package com.yonyou.push.smack;

import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
class ServerTrustManager implements X509TrustManager {
    private static Pattern cnPattern = Pattern.compile("(?i)(cn=)([^,]*)");
    private static Map<KeyStoreOptions, KeyStore> stores = new HashMap();
    private ConnectionConfiguration configuration;
    private String server;
    private KeyStore trustStore;

    /* loaded from: classes.dex */
    private static class KeyStoreOptions {
        private final String password;
        private final String path;
        private final String type;

        public KeyStoreOptions(String str, String str2, String str3) {
            this.type = str;
            this.path = str2;
            this.password = str3;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj != null && getClass() == obj.getClass()) {
                KeyStoreOptions keyStoreOptions = (KeyStoreOptions) obj;
                if (this.password == null) {
                    if (keyStoreOptions.password != null) {
                        return false;
                    }
                } else if (!this.password.equals(keyStoreOptions.password)) {
                    return false;
                }
                if (this.path == null) {
                    if (keyStoreOptions.path != null) {
                        return false;
                    }
                } else if (!this.path.equals(keyStoreOptions.path)) {
                    return false;
                }
                return this.type == null ? keyStoreOptions.type == null : this.type.equals(keyStoreOptions.type);
            }
            return false;
        }

        public String getPassword() {
            return this.password;
        }

        public String getPath() {
            return this.path;
        }

        public String getType() {
            return this.type;
        }

        public int hashCode() {
            return (((((this.password == null ? 0 : this.password.hashCode()) + 31) * 31) + (this.path == null ? 0 : this.path.hashCode())) * 31) + (this.type != null ? this.type.hashCode() : 0);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:9:0x0032 A[Catch: all -> 0x0066, TryCatch #3 {all -> 0x0066, blocks: (B:4:0x000b, B:6:0x0024, B:7:0x002e, B:9:0x0032, B:10:0x0036, B:20:0x005e, B:29:0x0067, B:47:0x007b, B:45:0x007e, B:38:0x0072), top: B:3:0x000b }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public ServerTrustManager(java.lang.String r9, com.yonyou.push.smack.ConnectionConfiguration r10) {
        /*
            r8 = this;
            r8.<init>()
            r8.configuration = r10
            r8.server = r9
            r1 = 0
            java.util.Map<com.yonyou.push.smack.ServerTrustManager$KeyStoreOptions, java.security.KeyStore> r5 = com.yonyou.push.smack.ServerTrustManager.stores
            monitor-enter(r5)
            com.yonyou.push.smack.ServerTrustManager$KeyStoreOptions r3 = new com.yonyou.push.smack.ServerTrustManager$KeyStoreOptions     // Catch: java.lang.Throwable -> L66
            java.lang.String r4 = r10.getTruststoreType()     // Catch: java.lang.Throwable -> L66
            java.lang.String r6 = r10.getTruststorePath()     // Catch: java.lang.Throwable -> L66
            java.lang.String r7 = r10.getTruststorePassword()     // Catch: java.lang.Throwable -> L66
            r3.<init>(r4, r6, r7)     // Catch: java.lang.Throwable -> L66
            java.util.Map<com.yonyou.push.smack.ServerTrustManager$KeyStoreOptions, java.security.KeyStore> r4 = com.yonyou.push.smack.ServerTrustManager.stores     // Catch: java.lang.Throwable -> L66
            boolean r4 = r4.containsKey(r3)     // Catch: java.lang.Throwable -> L66
            if (r4 == 0) goto L38
            java.util.Map<com.yonyou.push.smack.ServerTrustManager$KeyStoreOptions, java.security.KeyStore> r4 = com.yonyou.push.smack.ServerTrustManager.stores     // Catch: java.lang.Throwable -> L66
            java.lang.Object r4 = r4.get(r3)     // Catch: java.lang.Throwable -> L66
            java.security.KeyStore r4 = (java.security.KeyStore) r4     // Catch: java.lang.Throwable -> L66
            r8.trustStore = r4     // Catch: java.lang.Throwable -> L66
        L2e:
            java.security.KeyStore r4 = r8.trustStore     // Catch: java.lang.Throwable -> L66
            if (r4 != 0) goto L36
            r4 = 0
            r10.setVerifyRootCAEnabled(r4)     // Catch: java.lang.Throwable -> L66
        L36:
            monitor-exit(r5)     // Catch: java.lang.Throwable -> L66
            return
        L38:
            java.lang.String r4 = r3.getType()     // Catch: java.lang.Exception -> L69 java.lang.Throwable -> L78
            java.security.KeyStore r4 = java.security.KeyStore.getInstance(r4)     // Catch: java.lang.Exception -> L69 java.lang.Throwable -> L78
            r8.trustStore = r4     // Catch: java.lang.Exception -> L69 java.lang.Throwable -> L78
            java.io.FileInputStream r2 = new java.io.FileInputStream     // Catch: java.lang.Exception -> L69 java.lang.Throwable -> L78
            java.lang.String r4 = r3.getPath()     // Catch: java.lang.Exception -> L69 java.lang.Throwable -> L78
            r2.<init>(r4)     // Catch: java.lang.Exception -> L69 java.lang.Throwable -> L78
            java.security.KeyStore r4 = r8.trustStore     // Catch: java.lang.Throwable -> L87 java.lang.Exception -> L8a
            java.lang.String r6 = r3.getPassword()     // Catch: java.lang.Throwable -> L87 java.lang.Exception -> L8a
            char[] r6 = r6.toCharArray()     // Catch: java.lang.Throwable -> L87 java.lang.Exception -> L8a
            r4.load(r2, r6)     // Catch: java.lang.Throwable -> L87 java.lang.Exception -> L8a
            if (r2 == 0) goto L8d
            r2.close()     // Catch: java.io.IOException -> L7f java.lang.Throwable -> L84
            r1 = r2
        L5e:
            java.util.Map<com.yonyou.push.smack.ServerTrustManager$KeyStoreOptions, java.security.KeyStore> r4 = com.yonyou.push.smack.ServerTrustManager.stores     // Catch: java.lang.Throwable -> L66
            java.security.KeyStore r6 = r8.trustStore     // Catch: java.lang.Throwable -> L66
            r4.put(r3, r6)     // Catch: java.lang.Throwable -> L66
            goto L2e
        L66:
            r4 = move-exception
        L67:
            monitor-exit(r5)     // Catch: java.lang.Throwable -> L66
            throw r4
        L69:
            r0 = move-exception
        L6a:
            r4 = 0
            r8.trustStore = r4     // Catch: java.lang.Throwable -> L78
            r0.printStackTrace()     // Catch: java.lang.Throwable -> L78
            if (r1 == 0) goto L5e
            r1.close()     // Catch: java.lang.Throwable -> L66 java.io.IOException -> L76
            goto L5e
        L76:
            r4 = move-exception
            goto L5e
        L78:
            r4 = move-exception
        L79:
            if (r1 == 0) goto L7e
            r1.close()     // Catch: java.lang.Throwable -> L66 java.io.IOException -> L82
        L7e:
            throw r4     // Catch: java.lang.Throwable -> L66
        L7f:
            r4 = move-exception
            r1 = r2
            goto L5e
        L82:
            r6 = move-exception
            goto L7e
        L84:
            r4 = move-exception
            r1 = r2
            goto L67
        L87:
            r4 = move-exception
            r1 = r2
            goto L79
        L8a:
            r0 = move-exception
            r1 = r2
            goto L6a
        L8d:
            r1 = r2
            goto L5e
        */
        throw new UnsupportedOperationException("Method not decompiled: com.yonyou.push.smack.ServerTrustManager.<init>(java.lang.String, com.yonyou.push.smack.ConnectionConfiguration):void");
    }

