package com.tplink.base.home;

import com.facebook.react.modules.network.TPCookieJarContainer;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;
import org.apache.commons.net.imap.IMAPSClient;

/* loaded from: classes2.dex */
public class TPCAManager {
    private static final String HTTPS_CER_NAME = "tp-link-root-CA.pem";
    private static final long OK_HTTP_TIME_OUT = 10;
    private static final String TAG = "TPCAManager";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class TPTrustManager implements X509TrustManager {
        private TPTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    private static SSLSocketFactory createSSLSocketFactory(boolean z) {
        try {
            if (!z) {
                return createSocketFactoryWithoutCertificate();
            }
            try {
                try {
                    try {
                        try {
                            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                            keyStore.load(null);
                            keyStore.setCertificateEntry(Integer.toString(0), certificateFactory.generateCertificate(BaseApplication.getAppContext().getAssets().open(HTTPS_CER_NAME)));
                            SSLContext sSLContext = SSLContext.getInstance(IMAPSClient.DEFAULT_PROTOCOL);
                            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                            trustManagerFactory.init(keyStore);
                            sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
                            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
                            if (socketFactory != null) {
                                return socketFactory;
                            }
                        } catch (KeyStoreException e) {
                            TPLog.e(TAG + " ---> KeyStoreException", e.getMessage());
                        }
                    } catch (KeyManagementException e2) {
                        TPLog.e(TAG + " ---> KeyManagementException", e2.getMessage());
                    }
                } catch (NoSuchAlgorithmException e3) {
                    TPLog.e(TAG + " ---> NoSuchAlgorithmException", e3.getMessage());
                } catch (CertificateException e4) {
                    TPLog.e(TAG + " ---> CertificateException", e4.getMessage());
                }
            } catch (IOException e5) {
                TPLog.e(TAG + " ---> IOException", e5.getMessage());
            } catch (Exception e6) {
                TPLog.e(TAG, e6.getMessage());
            }
            return createSocketFactoryWithoutCertificate();
        } finally {
            createSocketFactoryWithoutCertificate();
        }
    }

    private static SSLSocketFactory createSocketFactoryWithoutCertificate() {
        try {
            SSLContext sSLContext = SSLContext.getInstance(IMAPSClient.DEFAULT_PROTOCOL);
            sSLContext.init(null, new TrustManager[]{new TPTrustManager()}, null);
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            TPLog.e("SSLSocket Error", e.getMessage());
            return null;
        }
    }

    public static OkHttpClient getCAOkHttpClient() {
        return new OkHttpClient.Builder().connectTimeout(OK_HTTP_TIME_OUT, TimeUnit.SECONDS).readTimeout(OK_HTTP_TIME_OUT, TimeUnit.SECONDS).writeTimeout(OK_HTTP_TIME_OUT, TimeUnit.SECONDS).cookieJar(new TPCookieJarContainer()).sslSocketFactory(createSSLSocketFactory(false), new TPTrustManager()).hostnameVerifier(new HostnameVerifier() { // from class: com.tplink.base.home.-$$Lambda$TPCAManager$UIf7X5_tDlGrxLxljhziwkRP0HA
            @Override // javax.net.ssl.HostnameVerifier
            public final boolean verify(String str, SSLSession sSLSession) {
                return TPCAManager.lambda$getCAOkHttpClient$0(str, sSLSession);
            }
        }).build();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$getCAOkHttpClient$0(String str, SSLSession sSLSession) {
        return true;
    }
}
