package com.fenbi.tutor.support.network;

import android.os.Handler;
import android.os.Looper;
import com.fenbi.tutor.a;
import com.yuanfudao.android.common.util.Config;
import com.yuanfudao.android.common.util.k;
import com.yuanfudao.android.common.util.l;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes3.dex */
public class a implements X509TrustManager {
    private List<X509TrustManager> a = new ArrayList();
    private Handler b = new Handler(Looper.getMainLooper());
    private Runnable c = new Runnable() { // from class: com.fenbi.tutor.support.network.a.1
        @Override // java.lang.Runnable
        public void run() {
            l.a(com.fenbi.tutor.common.helper.a.b(), k.a(a.j.tutor_ssl_time_sync_error));
            com.fenbi.tutor.support.frog.b.b(String.format("sslTimeCertificateError/%s", Long.valueOf(System.currentTimeMillis())));
        }
    };

    public a() throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException {
        InputStream inputStream = null;
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (TrustManager trustManager : trustManagers) {
            if (trustManager instanceof X509TrustManager) {
                this.a.add((X509TrustManager) trustManager);
            }
        }
        KeyStore keyStore = KeyStore.getInstance("BKS");
        try {
            inputStream = com.fenbi.tutor.common.helper.a.b().getApplicationContext().getResources().openRawResource(Config.b() ? a.i.yfd : a.i.yfd_online);
            keyStore.load(inputStream, "123456".toCharArray());
            if (inputStream != null) {
                inputStream.close();
            }
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance("X509");
            trustManagerFactory2.init(keyStore);
            for (TrustManager trustManager2 : trustManagerFactory2.getTrustManagers()) {
                if (trustManager2 instanceof X509TrustManager) {
                    this.a.add((X509TrustManager) trustManager2);
                }
            }
        } catch (Exception e) {
            if (inputStream != null) {
                inputStream.close();
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                inputStream.close();
            }
            throw th;
        }
    }

    private boolean a(Exception exc) {
        if (exc == null) {
            return false;
        }
        Throwable cause = exc.getCause();
        for (int i = 0; i < 5 && cause != null; i++) {
            if ((cause instanceof CertificateNotYetValidException) || (cause instanceof CertificateExpiredException) || (cause instanceof javax.security.cert.CertificateNotYetValidException) || (cause instanceof javax.security.cert.CertificateExpiredException)) {
                return true;
            }
            cause = cause.getCause();
        }
        return false;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        boolean z;
        Iterator<X509TrustManager> it = this.a.iterator();
        while (true) {
            if (!it.hasNext()) {
                z = false;
                break;
            } else {
                try {
                    it.next().checkClientTrusted(x509CertificateArr, str);
                    z = true;
                    break;
                } catch (CertificateException e) {
                }
            }
        }
        if (!z) {
            throw new CertificateException();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        boolean z = true;
        Iterator<X509TrustManager> it = this.a.iterator();
        boolean z2 = false;
        while (true) {
            if (!it.hasNext()) {
                z = false;
                break;
            }
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                break;
            } catch (CertificateException e) {
                z2 = a(e) ? true : z2;
            }
        }
        if (z) {
            return;
        }
        if (z2) {
            this.b.removeCallbacks(this.c);
            this.b.post(this.c);
        } else {
            com.fenbi.tutor.support.network.domainretry.e.a();
        }
        throw new CertificateException();
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        ArrayList arrayList = new ArrayList();
        Iterator<X509TrustManager> it = this.a.iterator();
        while (it.hasNext()) {
            arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
    }
}
