null, "".toCharArray());
                keyStore.setCertificateEntry(ALIAS_TRUST_STORE, generateCertificate);
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
            trustManagerFactory.init(keyStore);
            addTrustManagers(trustManagerFactory);
            LogUtils.d(TAG, "new AccountX509TrustManager end");
            r8 = trustManagerFactory;
            if (open != null) {
                try {
                    open.close();
                    r8 = trustManagerFactory;
                } catch (IOException unused5) {
                    LogUtils.d(TAG, TAG, "io close fail");
                    r8 = trustManagerFactory;
                }
            }
        } catch (IOException unused6) {
            inputStream = open;
            LogUtils.d(TAG, "reset or load or close io exception");
            r8 = inputStream;
            if (inputStream != null) {
                try {
                    inputStream.close();
                    r8 = inputStream;
                } catch (IOException unused7) {
                    LogUtils.d(TAG, TAG, "io close fail");
                    r8 = inputStream;
                }
            }
            initSslContext();
        } catch (KeyStoreException unused8) {
            inputStream2 = open;
            LogUtils.d(TAG, "key store failed");
            r8 = inputStream2;
            if (inputStream2 != null) {
                try {
                    inputStream2.close();
                    r8 = inputStream2;
                } catch (IOException unused9) {
                    LogUtils.d(TAG, TAG, "io close fail");
                    r8 = inputStream2;
                }
            }
            initSslContext();
        } catch (NoSuchAlgorithmException unused10) {
            inputStream3 = open;
            LogUtils.d(TAG, "no such algorithm ");
            r8 = inputStream3;
            if (inputStream3 != null) {
                try {
                    inputStream3.close();
                    r8 = inputStream3;
                } catch (IOException unused11) {
                    LogUtils.d(TAG, TAG, "io close fail");
                    r8 = inputStream3;
                }
            }
            initSslContext();
        } catch (CertificateException unused12) {
            inputStream4 = open;
            LogUtils.d(TAG, "certificate operate failed");
            r8 = inputStream4;
            if (inputStream4 != null) {
                try {
                    inputStream4.close();
                    r8 = inputStream4;
                } catch (IOException unused13) {
                    LogUtils.d(TAG, TAG, "io close fail");
                    r8 = inputStream4;
                }
            }
            initSslContext();
        } catch (Throwable th2) {
            th = th2;
            r8 = open;
            if (r8 != 0) {
                try {
                    r8.close();
                } catch (IOException unused14) {
                    LogUtils.d(TAG, TAG, "io close fail");
                }
            }
            throw th;
        }
        initSslContext();
    }

    public LogSslSocketFactory(KeyStore keyStore, List<InputStream> list, String str) {
        this.mSslContext = SSLContext.getInstance("TLSv1.2");
        LogUtils.d(TAG, "LogSslSocketFactory--");
        if (TextUtils.equals(str, "TLSv1.2")) {
            this.mSslContext = SSLContext.getInstance("TLSv1.2");
        }
        if (list == null || list.size() == 0 || keyStore == null) {
            return;
        }
        InputStream inputStream = null;
        try {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance(KEY_CERTIFICATE);
                keyStore.load(null, "".toCharArray());
                int i = 0;
                int size = list.size();
                while (i < size) {
                    InputStream inputStream2 = list.get(i);
                    int i2 = i + 1;
                    try {
                        keyStore.setCertificateEntry(Integer.toString(i), certificateFactory.generateCertificate(inputStream2));
                        i = i2;
                        inputStream = inputStream2;
                    } catch (IOException unused) {
                        inputStream = inputStream2;
                        LogUtils.d(TAG, "reset or load or close io exception");
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (IOException unused2) {
                                LogUtils.d(TAG, "io close fail");
                            }
                        }
                        initSslContext();
                    } catch (KeyStoreException unused3) {
                        inputStream = inputStream2;
                        LogUtils.d(TAG, "key store error");
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (IOException unused4) {
                                LogUtils.d(TAG, "io close fail");
                            }
                        }
                        initSslContext();
                    } catch (NoSuchAlgorithmException unused5) {
                        inputStream = inputStream2;
                        LogUtils.d(TAG, TAG, "no such algorithm ");
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (IOException unused6) {
                                LogUtils.d(TAG, "io close fail");
                            }
                        }
                        initSslContext();
                    } catch (CertificateException unused7) {
                        inputStream = inputStream2;
                        LogUtils.d(TAG, TAG, "certificate operate fail");
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (IOException unused8) {
                                LogUtils.d(TAG, "io close fail");
                            }
                        }
                        initSslContext();
                    } catch (Throwable th) {
                        th = th;
                        inputStream = inputStream2;
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (IOException unused9) {
                                LogUtils.d(TAG, "io close fail");
                            }
                        }
                        throw th;
                    }
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                addTrustManagers(trustManagerFactory);
                LogUtils.d(TAG, "create account X509 trust manager end");
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException unused10) {
                        LogUtils.d(TAG, "io close fail");
                    }
                }
            } catch (Throwable th2) {
                th = th2;
            }
        } catch (IOException unused11) {
        } catch (KeyStoreException unused12) {
        } catch (NoSuchAlgorithmException unused13) {
        } catch (CertificateException unused14) {
        }
        initSslContext();
    }