    public static List<String> getPeerIdentity(X509Certificate x509Certificate) {
        List<String> subjectAlternativeNames = getSubjectAlternativeNames(x509Certificate);
        if (!subjectAlternativeNames.isEmpty()) {
            return subjectAlternativeNames;
        }
        String name = x509Certificate.getSubjectDN().getName();
        Matcher matcher = cnPattern.matcher(name);
        if (matcher.find()) {
            name = matcher.group(2);
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(name);
        return arrayList;
    }

    private static List<String> getSubjectAlternativeNames(X509Certificate x509Certificate) {
        ArrayList arrayList = new ArrayList();
        try {
            return x509Certificate.getSubjectAlternativeNames() == null ? Collections.emptyList() : arrayList;
        } catch (CertificateParsingException e) {
            e.printStackTrace();
            return arrayList;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        int length = x509CertificateArr.length;
        List<String> peerIdentity = getPeerIdentity(x509CertificateArr[0]);
        if (this.configuration.isVerifyChainEnabled()) {
            Principal principal = null;
            for (int i = length - 1; i >= 0; i--) {
                X509Certificate x509Certificate = x509CertificateArr[i];
                Principal issuerDN = x509Certificate.getIssuerDN();
                Principal subjectDN = x509Certificate.getSubjectDN();
                if (principal != null) {
                    if (!issuerDN.equals(principal)) {
                        throw new CertificateException("subject/issuer verification failed of " + peerIdentity);
                    }
                    try {
                        x509CertificateArr[i].verify(x509CertificateArr[i + 1].getPublicKey());
                    } catch (GeneralSecurityException e) {
                        throw new CertificateException("signature verification failed of " + peerIdentity);
                    }
                }
                principal = subjectDN;
            }
        }
        if (this.configuration.isVerifyRootCAEnabled()) {
            boolean z = false;
            try {
                z = this.trustStore.getCertificateAlias(x509CertificateArr[length + (-1)]) != null;
                if (!z && length == 1 && this.configuration.isSelfSignedCertificateEnabled()) {
                    System.out.println("Accepting self-signed certificate of remote server: " + peerIdentity);
                    z = true;
                }
            } catch (KeyStoreException e2) {
                e2.printStackTrace();
            }
            if (!z) {
                throw new CertificateException("root certificate not trusted of " + peerIdentity);
            }
        }
        if (this.configuration.isNotMatchingDomainCheckEnabled()) {
            if (peerIdentity.size() == 1 && peerIdentity.get(0).startsWith("*.")) {
                if (!this.server.endsWith(peerIdentity.get(0).replace("*.", ""))) {
                    throw new CertificateException("target verification failed of " + peerIdentity);
                }
            } else if (!peerIdentity.contains(this.server)) {
                throw new CertificateException("target verification failed of " + peerIdentity);
            }
        }
        if (this.configuration.isExpiredCertificatesCheckEnabled()) {
            Date date = new Date();
            for (X509Certificate x509Certificate2 : x509CertificateArr) {
                try {
                    x509Certificate2.checkValidity(date);
                } catch (GeneralSecurityException e3) {
                    throw new CertificateException("invalid date of " + this.server);
                }
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
