package cafebabe;

import android.content.Context;
import android.net.http.SslError;
import android.webkit.SslErrorHandler;
import com.huawei.smarthome.common.lib.constants.IotHostManager;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import okhttp3.OkHttpClient;

/* compiled from: CertificateUtil.java */
/* loaded from: classes21.dex */
public class qx0 {

    /* renamed from: a, reason: collision with root package name */
    public static final String f9576a = "qx0";
    public static final X509TrustManager c;
    public static final HostnameVerifier e;
    public static OkHttpClient.Builder g;
    public static final Object b = new Object();
    public static final SSLSocketFactory d = g();
    public static volatile X509TrustManager f = null;

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes21.dex */
    public class a implements kdc {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ SslErrorHandler f9577a;
        public final /* synthetic */ rx0 b;

        public a(SslErrorHandler sslErrorHandler, rx0 rx0Var) {
            this.f9577a = sslErrorHandler;
            this.b = rx0Var;
        }

        @Override // cafebabe.kdc
        public void a(Context context, String str) {
            String unused = qx0.f9576a;
            qx0.d(this.f9577a);
        }

        @Override // cafebabe.kdc
        public void b(Context context, String str) {
            xg6.j(true, qx0.f9576a, "verify failed add callback");
            this.f9577a.cancel();
            this.b.onVerifyFailed();
        }
    }

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes21.dex */
    public static class b implements HostnameVerifier {
        public b() {
        }

        public /* synthetic */ b(a aVar) {
            this();
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            if (IotHostManager.getInstance().isCommercialCloud()) {
                xg6.t(true, qx0.f9576a, "commercial version, trust all host name forbidden");
                return false;
            }
            String unused = qx0.f9576a;
            return true;
        }
    }

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes21.dex */
    public static class c implements X509TrustManager {
        public c() {
        }

        public /* synthetic */ c(a aVar) {
            this();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (IotHostManager.getInstance().isCommercialCloud()) {
                xg6.j(true, qx0.f9576a, "commercial version, trust all server forbidden");
                throw new CertificateException("CertificateUtil checkServerTrusted error");
            }
            String unused = qx0.f9576a;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static {
        a aVar = null;
        c = new c(aVar);
        e = new b(aVar);
        f();
    }

    public static String c(X509Certificate x509Certificate) {
        rv8 rv8Var;
        if (x509Certificate == null) {
            return "";
        }
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        rv8[] h = new jjc(issuerX500Principal != null ? issuerX500Principal.getName() : "").h(m20.g);
        py first = (h == null || h.length <= 0 || (rv8Var = h[0]) == null) ? null : rv8Var.getFirst();
        return (first == null || first.getValue() == null) ? "" : jm5.v(first.getValue());
    }

    public static void d(SslErrorHandler sslErrorHandler) {
        if (sslErrorHandler != null) {
            xg6.m(true, f9576a, "handler.proceed()");
            sslErrorHandler.proceed();
        }
    }

    public static X509TrustManager e() {
        try {
            return k8a.a(kd0.getAppContext());
        } catch (IOException unused) {
            xg6.j(true, f9576a, "init aegisTrustManager IO exception");
            return null;
        } catch (KeyStoreException unused2) {
            xg6.j(true, f9576a, "key store fail");
            return null;
        } catch (NoSuchAlgorithmException unused3) {
            xg6.j(true, f9576a, "no such algorithm");
            return null;
        } catch (CertificateException unused4) {
            xg6.j(true, f9576a, "certificate init fail");
            return null;
        }
    }

    public static void f() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        g = builder;
        builder.dispatcher(bw7.a("CertificateUtil OkHttp Dispatcher"));
        g.sslSocketFactory(getSslSocketFactory(), getX509TrustManager());
        g.hostnameVerifier(getHostnameVerifier());
    }