    private void addTrustManagers(TrustManagerFactory trustManagerFactory) {
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers != null) {
            for (TrustManager trustManager : trustManagers) {
                if (trustManager instanceof X509TrustManager) {
                    this.mX509TrustManagers.add((X509TrustManager) trustManager);
                }
            }
        }
        if (this.mX509TrustManagers.isEmpty()) {
            LogUtils.d(TAG, "couldn't find a X509TrustManager!");
        }
    }

    private Socket createSocket(Socket socket) {
        if (!(socket instanceof SSLSocket)) {
            return socket;
        }
        SSLSocket sSLSocket = (SSLSocket) socket;
        setEnableSafeCipherSuites(sSLSocket);
        sSLSocket.setEnabledProtocols(TLS_SUPPORT_VERSIONS);
        return sSLSocket;
    }

    private void initSslContext() {
        this.mSslContext.init(null, new X509TrustManager[]{new a()}, new SecureRandom());
    }

    public static void setEnableSafeCipherSuites(SSLSocket sSLSocket) {
        String[] enabledCipherSuites;
        if (sSLSocket == null || (enabledCipherSuites = sSLSocket.getEnabledCipherSuites()) == null || enabledCipherSuites.length == 0) {
            return;
        }
        LogUtils.d(TAG, "Before filtering enableCiphers = " + enabledCipherSuites.length);
        List<String> tlsFilter = TlsUtils.tlsFilter(enabledCipherSuites);
        LogUtils.d(TAG, "After filtering enabledCiphersList = " + tlsFilter.size());
        sSLSocket.setEnabledCipherSuites((String[]) tlsFilter.toArray(new String[0]));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket() {
        return createSocket(this.mSslContext.getSocketFactory().createSocket());
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) {
        return createSocket(this.mSslContext.getSocketFactory().createSocket(str, i));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) {
        return createSocket(this.mSslContext.getSocketFactory().createSocket(str, i, inetAddress, i2));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) {
        return createSocket(this.mSslContext.getSocketFactory().createSocket(inetAddress, i));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) {
        return createSocket(this.mSslContext.getSocketFactory().createSocket(inetAddress, i, inetAddress2, i2));
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) {
        return createSocket(this.mSslContext.getSocketFactory().createSocket(socket, str, i, z));
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return new String[0];
    }

    public SSLContext getSslContext() {
        return this.mSslContext;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return new String[0];
    }

    public X509TrustManager getTrustManager() {
        ArrayList<X509TrustManager> arrayList = this.mX509TrustManagers;
        if (arrayList == null || arrayList.size() <= 0) {
            return null;
        }
        return this.mX509TrustManagers.get(0);
    }
}
