package com.tencent.weiyun;

import android.content.Context;
import android.text.TextUtils;
import android.util.Log;
import com.tencent.qapmsdk.crash.CrashConstants;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes6.dex */
public final class HttpsUtils {
    private static final String TAG = "HttpsUtils";
    private static HostnameVerifier sHostnameVerifier;
    private static Pattern sIpv4Pattern;
    private static Pattern sIpv6Pattern;
    private static SSLSocketFactory sSslSocketFactory;
    private static final Object OBJ_LOCK = new Object();
    private static boolean sEnableSingleConnectionConfig = true;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes6.dex */
    public static class NotValidateTimeTrustManager implements X509TrustManager {
        private final X509TrustManager defaultTrustManager;

        NotValidateTimeTrustManager(X509TrustManager x509TrustManager) {
            this.defaultTrustManager = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
        }

        /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (Throwable th) {
                Log.e(HttpsUtils.TAG, Log.getStackTraceString(th));
                if (th instanceof CertificateException) {
                    for (Throwable th2 = th; th2 != null; th2 = th2.getCause()) {
                        if ((th2 instanceof CertificateExpiredException) || (th2 instanceof CertificateNotYetValidException)) {
                            return;
                        }
                    }
                } else if (th instanceof CertPathValidatorException) {
                    return;
                }
                throw th;
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.defaultTrustManager.getAcceptedIssuers();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes6.dex */
    public static class Tls12SocketFactory extends SSLSocketFactory {
        private final SSLSocketFactory defaultSSLSocketFactory;
        private static final String TLS_V10 = "TLSv1";
        private static final String[] TLS_SUPPORT_V10 = {TLS_V10};
        private static final String TLS_V11 = "TLSv1.1";
        private static final String[] TLS_SUPPORT_V11 = {TLS_V11};
        private static final String TLS_V12 = "TLSv1.2";
        private static final String[] TLS_SUPPORT_V12 = {TLS_V12};
        private static final String[] TLS_SUPPORT_V11_V12 = {TLS_V11, TLS_V12};

        Tls12SocketFactory(SSLSocketFactory sSLSocketFactory) {
            this.defaultSSLSocketFactory = sSLSocketFactory;
        }

        private Socket patch(Socket socket) {
            String[] supportedProtocols;
            int i;
            char c2;
            if (socket instanceof SSLSocket) {
                try {
                    supportedProtocols = ((SSLSocket) socket).getSupportedProtocols();
                } catch (IllegalArgumentException e2) {
                    Log.e(HttpsUtils.TAG, Log.getStackTraceString(e2));
                }
                if (supportedProtocols != null) {
                    c2 = 0;
                    for (String str : supportedProtocols) {
                        if (TextUtils.equals(str, TLS_V11)) {
                            c2 = c2 == 2 ? (char) 3 : (char) 1;
                            if (c2 == 3) {
                                break;
                            }
                        } else {
                            if (TextUtils.equals(str, TLS_V12)) {
                                c2 = c2 == 1 ? (char) 3 : (char) 2;
                                if (c2 == 3) {
                                    break;
                                }
                            } else {
                                continue;
                            }
                        }
                        Log.e(HttpsUtils.TAG, Log.getStackTraceString(e2));
                    }
                } else {
                    c2 = 0;
                }
                if (c2 == 0) {
                    Log.e(HttpsUtils.TAG, supportedProtocols.toString());
                }
                ((SSLSocket) socket).setEnabledProtocols(c2 == 0 ? TLS_SUPPORT_V10 : c2 == 1 ? TLS_SUPPORT_V11 : c2 == 2 ? TLS_SUPPORT_V12 : TLS_SUPPORT_V11_V12);
            }
            return socket;
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
            return patch(this.defaultSSLSocketFactory.createSocket(str, i));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
            return patch(this.defaultSSLSocketFactory.createSocket(str, i, inetAddress, i2));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
            return patch(this.defaultSSLSocketFactory.createSocket(inetAddress, i));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
            return patch(this.defaultSSLSocketFactory.createSocket(inetAddress, i, inetAddress2, i2));
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
            return patch(this.defaultSSLSocketFactory.createSocket(socket, str, i, z));
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getDefaultCipherSuites() {
            return this.defaultSSLSocketFactory.getDefaultCipherSuites();
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getSupportedCipherSuites() {
            return this.defaultSSLSocketFactory.getSupportedCipherSuites();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes6.dex */
    public static class UnSafeHostnameVerifier implements HostnameVerifier {
        private UnSafeHostnameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            if (TextUtils.isEmpty(str) || !HttpsUtils.isIpAddress(str)) {
                return HttpsURLConnection.getDefaultHostnameVerifier().verify(str, sSLSession);
            }
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes6.dex */
    public static class UnSafeTrustManager implements X509TrustManager {
        private UnSafeTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static {
        sIpv4Pattern = null;
        sIpv6Pattern = null;
        try {
            sIpv4Pattern = Pattern.compile("(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])", 2);
            sIpv6Pattern = Pattern.compile("([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}", 2);
        } catch (PatternSyntaxException e2) {
            Log.e(TAG, Log.getStackTraceString(e2));
        }
    }

