package com.litesuits.http.impl.apache;

import android.os.Build;
import android.os.Environment;
import android.util.Log;
import com.xiaomi.mipush.sdk.Constants;
import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: classes.dex */
class TrustSSLSocketFactory extends SSLSocketFactory {
    private static final String ALIAS = "1";
    private static final String CA_STORE_PATH = String.valueOf(Environment.getExternalStorageDirectory().getAbsolutePath()) + "/external_sd/dialer.mihua/ca/client.cer";
    private static final String KEY_STORE_PASSWORD = "Tt1234567890";
    private static final String TAG = "TrustSSLSocketFactory";
    private final X509Certificate[] acceptedIssuers;
    SSLContext sslContext;

    private TrustSSLSocketFactory(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException, NoSuchProviderException {
        super(keyStore);
        this.sslContext = SSLContext.getInstance("TLS");
        Log.d(TAG, TAG);
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(CA_STORE_PATH));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(bufferedInputStream);
        if (x509Certificate == null) {
            throw new CertificateException("Embedded SSL certificate has expired.");
        }
        Log.d(TAG, "Check the CA's validity");
        x509Certificate.checkValidity();
        this.acceptedIssuers = new X509Certificate[]{x509Certificate};
        this.sslContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: com.litesuits.http.impl.apache.TrustSSLSocketFactory.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                CertificateException certificateException;
                Log.i(TrustSSLSocketFactory.TAG, "checkServerTrusted");
                if (x509CertificateArr == null || x509CertificateArr.length == 0) {
                    certificateException = new CertificateException("Certificate chain is invalid.");
                } else if (str == null || str.length() == 0) {
                    certificateException = new CertificateException("Authentication type is invalid.");
                } else {
                    Log.i(TrustSSLSocketFactory.TAG, "Chain includes " + x509CertificateArr.length + " certificates.");
                    for (X509Certificate x509Certificate2 : x509CertificateArr) {
                        Log.i(TrustSSLSocketFactory.TAG, "Server Certificate Details:");
                        Log.i(TrustSSLSocketFactory.TAG, "---------------------------");
                        Log.i(TrustSSLSocketFactory.TAG, "IssuerDN: " + x509Certificate2.getIssuerDN().toString());
                        Log.i(TrustSSLSocketFactory.TAG, "SubjectDN: " + x509Certificate2.getSubjectDN().toString());
                        Log.i(TrustSSLSocketFactory.TAG, "Serial Number: " + x509Certificate2.getSerialNumber());
                        Log.i(TrustSSLSocketFactory.TAG, "Version: " + x509Certificate2.getVersion());
                        Log.i(TrustSSLSocketFactory.TAG, "Not before: " + x509Certificate2.getNotBefore().toString());
                        Log.i(TrustSSLSocketFactory.TAG, "Not after: " + x509Certificate2.getNotAfter().toString());
                        Log.i(TrustSSLSocketFactory.TAG, "---------------------------");
                        x509Certificate2.checkValidity();
                    }
                    certificateException = null;
                }
                if (certificateException != null) {
                    Log.e(TrustSSLSocketFactory.TAG, "Certificate error", certificateException);
                    throw new CertificateException(certificateException);
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                Log.d(TrustSSLSocketFactory.TAG, "getAcceptedIssuers:" + TrustSSLSocketFactory.this.acceptedIssuers);
                return TrustSSLSocketFactory.this.acceptedIssuers;
            }
        }}, null);
        bufferedInputStream.close();
    }

    public static SSLSocketFactory getFixSocketFactory() {
        try {
            Log.d(TAG, "getFixSocketFactory");
            TrustSSLSocketFactory trustSSLSocketFactory = new TrustSSLSocketFactory(getKeyStore());
            trustSSLSocketFactory.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
            return trustSSLSocketFactory;
        } catch (Throwable th) {
            th.printStackTrace();
            return SSLSocketFactory.getSocketFactory();
        }
    }

    public static KeyStore getKeyStore() {
        KeyStore keyStore;
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(CA_STORE_PATH));
            Log.d(TAG, "getKeyStore-inputs:" + bufferedInputStream);
            keyStore = KeyStore.getInstance("BKS");
            try {
                try {
                    keyStore.load(bufferedInputStream, KEY_STORE_PASSWORD.toCharArray());
                } finally {
                    if (bufferedInputStream != null) {
                        bufferedInputStream.close();
                    }
                }
            } catch (Throwable th) {
                th = th;
                th.printStackTrace();
                return keyStore;
            }
        } catch (Throwable th2) {
            th = th2;
            keyStore = null;
        }
        return keyStore;
    }

    private void injectHostname(Socket socket, String str) {
        try {
            Log.d(TAG, "injectHostname");
            if (Integer.valueOf(Build.VERSION.SDK).intValue() >= 4) {
                Field declaredField = InetAddress.class.getDeclaredField("hostName");
                declaredField.setAccessible(true);
                declaredField.set(socket.getInetAddress(), str);
            }
        } catch (Exception unused) {
        }
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        Log.i(TAG, "createSocket");
        return this.sslContext.getSocketFactory().createSocket();
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        Log.d(TAG, "https host and port " + str + Constants.COLON_SEPARATOR + i);
        injectHostname(socket, str);
        Socket createSocket = this.sslContext.getSocketFactory().createSocket(socket, str, i, z);
        getHostnameVerifier().verify(str, (SSLSocket) createSocket);
        return createSocket;
    }
}
