package anetwork.channel.j;

import android.content.Context;
import java.io.File;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import mtopsdk.common.util.SymbolExpUtil;
import mtopsdk.common.util.TBSdkLog;

/* compiled from: CertificationValiditor.java */
/* loaded from: classes2.dex */
public final class a {
    private static String a = "m.taobao.com";

    private static Boolean a(CertPath certPath) {
        Boolean bool = Boolean.FALSE;
        try {
            X509Certificate[] c = c();
            ArrayList arrayList = new ArrayList();
            if (c != null) {
                for (X509Certificate x509Certificate : c) {
                    arrayList.add(new TrustAnchor(x509Certificate, null));
                }
            }
            PKIXParameters pKIXParameters = new PKIXParameters(new HashSet(arrayList));
            pKIXParameters.setRevocationEnabled(false);
            Security.setProperty("ocsp.enable", SymbolExpUtil.STRING_TRUE);
            return ((PKIXCertPathValidatorResult) CertPathValidator.getInstance(CertPathValidator.getDefaultType()).validate(certPath, pKIXParameters)) != null ? Boolean.TRUE : bool;
        } catch (Exception e) {
            TBSdkLog.e("ANet.CertificationValiditor", "validateChain exception", e);
            return bool;
        }
    }

    private static Boolean a(List<X509Certificate> list) {
        try {
            return a(CertificateFactory.getInstance("X.509").generateCertPath(list));
        } catch (Exception e) {
            TBSdkLog.e("ANet.CertificationValiditor", "Certificateion Validator error", e);
            return false;
        }
    }

    public static Boolean a(byte[] bArr) {
        List<X509Certificate> c = c(bArr);
        if (c == null) {
            a("Certificate failed:byteToCert Failed");
            return false;
        }
        X509Certificate a2 = a(c, a);
        if (a2 == null) {
            a("Certificate failed:Domain Failed");
            return false;
        }
        a("Certificate :Domain passed");
        if (!a(a2)) {
            a("Certificate failed:Date Failed");
            return false;
        }
        a("Certificate :Date passed");
        if (a(c).booleanValue()) {
            return true;
        }
        a("Certificate failed:Cert Path Failed");
        return false;
    }

    public static synchronized X509Certificate a() {
        X509Certificate x509Certificate;
        synchronized (a.class) {
            TBSdkLog.d("ANet.CertificationValiditor", "[getCertifications]");
            x509Certificate = null;
            byte[] a2 = anetwork.channel.n.a.a(b());
            if (a2 != null) {
                x509Certificate = a(c(a2), a);
            } else {
                TBSdkLog.e("ANet.CertificationValiditor", "getCertification error certs:" + a2);
            }
        }
        return x509Certificate;
    }

    private static X509Certificate a(List<X509Certificate> list, String str) {
        String obj;
        if (list != null) {
            int i = 0;
            while (true) {
                int i2 = i;
                if (i2 >= list.size()) {
                    break;
                }
                X509Certificate x509Certificate = list.get(i2);
                if (x509Certificate != null && x509Certificate.getSubjectDN() != null && (obj = x509Certificate.getSubjectDN().toString()) != null && obj.contains(str)) {
                    return x509Certificate;
                }
                i = i2 + 1;
            }
        }
        return null;
    }

    private static void a(String str) {
        try {
            TBSdkLog.i("ANet.CertificationValiditor", str);
            mtopsdk.common.a.a.a.a("Page_Net_Exception", 65114, 261, str, "rt", (Map<String, String>) null);
        } catch (Throwable th) {
        }
    }

    private static boolean a(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return false;
        }
        try {
            x509Certificate.checkValidity(new Date());
            return true;
        } catch (CertificateExpiredException e) {
            TBSdkLog.e("ANet.CertificationValiditor", "CertificateExpiredException", e);
            return false;
        } catch (CertificateNotYetValidException e2) {
            TBSdkLog.e("ANet.CertificationValiditor", "CertificateNotYetValidException", e2);
            return false;
        }
    }

    private static File b() {
        Context context = anetwork.channel.e.e.b;
        if (context != null) {
            return new File(context.getFilesDir().getAbsolutePath() + "/CA.cert");
        }
        TBSdkLog.d("ANet.CertificationValiditor", "context :" + context);
        return null;
    }

    public static synchronized boolean b(byte[] bArr) {
        boolean a2;
        synchronized (a.class) {
            a2 = anetwork.channel.n.a.a(bArr, b());
            TBSdkLog.i("ANet.CertificationValiditor", "写入证书:" + a2);
        }
        return a2;
    }

    /* JADX WARN: Removed duplicated region for block: B:36:0x0033 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.util.List<java.security.cert.X509Certificate> c(byte[] r4) {
        /*
            r1 = 0
            java.lang.String r0 = "X.509"
            java.security.cert.CertificateFactory r0 = java.security.cert.CertificateFactory.getInstance(r0)     // Catch: java.security.cert.CertificateException -> L22 java.lang.Throwable -> L2f
            java.io.ByteArrayInputStream r2 = new java.io.ByteArrayInputStream     // Catch: java.security.cert.CertificateException -> L22 java.lang.Throwable -> L2f
            r2.<init>(r4)     // Catch: java.security.cert.CertificateException -> L22 java.lang.Throwable -> L2f
            java.util.Collection r0 = r0.generateCertificates(r2)     // Catch: java.lang.Throwable -> L3d java.security.cert.CertificateException -> L3f
            if (r0 == 0) goto L1d
            boolean r3 = r0 instanceof java.util.List     // Catch: java.lang.Throwable -> L3d java.security.cert.CertificateException -> L3f
            if (r3 == 0) goto L41
            java.util.List r0 = (java.util.List) r0     // Catch: java.lang.Throwable -> L3d java.security.cert.CertificateException -> L3f
        L19:
            r2.close()     // Catch: java.io.IOException -> L37
        L1c:
            return r0
        L1d:
            r2.close()     // Catch: java.io.IOException -> L39
        L20:
            r0 = r1
            goto L1c
        L22:
            r0 = move-exception
            r2 = r1
        L24:
            r0.printStackTrace()     // Catch: java.lang.Throwable -> L3d
            if (r2 == 0) goto L20
            r2.close()     // Catch: java.io.IOException -> L2d
            goto L20
        L2d:
            r0 = move-exception
            goto L20
        L2f:
            r0 = move-exception
            r2 = r1
        L31:
            if (r2 == 0) goto L36
            r2.close()     // Catch: java.io.IOException -> L3b
        L36:
            throw r0
        L37:
            r1 = move-exception
            goto L1c
        L39:
            r0 = move-exception
            goto L20
        L3b:
            r1 = move-exception
            goto L36
        L3d:
            r0 = move-exception
            goto L31
        L3f:
            r0 = move-exception
            goto L24
        L41:
            r0 = r1
            goto L19
        */
        throw new UnsupportedOperationException("Method not decompiled: anetwork.channel.j.a.c(byte[]):java.util.List");
    }

    private static X509Certificate[] c() {
        X509TrustManager x509TrustManager;
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int i = 0;
            while (true) {
                if (i >= trustManagers.length) {
                    x509TrustManager = null;
                    break;
                }
                if (trustManagers[i] instanceof X509TrustManager) {
                    x509TrustManager = (X509TrustManager) trustManagers[i];
                    break;
                }
                i++;
            }
            if (x509TrustManager != null) {
                return x509TrustManager.getAcceptedIssuers();
            }
        } catch (Exception e) {
            TBSdkLog.e("ANet.CertificationValiditor", "");
        }
        return null;
    }
}