    private HttpsUtils() {
    }

    public static void closeSilently(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (Throwable th) {
                Log.e(TAG, Log.getStackTraceString(th));
            }
        }
    }

    public static void configConnection(HttpURLConnection httpURLConnection, boolean z) {
        if (sEnableSingleConnectionConfig && (httpURLConnection instanceof HttpsURLConnection)) {
            if (sHostnameVerifier == null || sSslSocketFactory == null) {
                synchronized (OBJ_LOCK) {
                    if (sHostnameVerifier == null || sSslSocketFactory == null) {
                        sHostnameVerifier = getUnSafeHostnameVerifier();
                        sSslSocketFactory = getDefaultSSLSocketFactory(false);
                    }
                }
            }
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;
            if (!z) {
                httpsURLConnection.setHostnameVerifier(sHostnameVerifier);
            }
            httpsURLConnection.setSSLSocketFactory(sSslSocketFactory);
        }
    }

    public static void enableHttpsUrlConnection(Context context, boolean z, boolean z2, boolean z3, boolean z4, String... strArr) {
        if (z) {
            HttpsURLConnection.setDefaultSSLSocketFactory(getDefaultSSLSocketFactory(true));
            if (z3) {
                return;
            }
            HttpsURLConnection.setDefaultHostnameVerifier(getUnSafeHostnameVerifier());
            return;
        }
        if (z2) {
            HttpsURLConnection.setDefaultSSLSocketFactory(getSSLSocketFactory(false, (InputStream[]) null, (InputStream) null, (String) null));
            HttpsURLConnection.setDefaultHostnameVerifier(getUnSafeHostnameVerifier());
            return;
        }
        if (strArr == null || strArr.length <= 0) {
            HttpsURLConnection.setDefaultSSLSocketFactory(getDefaultSSLSocketFactory(true));
            if (z3) {
                return;
            }
            HttpsURLConnection.setDefaultHostnameVerifier(getUnSafeHostnameVerifier());
            return;
        }
        InputStream[] certificates = getCertificates(context, strArr);
        HttpsURLConnection.setDefaultSSLSocketFactory(getSSLSocketFactory(z4, certificates, (InputStream) null, (String) null));
        if (!z3 || certificates == null) {
            HttpsURLConnection.setDefaultHostnameVerifier(getUnSafeHostnameVerifier());
        }
    }

    public static void enableHttpsUrlConnectionAllTrust(Context context) {
        enableHttpsUrlConnection(context, false, true, false, false, new String[0]);
    }

    public static void enableHttpsUrlConnectionCustomizedTrust(Context context, boolean z, boolean z2, String[] strArr) {
        enableHttpsUrlConnection(context, false, false, z, z2, strArr);
    }

    public static void enableHttpsUrlConnectionDefaultTrust(Context context, boolean z) {
        enableHttpsUrlConnection(context, true, false, z, false, new String[0]);
    }

    private static InputStream[] getCertificates(Context context, String... strArr) {
        if (context == null || strArr == null || strArr.length <= 0) {
            return null;
        }
        try {
            InputStream[] inputStreamArr = new InputStream[strArr.length];
            for (int i = 0; i < strArr.length; i++) {
                inputStreamArr[i] = context.getAssets().open(strArr[i]);
            }
            return inputStreamArr;
        } catch (IOException e2) {
            Log.e(TAG, Log.getStackTraceString(e2));
            return null;
        }
    }

