package com.xylink.d;

import android.content.Context;
import android.log.L;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;

/* compiled from: TbsSdkJava */
/* loaded from: classes2.dex */
public class a {

    /* renamed from: a, reason: collision with root package name */
    private static final String f8871a = "XY509TrustManager";

    /* renamed from: b, reason: collision with root package name */
    private Context f8872b;
    private SSLContext c;
    private X509TrustManager d;
    private List<X509Certificate> e;
    private boolean f;
    private boolean g;

    /* compiled from: TbsSdkJava */
    /* renamed from: com.xylink.d.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    private static class C0206a {

        /* renamed from: a, reason: collision with root package name */
        private static final a f8876a = new a();

        private C0206a() {
        }
    }

    private a() {
        this.d = h();
        this.e = new ArrayList();
    }

    public static a a() {
        return C0206a.f8876a;
    }

    private Certificate a(String str) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            InputStream open = this.f8872b.getAssets().open(str);
            Certificate generateCertificate = certificateFactory.generateCertificate(open);
            open.close();
            return generateCertificate;
        } catch (Exception e) {
            L.i(f8871a, "loadCertificate : " + str + ", failed : " + e.getMessage());
            return null;
        }
    }

    private X509TrustManager h() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return (X509TrustManager) trustManagers[0];
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (GeneralSecurityException e) {
            L.i(f8871a, e.getMessage());
            return null;
        }
    }

    public void a(Context context) {
        if (this.f8872b != null) {
            return;
        }
        this.f8872b = context.getApplicationContext();
        try {
            CertificateFactory.getInstance("X.509");
            String defaultType = KeyStore.getDefaultType();
            L.i(f8871a, "storeType : " + defaultType);
            KeyStore keyStore = KeyStore.getInstance(defaultType);
            keyStore.load(null);
            Certificate a2 = a("xylink.pem");
            if (a2 != null) {
                keyStore.setCertificateEntry("xylink", a2);
            }
            Certificate a3 = a("third.crt");
            if (a2 != null) {
                keyStore.setCertificateEntry("third", a3);
            }
            X509Certificate x509Certificate = (X509Certificate) a("cfca-chain.pem");
            if (x509Certificate != null) {
                L.i(f8871a, "whiteList, subject : " + x509Certificate.getSubjectDN().getName() + ", issuer : " + x509Certificate.getIssuerDN().getName() + ", start : " + x509Certificate.getNotBefore() + ", end : " + x509Certificate.getNotAfter() + ", serialNo : " + x509Certificate.getSerialNumber());
                this.e.add(x509Certificate);
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            this.c = SSLContext.getInstance(SSLConnectionSocketFactory.TLS);
            this.c.init(null, trustManagers, null);
        } catch (Exception e) {
            L.i(f8871a, "init failure : " + e.getMessage());
        }
    }

    public void a(boolean z) {
        this.f = z;
    }

    public void b(boolean z) {
        this.g = z;
    }

    public boolean b() {
        return this.f;
    }

    public boolean c() {
        return this.g;
    }

    public SSLSocketFactory d() {
        if (this.c != null) {
            return this.c.getSocketFactory();
        }
        return null;
    }

    public SSLSocketFactory e() {
        try {
            SSLContext sSLContext = SSLContext.getInstance(SSLConnectionSocketFactory.TLS);
            sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: com.xylink.d.a.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                    a.this.d.checkClientTrusted(x509CertificateArr, str);
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                    for (X509Certificate x509Certificate : a.this.e) {
                        for (X509Certificate x509Certificate2 : x509CertificateArr) {
                            try {
                                if (x509Certificate2.getIssuerDN().equals(x509Certificate.getSubjectDN())) {
                                    x509Certificate2.verify(x509Certificate.getPublicKey());
                                    return;
                                }
                            } catch (Exception e) {
                                L.i(a.f8871a, "checkServerTrusted failed : " + e.getMessage());
                            }
                        }
                    }
                    a.this.d.checkServerTrusted(x509CertificateArr, str);
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return a.this.d.getAcceptedIssuers();
                }
            }}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            L.i(f8871a, "getTrustPlusFactory failed : " + e.getMessage());
            return null;
        }
    }

    public SSLSocketFactory f() {
        try {
            SSLContext sSLContext = SSLContext.getInstance(SSLConnectionSocketFactory.TLS);
            sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: com.xylink.d.a.2
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception unused) {
            return null;
        }
    }

    public HostnameVerifier g() {
        return new HostnameVerifier() { // from class: com.xylink.d.a.3
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        };
    }
}