    /* JADX WARN: Removed duplicated region for block: B:11:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0025  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static javax.net.ssl.SSLSocketFactory g() {
        /*
            r0 = 1
            r1 = 0
            java.lang.String r2 = "TLSv1.2"
            javax.net.ssl.SSLContext r2 = javax.net.ssl.SSLContext.getInstance(r2)     // Catch: java.lang.Throwable -> L17
            javax.net.ssl.TrustManager[] r3 = new javax.net.ssl.TrustManager[r0]     // Catch: java.lang.Throwable -> L18
            javax.net.ssl.X509TrustManager r4 = cafebabe.qx0.c     // Catch: java.lang.Throwable -> L18
            r5 = 0
            r3[r5] = r4     // Catch: java.lang.Throwable -> L18
            java.security.SecureRandom r4 = cafebabe.f8a.getSecureRandom()     // Catch: java.lang.Throwable -> L18
            r2.init(r1, r3, r4)     // Catch: java.lang.Throwable -> L18
            goto L23
        L17:
            r2 = r1
        L18:
            java.lang.String r3 = cafebabe.qx0.f9576a
            java.lang.String r4 = "sslContext init error"
            java.lang.Object[] r4 = new java.lang.Object[]{r4}
            cafebabe.xg6.j(r0, r3, r4)
        L23:
            if (r2 == 0) goto L29
            javax.net.ssl.SSLSocketFactory r1 = r2.getSocketFactory()
        L29:
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: cafebabe.qx0.g():javax.net.ssl.SSLSocketFactory");
    }

    public static HostnameVerifier getHostnameVerifier() {
        return h() ? e : new i2b();
    }

    public static SSLSocketFactory getSslSocketFactory() {
        if (h()) {
            return d;
        }
        try {
            return h8a.c(kd0.getAppContext(), f8a.getSecureRandom());
        } catch (IOException unused) {
            xg6.j(true, f9576a, "get sslSocket factory io fail");
            return null;
        } catch (IllegalAccessException unused2) {
            xg6.j(true, f9576a, "illegal access exception");
            return null;
        } catch (KeyManagementException unused3) {
            xg6.j(true, f9576a, "key management exception");
            return null;
        } catch (KeyStoreException unused4) {
            xg6.j(true, f9576a, "key store fail");
            return null;
        } catch (NoSuchAlgorithmException unused5) {
            xg6.j(true, f9576a, "no such algorithm");
            return null;
        } catch (CertificateException unused6) {
            xg6.j(true, f9576a, "get certificate fail");
            return null;
        }
    }

    public static HostnameVerifier getTrustAllHostnameVerifier() {
        return e;
    }

    public static SSLSocketFactory getTrustAllSslSocketFactory() {
        return d;
    }

    public static X509TrustManager getX509TrustAllManager() {
        return c;
    }

    public static X509TrustManager getX509TrustManager() {
        if (h()) {
            return c;
        }
        if (f != null) {
            return f;
        }
        synchronized (b) {
            try {
                if (f == null) {
                    f = e();
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return f;
    }

    public static boolean h() {
        return (IotHostManager.getInstance().isCommercialCloud() || IotHostManager.getInstance().getHostIndex() == 3) ? false : true;
    }

    public static void i(SslErrorHandler sslErrorHandler, SslError sslError, Context context) {
        String str = f9576a;
        xg6.m(true, str, "verifyWebViewCertificate start");
        if (sslErrorHandler == null || sslError == null || context == null) {
            xg6.t(true, str, "parameters contain null");
        } else if (!h()) {
            jdc.a(sslErrorHandler, sslError, context);
        } else {
            xg6.m(true, str, "isTrustAllCloud()");
            d(sslErrorHandler);
        }
    }

    public static void j(SslErrorHandler sslErrorHandler, SslError sslError, Context context, rx0 rx0Var) {
        if (rx0Var == null) {
            xg6.t(true, f9576a, "callback is null");
            return;
        }
        if (sslErrorHandler == null || sslError == null || context == null) {
            xg6.t(true, f9576a, "parameters contain null");
            rx0Var.onVerifyFailed();
        } else if (!h()) {
            jdc.b(sslErrorHandler, sslError, null, context, new a(sslErrorHandler, rx0Var));
        } else {
            xg6.m(true, f9576a, "cloud is trust AllCloud");
            d(sslErrorHandler);
        }
    }
}
