package com.sykj.smart.common;

import android.os.Build;
import com.sykj.smart.GoodTimeSmartSDK;
import com.telink.blewifilibrary.utils.RSAUtils;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMDecryptorProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMException;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;

/* loaded from: classes3.dex */
public class SSLUtils {
    private static final String TAG = "SSLUtils";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static class Trust implements TrustManager, X509TrustManager {
        Trust() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public boolean isClientTrusted(X509Certificate[] x509CertificateArr) {
            return true;
        }

        public boolean isServerTrusted(X509Certificate[] x509CertificateArr) {
            return true;
        }
    }

    public static KeyPair getKeyPair(PEMKeyPair pEMKeyPair) throws PEMException {
        try {
            KeyFactory keyFactory = Build.VERSION.SDK_INT >= 28 ? KeyFactory.getInstance(RSAUtils.KEY_ALGORITHM) : KeyFactory.getInstance(RSAUtils.KEY_ALGORITHM, BouncyCastleProvider.PROVIDER_NAME);
            return new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(pEMKeyPair.getPublicKeyInfo().getEncoded())), keyFactory.generatePrivate(new PKCS8EncodedKeySpec(pEMKeyPair.getPrivateKeyInfo().getEncoded())));
        } catch (Exception e) {
            throw new PEMException("unable to convert key pair: " + e.getMessage(), e);
        }
    }

    public static SSLSocketFactory getSingleSocketFactory() {
        InputStream inputStream = null;
        try {
            try {
                inputStream = GoodTimeSmartSDK.getApplication().getAssets().open("ssl/cacert.pem");
                return getSingleSocketFactory(inputStream);
            } finally {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            if (inputStream == null) {
                return null;
            }
            try {
                inputStream.close();
                return null;
            } catch (IOException e3) {
                e3.printStackTrace();
                return null;
            }
        }
    }

    public static SSLSocketFactory getSingleSocketFactory(InputStream inputStream) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        X509Certificate x509Certificate = null;
        BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        while (bufferedInputStream.available() > 0) {
            x509Certificate = (X509Certificate) certificateFactory.generateCertificate(bufferedInputStream);
        }
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca-certificate", x509Certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
        trustManagerFactory.init(keyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
        return sSLContext.getSocketFactory();
    }

    public static SSLSocketFactory getSingleSocketFactory(String str) {
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(str.getBytes());
                SSLSocketFactory singleSocketFactory = getSingleSocketFactory(byteArrayInputStream);
                try {
                    byteArrayInputStream.close();
                } catch (IOException e) {
                    e.printStackTrace();
                }
                return singleSocketFactory;
            } catch (Exception e2) {
                e2.printStackTrace();
                if (byteArrayInputStream == null) {
                    return null;
                }
                try {
                    byteArrayInputStream.close();
                    return null;
                } catch (IOException e3) {
                    e3.printStackTrace();
                    return null;
                }
            }
        } catch (Throwable th) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (IOException e4) {
                    e4.printStackTrace();
                }
            }
            throw th;
        }
    }

    public static SocketFactory getSocketFactory() {
        try {
            TrustManager[] trustManagerArr = {new Trust()};
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            sSLContext.init(null, trustManagerArr, null);
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static SSLSocketFactory getSocketFactory(String str, String str2, String str3, String str4) throws Exception {
        KeyPair keyPair;
        Security.addProvider(new BouncyCastleProvider());
        X509Certificate x509Certificate = null;
        BufferedInputStream bufferedInputStream = new BufferedInputStream(GoodTimeSmartSDK.getApplication().getAssets().open(str));
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        while (bufferedInputStream.available() > 0) {
            x509Certificate = (X509Certificate) certificateFactory.generateCertificate(bufferedInputStream);
        }
        BufferedInputStream bufferedInputStream2 = new BufferedInputStream(GoodTimeSmartSDK.getApplication().getAssets().open(str2));
        X509Certificate x509Certificate2 = null;
        while (bufferedInputStream2.available() > 0) {
            x509Certificate2 = (X509Certificate) certificateFactory.generateCertificate(bufferedInputStream2);
        }
        PEMParser pEMParser = new PEMParser(new InputStreamReader(GoodTimeSmartSDK.getApplication().getAssets().open(str3)));
        Object readObject = pEMParser.readObject();
        PEMDecryptorProvider build = new JcePEMDecryptorProviderBuilder().build(str4.toCharArray());
        new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
        if (readObject instanceof PEMEncryptedKeyPair) {
            LogUtil.e(TAG, "Encrypted key - we will use provided password");
            keyPair = getKeyPair(((PEMEncryptedKeyPair) readObject).decryptKeyPair(build));
        } else {
            LogUtil.e(TAG, "Unencrypted key - no password needed");
            keyPair = getKeyPair((PEMKeyPair) readObject);
        }
        pEMParser.close();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca-certificate", x509Certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
        trustManagerFactory.init(keyStore);
        KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore2.load(null, null);
        keyStore2.setCertificateEntry("certificate", x509Certificate2);
        keyStore2.setKeyEntry("private-key", keyPair.getPrivate(), str4.toCharArray(), new Certificate[]{x509Certificate2});
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore2, str4.toCharArray());
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        return sSLContext.getSocketFactory();
    }
}
