package com.rtsdeyu.utils;

import android.content.Context;
import android.net.http.SslCertificate;
import android.os.Bundle;
import android.text.TextUtils;
import com.qingchunyouyue.goyor.R;
import com.rtsdeyu.api.ConnectConf;
import com.rtsdeyu.common.shareprefs.WbSharedUtil;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Arrays;
import org.acra.ACRAConstants;
import timber.log.Timber;

/* loaded from: classes2.dex */
public class SSLCertUtil {
    public static InputStream getInputStreamOfCert(Context context) {
        String comString = WbSharedUtil.getComString(context, WbSharedUtil.SERVER_SSL_CERTIFICATE_SYNC_TAG);
        Timber.i("getInputStreamOfCert >>> share syncTag = %s", comString);
        if (comString.compareToIgnoreCase("") <= 0) {
            Timber.i("getInputStreamOfCert >>> load getAssets cer", new Object[0]);
            return verifyCert(AssetsUtil.open(context, context.getString(R.string.cer_assets_name)), ConnectConf.CER_ENCRYPT_SHA256, ConnectConf.CER_DECRYPT_SHA256);
        }
        InputStream verifyCert = verifyCert(WbSharedUtil.getComString(context, WbSharedUtil.SERVER_SSL_CERTIFICATE), WbSharedUtil.getComString(context, WbSharedUtil.SSL_CER_ENCRYPT_SHA256), WbSharedUtil.getComString(context, WbSharedUtil.SSL_CER_DECRYPT_SHA256));
        if (verifyCert != null) {
            return verifyCert;
        }
        Timber.i("getInputStreamOfCert >>> load getAssets cer", new Object[0]);
        return verifyCert(AssetsUtil.open(context, context.getString(R.string.cer_assets_name)), ConnectConf.CER_ENCRYPT_SHA256, ConnectConf.CER_DECRYPT_SHA256);
    }

    public static Certificate getLocalCA(Context context) {
        try {
            return CertificateFactory.getInstance(ACRAConstants.DEFAULT_CERTIFICATE_TYPE).generateCertificate(new BufferedInputStream(getInputStreamOfCert(context)));
        } catch (CertificateException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static Certificate getRemoteCA(SslCertificate sslCertificate) {
        Bundle saveState;
        byte[] byteArray;
        if (sslCertificate != null && (saveState = SslCertificate.saveState(sslCertificate)) != null && (byteArray = saveState.getByteArray("x509-certificate")) != null) {
            try {
                return CertificateFactory.getInstance(ACRAConstants.DEFAULT_CERTIFICATE_TYPE).generateCertificate(new ByteArrayInputStream(byteArray));
            } catch (CertificateException e) {
                e.printStackTrace();
            }
        }
        return null;
    }

    public static boolean isSslCertificateMatching(Context context, SslCertificate sslCertificate) {
        try {
            Certificate localCA = getLocalCA(context);
            Certificate remoteCA = getRemoteCA(sslCertificate);
            if (localCA == null || remoteCA == null) {
                return false;
            }
            return Arrays.equals(localCA.getEncoded(), remoteCA.getEncoded());
        } catch (CertificateException e) {
            e.printStackTrace();
            return false;
        }
    }

    public static InputStream verifyCert(String str, String str2, String str3) {
        Timber.d("verifyCert >>> ", new Object[0]);
        if (!TextUtils.isEmpty(str) && !TextUtils.isEmpty(str2) && !TextUtils.isEmpty(str3)) {
            try {
                String AES256Decrypt = CyptoUtils.AES256Decrypt(str, ConnectConf.AES256_KEY);
                boolean equals = TextUtils.equals(str2, CyptoUtils.SHA256(str).toLowerCase());
                boolean equals2 = TextUtils.equals(str3, CyptoUtils.SHA256(AES256Decrypt).toLowerCase());
                if (!TextUtils.isEmpty(AES256Decrypt) && equals && equals2) {
                    return new ByteArrayInputStream(AES256Decrypt.getBytes());
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return null;
    }
}
