package com.mqunar.imsdk.core.XmppPlugin;

import android.content.Context;
import android.util.SparseArray;
import com.mqunar.imsdk.core.util.BinaryUtil;
import com.mqunar.imsdk.core.util.LogUtil;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Enumeration;
import java.util.Locale;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class MemorizingTrustManager implements X509TrustManager {
    private static final String TAG = "MemorizingTrustManager";
    private static SparseArray<MTMDecision> openDecisions = new SparseArray<>();
    private KeyStore appKeyStore;
    private X509TrustManager appTrustManager;
    private X509TrustManager defaultTrustManager;
    private String fileName = "certificate.pem";
    private File keyStoreFile;
    Context master;

    /* loaded from: classes2.dex */
    class MTMDecision {
        public static final int DECISION_ABORT = 1;
        public static final int DECISION_ALWAYS = 3;
        public static final int DECISION_INVALID = 0;
        public static final int DECISION_ONCE = 2;
        int state = 0;

        MTMDecision() {
        }
    }

    /* loaded from: classes2.dex */
    class MemorizingHostnameVerifier implements HostnameVerifier {
        private HostnameVerifier defaultVerifier;

        public MemorizingHostnameVerifier(HostnameVerifier hostnameVerifier) {
            this.defaultVerifier = hostnameVerifier;
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            if (this.defaultVerifier.verify(str, sSLSession)) {
                return true;
            }
            try {
                X509Certificate x509Certificate = (X509Certificate) sSLSession.getPeerCertificates()[0];
                if (x509Certificate.equals(MemorizingTrustManager.this.appKeyStore.getCertificate(str.toLowerCase(Locale.US)))) {
                    return true;
                }
                return MemorizingTrustManager.this.interactHostname(x509Certificate, str);
            } catch (Exception e) {
                LogUtil.e(MemorizingTrustManager.TAG, e);
                return false;
            }
        }
    }

    public MemorizingTrustManager(Context context) {
        init(context);
        this.appTrustManager = getTrustManager(this.appKeyStore);
        this.defaultTrustManager = getTrustManager(null);
    }

    public MemorizingTrustManager(Context context, X509TrustManager x509TrustManager) {
        init(context);
        this.appTrustManager = getTrustManager(this.appKeyStore);
        this.defaultTrustManager = x509TrustManager;
    }

    private void certDetails(StringBuffer stringBuffer, X509Certificate x509Certificate) {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd");
        stringBuffer.append("\n");
        stringBuffer.append(x509Certificate.getSubjectDN().toString());
        stringBuffer.append("\n");
        stringBuffer.append(simpleDateFormat.format(x509Certificate.getNotBefore()));
        stringBuffer.append(" - ");
        stringBuffer.append(simpleDateFormat.format(x509Certificate.getNotAfter()));
        stringBuffer.append("\nSHA-256: ");
        stringBuffer.append(certHash(x509Certificate, "SHA-256"));
        stringBuffer.append("\nSHA-1: ");
        stringBuffer.append(certHash(x509Certificate, "SHA-1"));
        stringBuffer.append("\nSigned by: ");
        stringBuffer.append(x509Certificate.getIssuerDN().toString());
        stringBuffer.append("\n");
    }

    private static String certHash(X509Certificate x509Certificate, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(x509Certificate.getEncoded());
            return BinaryUtil.bytesToHex(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            return e.getMessage();
        } catch (CertificateEncodingException e2) {
            return e2.getMessage();
        }
    }

    public static X509TrustManager[] getInstanceList(Context context) {
        return new X509TrustManager[]{new MemorizingTrustManager(context)};
    }

    private boolean isCertKnown(X509Certificate x509Certificate) {
        try {
            return this.appKeyStore.getCertificateAlias(x509Certificate) != null;
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    private boolean isExpiredException(Throwable th) {
        while (!(th instanceof CertificateExpiredException)) {
            th = th.getCause();
            if (th == null) {
                return false;
            }
        }
        return true;
    }