    public static SSLSocketFactory getDefaultSSLSocketFactory(boolean z) {
        NotValidateTimeTrustManager[] notValidateTimeTrustManagers;
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            if (z) {
                notValidateTimeTrustManagers = null;
            } else {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                try {
                    trustManagerFactory.init((KeyStore) null);
                } catch (KeyStoreException e2) {
                    Log.e(TAG, Log.getStackTraceString(e2));
                }
                notValidateTimeTrustManagers = getNotValidateTimeTrustManagers(trustManagerFactory.getTrustManagers());
            }
            sSLContext.init((KeyManager[]) null, notValidateTimeTrustManagers, (SecureRandom) null);
            return getTls12SocketFactory(sSLContext.getSocketFactory());
        } catch (KeyManagementException | NoSuchAlgorithmException e3) {
            Log.e(TAG, Log.getStackTraceString(e3));
            throw new AssertionError(e3);
        }
    }

    public static NotValidateTimeTrustManager[] getNotValidateTimeTrustManagers(TrustManager[] trustManagerArr) {
        if (trustManagerArr == null) {
            return null;
        }
        NotValidateTimeTrustManager[] notValidateTimeTrustManagerArr = new NotValidateTimeTrustManager[trustManagerArr.length];
        int i = 0;
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                notValidateTimeTrustManagerArr[i] = new NotValidateTimeTrustManager((X509TrustManager) trustManager);
                i++;
            }
        }
        return notValidateTimeTrustManagerArr;
    }

    public static SSLSocketFactory getSSLSocketFactory(boolean z, InputStream[] inputStreamArr, InputStream inputStream, String str) {
        TrustManager[] prepareTrustManager = prepareTrustManager(z, inputStreamArr);
        KeyManager[] prepareKeyManager = prepareKeyManager(inputStream, str);
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            if (prepareTrustManager == null || prepareTrustManager.length <= 0) {
                prepareTrustManager = new TrustManager[]{getUnSafeTrustManager()};
            }
            sSLContext.init(prepareKeyManager, prepareTrustManager, new SecureRandom());
            return getTls12SocketFactory(sSLContext.getSocketFactory());
        } catch (KeyManagementException | NoSuchAlgorithmException e2) {
            Log.e(TAG, Log.getStackTraceString(e2));
            throw new AssertionError(e2);
        }
    }

    public static Tls12SocketFactory getTls12SocketFactory(SSLSocketFactory sSLSocketFactory) {
        if (sSLSocketFactory == null) {
            return null;
        }
        return new Tls12SocketFactory(sSLSocketFactory);
    }

    public static UnSafeHostnameVerifier getUnSafeHostnameVerifier() {
        return new UnSafeHostnameVerifier();
    }

    public static UnSafeTrustManager getUnSafeTrustManager() {
        return new UnSafeTrustManager();
    }

    public static boolean isIpAddress(String str) {
        Pattern pattern = sIpv4Pattern;
        if (pattern != null && pattern.matcher(str).matches()) {
            return true;
        }
        Pattern pattern2 = sIpv6Pattern;
        return pattern2 != null && pattern2.matcher(str).matches();
    }

    private static KeyManager[] prepareKeyManager(InputStream inputStream, String str) {
        if (inputStream == null || str == null) {
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("BKS");
            keyStore.load(inputStream, str.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, str.toCharArray());
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e2) {
            Log.e(TAG, Log.getStackTraceString(e2));
            return null;
        }
    }

    private static TrustManager[] prepareTrustManager(boolean z, InputStream... inputStreamArr) {
        if (inputStreamArr == null || inputStreamArr.length <= 0) {
            return null;
        }
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance(CrashConstants.DEFAULT_CERTIFICATE_TYPE);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load((KeyStore.LoadStoreParameter) null);
            int length = inputStreamArr.length;
            int i = 0;
            int i2 = 0;
            while (i < length) {
                InputStream inputStream = inputStreamArr[i];
                keyStore.setCertificateEntry(Integer.toString(i2), certificateFactory.generateCertificate(inputStream));
                closeSilently(inputStream);
                i++;
                i2++;
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (z) {
                trustManagers = getNotValidateTimeTrustManagers(trustManagers);
            }
            return trustManagers;
        } catch (Exception e2) {
            Log.e(TAG, Log.getStackTraceString(e2));
            return null;
        }
    }

    public static void setSingleConnectionConfig(boolean z) {
        sEnableSingleConnectionConfig = z;
    }
}
