package com.mi.mi_http.okhttp;

import com.mi.mi_http.HttpConfig;
import com.mi.mi_http.HttpInIt;
import com.mi.milibrary.utils.FileUtil;
import com.mi.milibrary.utils.LogUtils;
import java.io.File;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Cache;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;

/* loaded from: classes.dex */
public final class MiOkHttpClient {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static final class OkHttpHolder {
        private static final long CONNECT_TIME_OUT = 20;
        private static final long READ_TIME_OUT = 20;
        private static final long WRITE_TIME_OUT = 20;
        private static HttpConfig httpConfigData = HttpInIt.getConfig();
        private static final OkHttpClient.Builder BUILDER = new OkHttpClient.Builder();
        static Cache cache = new Cache(new File(FileUtil.HTTP_CACHE_DIR), 102400);
        private static final OkHttpClient OK_HTTP_CLIENT = addCertificate().connectTimeout(20, TimeUnit.SECONDS).readTimeout(20, TimeUnit.SECONDS).writeTimeout(20, TimeUnit.SECONDS).retryOnConnectionFailure(httpConfigData.getHTTP_RETRY_CONNECTION().booleanValue()).cache(cache).build();

        private OkHttpHolder() {
        }

        private static final OkHttpClient.Builder addCertificate() {
            return addInterceptors().sslSocketFactory(MiOkHttpClient.access$200()).hostnameVerifier(new HostnameVerifier() { // from class: com.mi.mi_http.okhttp.MiOkHttpClient.OkHttpHolder.1
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }
            });
        }

        private static OkHttpClient.Builder addInterceptors() {
            ArrayList<Interceptor> http_interceptor = httpConfigData.getHTTP_INTERCEPTOR();
            ArrayList<Interceptor> http_network_interceptor = httpConfigData.getHTTP_NETWORK_INTERCEPTOR();
            if (http_interceptor != null && !http_interceptor.isEmpty()) {
                Iterator<Interceptor> it = http_interceptor.iterator();
                while (it.hasNext()) {
                    BUILDER.addInterceptor(it.next());
                }
            }
            if (http_network_interceptor != null && !http_network_interceptor.isEmpty()) {
                Iterator<Interceptor> it2 = http_network_interceptor.iterator();
                while (it2.hasNext()) {
                    BUILDER.addNetworkInterceptor(it2.next());
                }
            }
            return BUILDER;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static final class OkHttpHolderLong {
        private static final long CONNECT_TIME_OUT = 20;
        private static final long READ_TIME_OUT = 20;
        private static HttpConfig httpConfigData = HttpInIt.getConfig();
        private static final OkHttpClient.Builder BUILDER = new OkHttpClient.Builder();
        static Cache cache = new Cache(new File(FileUtil.HTTP_CACHE_DIR), 102400);
        private static final long WRITE_TIME_OUT = 90;
        private static final OkHttpClient OK_HTTP_CLIENT = addCertificate().connectTimeout(20, TimeUnit.SECONDS).readTimeout(20, TimeUnit.SECONDS).writeTimeout(WRITE_TIME_OUT, TimeUnit.SECONDS).retryOnConnectionFailure(httpConfigData.getHTTP_RETRY_CONNECTION().booleanValue()).cache(cache).build();

        private OkHttpHolderLong() {
        }

        private static final OkHttpClient.Builder addCertificate() {
            return addInterceptors().sslSocketFactory(MiOkHttpClient.access$200()).hostnameVerifier(new HostnameVerifier() { // from class: com.mi.mi_http.okhttp.MiOkHttpClient.OkHttpHolderLong.1
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }
            });
        }

        private static OkHttpClient.Builder addInterceptors() {
            ArrayList<Interceptor> http_interceptor = httpConfigData.getHTTP_INTERCEPTOR();
            ArrayList<Interceptor> http_network_interceptor = httpConfigData.getHTTP_NETWORK_INTERCEPTOR();
            if (http_interceptor != null && !http_interceptor.isEmpty()) {
                Iterator<Interceptor> it = http_interceptor.iterator();
                while (it.hasNext()) {
                    BUILDER.addInterceptor(it.next());
                }
            }
            if (http_network_interceptor != null && !http_network_interceptor.isEmpty()) {
                Iterator<Interceptor> it2 = http_network_interceptor.iterator();
                while (it2.hasNext()) {
                    BUILDER.addNetworkInterceptor(it2.next());
                }
            }
            return BUILDER;
        }
    }

    /* loaded from: classes.dex */
    public static class TrustAllCerts implements X509TrustManager {
        private static HttpConfig httpConfigData = HttpInIt.getConfig();

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            boolean booleanValue = httpConfigData.getHTTP_CERTIFICATE_FLAG().booleanValue();
            InputStream http_certificate_input = httpConfigData.getHTTP_CERTIFICATE_INPUT();
            if (booleanValue || http_certificate_input == null) {
                LogUtils.logd("信任所有证书");
                return;
            }
            LogUtils.logd("配置证书");
            if (x509CertificateArr == null) {
                throw new CertificateException("checkServerTrusted: X509Certificate array is null");
            }
            if (x509CertificateArr.length < 1) {
                throw new CertificateException("checkServerTrusted: X509Certificate is empty");
            }
            if (str == null || !str.equals("ECDHE_RSA")) {
                throw new CertificateException("checkServerTrusted: AuthType is not ECDHE_RSA");
            }
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                trustManagerFactory.init((KeyStore) null);
                for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                    ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, str);
                }
            } catch (KeyStoreException e) {
                e.printStackTrace();
            } catch (NoSuchAlgorithmException e2) {
                e2.printStackTrace();
            }
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(http_certificate_input);
            String bigInteger = new BigInteger(1, x509Certificate.getPublicKey().getEncoded()).toString(16);
            String name = x509Certificate.getSubjectDN().getName();
            String name2 = x509Certificate.getIssuerDN().getName();
            X509Certificate x509Certificate2 = x509CertificateArr[0];
            if (!bigInteger.equals(new BigInteger(1, x509Certificate2.getPublicKey().getEncoded()).toString(16))) {
                throw new CertificateException("server's PublicKey is not equals to client's PublicKey");
            }
            if (!name.equals(x509Certificate2.getSubjectDN().getName())) {
                throw new CertificateException("server's subject is not equals to client's subject");
            }
            if (!name2.equals(x509Certificate2.getIssuerDN().getName())) {
                throw new CertificateException("server's issuser is not equals to client's issuser");
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static /* synthetic */ SSLSocketFactory access$200() {
        return createSSLSocketFactory();
    }

    private static SSLSocketFactory createSSLSocketFactory() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{new TrustAllCerts()}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception unused) {
            return null;
        }
    }

    public static OkHttpClient getOkHttpClient() {
        return OkHttpHolder.OK_HTTP_CLIENT;
    }

    public static OkHttpClient getOkHttpLongClient() {
        return OkHttpHolderLong.OK_HTTP_CLIENT;
    }
}
