package com.tal.xes.app.net.https;

import android.text.TextUtils;
import android.util.Log;
import com.networkbench.agent.impl.socket.k;
import com.tal.xes.app.net.NetHelper;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class SslCheckHelper {
    private List<String> hostCerWhite;
    private List<byte[]> pubKeyToCheck;
    private SSLSocketFactory sslSocketFactory;
    private X509TrustManager trustManager;

    public SslCheckHelper() {
        init();
    }

    public static SSLSocketFactory getAllSSLSocketFactory() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, getAllTrustManager(), new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static TrustManager[] getAllTrustManager() {
        return new TrustManager[]{new X509TrustManager() { // from class: com.tal.xes.app.net.https.SslCheckHelper.3
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }};
    }

    private void init() {
        this.pubKeyToCheck = new ArrayList();
        this.trustManager = new X509TrustManager() { // from class: com.tal.xes.app.net.https.SslCheckHelper.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                boolean z = false;
                if (SslCheckHelper.this.pubKeyToCheck == null || SslCheckHelper.this.pubKeyToCheck.size() == 0) {
                    z = true;
                } else if (x509CertificateArr != null) {
                    try {
                        if (x509CertificateArr.length > 0) {
                            int length = x509CertificateArr.length;
                            int i = 0;
                            loop0: while (true) {
                                if (i >= length) {
                                    break;
                                }
                                X509Certificate x509Certificate = x509CertificateArr[i];
                                String name = x509Certificate.getSubjectDN().getName();
                                if (!TextUtils.isEmpty(name) && SslCheckHelper.this.hostCerWhite != null && SslCheckHelper.this.hostCerWhite.size() > 0) {
                                    Iterator it = SslCheckHelper.this.hostCerWhite.iterator();
                                    while (it.hasNext()) {
                                        if (name.contains((String) it.next())) {
                                            z = true;
                                            break loop0;
                                        }
                                    }
                                }
                                byte[] encoded = x509Certificate.getPublicKey().getEncoded();
                                Log.d(NetHelper.TAG, "serverCerCode: " + Arrays.toString(encoded));
                                if (SslCheckHelper.this.pubKeyToCheck != null) {
                                    Iterator it2 = SslCheckHelper.this.pubKeyToCheck.iterator();
                                    while (it2.hasNext()) {
                                        if (Arrays.equals((byte[]) it2.next(), encoded)) {
                                            z = true;
                                            break loop0;
                                        }
                                    }
                                }
                                i++;
                            }
                        }
                    } catch (Exception e) {
                        e.printStackTrace();
                    }
                }
                if (!z) {
                    throw new CertificateException("server certificate is invalid");
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
        try {
            SSLContext sSLContext = SSLContext.getInstance(k.b);
            sSLContext.init(null, new TrustManager[]{this.trustManager}, new SecureRandom());
            this.sslSocketFactory = sSLContext.getSocketFactory();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public void addPk(byte[] bArr) {
        if (bArr == null) {
            return;
        }
        boolean z = true;
        Iterator<byte[]> it = this.pubKeyToCheck.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (Arrays.equals(it.next(), bArr)) {
                z = false;
                break;
            }
        }
        if (z) {
            this.pubKeyToCheck.add(bArr);
        }
    }

    public void addPks(List<byte[]> list) {
        if (list == null || list.size() <= 0) {
            return;
        }
        Iterator<byte[]> it = list.iterator();
        while (it.hasNext()) {
            addPk(it.next());
        }
    }

    public SSLSocketFactory getSslSocketFactory() {
        return this.sslSocketFactory;
    }

    public SSLSocketFactory getTrustAllCersFactory() {
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.tal.xes.app.net.https.SslCheckHelper.2
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance(k.b);
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public X509TrustManager getTrustManager() {
        return this.trustManager;
    }

    public void setHostCerWhite(List<String> list) {
        this.hostCerWhite = list;
    }
}
