package com.cardniu.base.manager.http;

import android.net.Uri;
import android.util.Log;
import com.cardniu.base.config.URLConfig;
import com.cardniu.base.core.preference.PreferencesUtils;
import com.cardniu.base.util.ChannelUtil;
import com.cardniu.base.util.DebugUtil;
import com.cardniu.common.util.StringUtil;
import com.cardniu.encrypt.DefaultCrypt;
import java.util.Arrays;
import java.util.regex.Pattern;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.security.cert.X509Certificate;
import okhttp3.internal.tls.OkHostnameVerifier;
import org.json.JSONArray;

/* loaded from: classes.dex */
public class CNCertificateSecurityHNVerifier implements HostnameVerifier {
    private static boolean b;
    private String[] e = null;
    private boolean f;
    private static final String a = CNCertificateSecurityHNVerifier.class.getSimpleName();
    private static final String[] c = {"fiddler.com", "fiddler2.com", "charlesproxy.com", "Packet Capture CA Certificate", "mitmproxy", "Debug Proxy"};
    private static final CNCertificateSecurityHNVerifier d = new CNCertificateSecurityHNVerifier();

    /* loaded from: classes.dex */
    public static class NetworkSecurityConfig {
        public static final int FLAG_CLOSE = 2;
        public static final int FLAG_OPEN = 1;

        public static boolean isOpenDefencePackageCapture() {
            if (!ChannelUtil.isInternalDevelopmentVersion()) {
                return true;
            }
            switch (PreferencesUtils.getIsOpenPackageCaptureDefence()) {
                case -1:
                    return !ChannelUtil.isTestOrDebugVersion();
                case 0:
                case 1:
                default:
                    return true;
                case 2:
                    return false;
            }
        }
    }

    private CNCertificateSecurityHNVerifier() {
    }

    private boolean a(String str, SSLSession sSLSession) {
        try {
            return OkHostnameVerifier.INSTANCE.verify(str, sSLSession);
        } catch (Exception e) {
            Log.e(a, Log.getStackTraceString(e));
            return true;
        }
    }

    public static CNCertificateSecurityHNVerifier getInstance() {
        return d;
    }

    public boolean isSwitchOpen() {
        return this.f;
    }

    public void setSwitchOpen(boolean z) {
        this.f = z;
    }

    public void setUpPackageInsecurityCAIfNeed(String str) {
        if (b) {
            DebugUtil.debug("已经初始化过了.........................");
            return;
        }
        String[] strArr = null;
        try {
            JSONArray jSONArray = new JSONArray(DefaultCrypt.decryptByDefaultKey(str));
            DebugUtil.debug("接口CA配置信息： " + jSONArray);
            strArr = new String[jSONArray.length()];
            for (int i = 0; i < jSONArray.length(); i++) {
                strArr[i] = jSONArray.optString(i);
            }
        } catch (Exception e) {
            DebugUtil.exception(e);
        }
        if (strArr == null || strArr.length <= 0) {
            this.e = c;
            DebugUtil.debug("使用默认的CA信息： " + Arrays.toString(this.e));
        } else {
            this.e = strArr;
            DebugUtil.debug("使用配置的CA信息： " + Arrays.toString(this.e));
        }
        b = true;
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        if (!isSwitchOpen()) {
            return a(str, sSLSession);
        }
        try {
            for (X509Certificate x509Certificate : sSLSession.getPeerCertificateChain()) {
                if (x509Certificate.getIssuerDN() != null && !StringUtil.isEmpty(x509Certificate.getIssuerDN().getName())) {
                    String name = x509Certificate.getIssuerDN().getName();
                    for (String str2 : this.e) {
                        if (str2 != null && str2.length() > 5 && Pattern.compile(Pattern.quote(str2), 2).matcher(name).find() && !StringUtil.isEquals(Uri.parse(URLConfig.TINKER_PATCH_URL).getHost(), str)) {
                            DebugUtil.error("Issuer error... - " + name);
                            return false;
                        }
                    }
                }
            }
        } catch (Exception e) {
            Log.e(a, Log.getStackTraceString(e));
        }
        return a(str, sSLSession);
    }
}