    public void checkCertTrusted(X509Certificate[] x509CertificateArr, String str, boolean z) throws CertificateException {
        try {
            if (z) {
                this.appTrustManager.checkServerTrusted(x509CertificateArr, str);
            } else {
                this.appTrustManager.checkClientTrusted(x509CertificateArr, str);
            }
        } catch (CertificateException e) {
            if (isExpiredException(e) || isCertKnown(x509CertificateArr[0])) {
                return;
            }
            try {
                if (this.defaultTrustManager == null) {
                    throw e;
                }
                if (z) {
                    this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
                } else {
                    this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
                }
            } catch (CertificateException e2) {
                interactCert(x509CertificateArr, str, e2);
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkCertTrusted(x509CertificateArr, str, false);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkCertTrusted(x509CertificateArr, str, true);
    }

    File cpPEMFile2Local() {
        File file = new File(this.master.getFilesDir(), this.fileName);
        if (file.exists()) {
            return file;
        }
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(this.master.getAssets().open(this.fileName)));
            PrintWriter printWriter = new PrintWriter(file);
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                printWriter.println(readLine);
            }
            bufferedReader.close();
            printWriter.flush();
            printWriter.close();
        } catch (IOException e) {
            LogUtil.e(TAG, e);
        }
        return file;
    }

    public void deleteCertificate(String str) throws KeyStoreException {
        this.appKeyStore.deleteEntry(str);
        keyStoreUpdated();
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.defaultTrustManager.getAcceptedIssuers();
    }

    public Certificate getCertificate(String str) {
        try {
            return this.appKeyStore.getCertificate(str);
        } catch (KeyStoreException e) {
            throw new RuntimeException(e);
        }
    }

    public Enumeration<String> getCertificates() {
        try {
            return this.appKeyStore.aliases();
        } catch (KeyStoreException e) {
            throw new RuntimeException(e);
        }
    }

    X509TrustManager getTrustManager(KeyStore keyStore) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
            return null;
        } catch (Exception unused) {
            return null;
        }
    }

    void init(Context context) {
        this.master = context;
        this.keyStoreFile = cpPEMFile2Local();
        this.appKeyStore = loadAppKeyStore();
    }

    void interactCert(X509Certificate[] x509CertificateArr, String str, CertificateException certificateException) throws CertificateException {
        storeCert(x509CertificateArr[0]);
    }

    boolean interactHostname(X509Certificate x509Certificate, String str) {
        storeCert(str, x509Certificate);
        return true;
    }

    void keyStoreUpdated() {
        FileOutputStream fileOutputStream;
        Throwable th;
        this.appTrustManager = getTrustManager(this.appKeyStore);
        try {
            fileOutputStream = new FileOutputStream(this.keyStoreFile);
        } catch (Exception unused) {
            fileOutputStream = null;
        } catch (Throwable th2) {
            fileOutputStream = null;
            th = th2;
        }
        try {
            try {
                this.appKeyStore.store(fileOutputStream, "MTM".toCharArray());
            } catch (Exception unused2) {
                if (fileOutputStream == null) {
                    return;
                }
                fileOutputStream.close();
            } catch (Throwable th3) {
                th = th3;
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException unused3) {
                    }
                }
                throw th;
            }
            fileOutputStream.close();
        } catch (IOException unused4) {
        }
    }

    KeyStore loadAppKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                keyStore.load(null, null);
                keyStore.load(new FileInputStream(this.keyStoreFile), "MTM".toCharArray());
            } catch (FileNotFoundException | Exception unused) {
            }
            return keyStore;
        } catch (KeyStoreException unused2) {
            return null;
        }
    }

    void storeCert(String str, Certificate certificate) {
        try {
            this.appKeyStore.setCertificateEntry(str, certificate);
            keyStoreUpdated();
        } catch (KeyStoreException unused) {
        }
    }

    void storeCert(X509Certificate x509Certificate) {
        storeCert(x509Certificate.getSubjectDN().toString(), x509Certificate);
    }

    public HostnameVerifier wrapHostnameVerifier(HostnameVerifier hostnameVerifier) {
        if (hostnameVerifier != null) {
            return new MemorizingHostnameVerifier(hostnameVerifier);
        }
        throw new IllegalArgumentException("The default verifier may not be null");
    }
}
