package com.dependentgroup.fetion.zixing.activity;

import android.content.Context;
import android.os.Handler;
import android.os.Looper;
import android.util.Base64;
import android.webkit.SslErrorHandler;
import biweekly.parameter.ICalParameters;
import com.cmcc.cmrcs.android.ui.utils.KeystoreConst;
import com.olivephone.sdk.view.poi.ss.formula.ptg.RefErrorPtg;
import com.rcsbusiness.common.utils.LogF;
import com.xiaomi.mipush.sdk.Constants;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.Principal;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import okhttp3.Call;
import okhttp3.Callback;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

/* loaded from: classes4.dex */
public class SslCerHandler {
    private static final String TAG = "SslCerHandler";
    private boolean mCanceled;
    private Context mContext;
    private Handler mUiHandler = new Handler(Looper.getMainLooper());

    /* loaded from: classes4.dex */
    public interface OnSslVerifyCallback {
        void onSslVerifyFailed();

        void onSslVerifySuccess();
    }

    /* loaded from: classes4.dex */
    public static class SslErrorHandlerAdapter {
        private SslErrorHandler mSslErrorHandler;

        public SslErrorHandlerAdapter(SslErrorHandler sslErrorHandler) {
            this.mSslErrorHandler = sslErrorHandler;
        }

        public void cancel() {
            if (this.mSslErrorHandler != null) {
                this.mSslErrorHandler.cancel();
            }
        }

        public void proceed() {
            if (this.mSslErrorHandler != null) {
                this.mSslErrorHandler.proceed();
            }
        }
    }

    /* loaded from: classes4.dex */
    class x500p implements Principal {
        private ByteArrayInputStream bis;
        final byte[][] OIDs = {new byte[]{85, 4, 6}, new byte[]{85, 4, 8}, new byte[]{85, 4, 7}, new byte[]{85, 4, 10}, new byte[]{85, 4, 11}, new byte[]{85, 4, 3}, new byte[]{RefErrorPtg.sid, -122, 72, -122, -9, 13, 1, 9, 1}};
        final String[] DNstr = {"C", "ST", "L", "O", "OU", ICalParameters.CN, "E"};

        public x500p(X500Principal x500Principal) {
            this.bis = null;
            if (x500Principal == null) {
                return;
            }
            this.bis = new ByteArrayInputStream(x500Principal.getEncoded());
        }

        private int preLen(int i) {
            if (i != -1 && this.bis.read() != i) {
                return 0;
            }
            int read = this.bis.read();
            if (read < 128) {
                return read;
            }
            if (read == 129) {
                return this.bis.read();
            }
            if (read != 130) {
                return 0;
            }
            return this.bis.read() + (this.bis.read() << 8);
        }

        @Override // java.security.Principal
        public String getName() {
            int preLen;
            int length;
            if (this.bis == null) {
                return null;
            }
            byte[] bArr = new byte[9];
            StringBuilder sb = null;
            if (preLen(48) == this.bis.available()) {
                sb = new StringBuilder();
                while (preLen(49) != 0 && preLen(48) != 0 && (preLen = preLen(6)) != 0) {
                    if (preLen <= 9) {
                        this.bis.read(bArr, 0, preLen);
                        length = this.DNstr.length - 1;
                        while (length > -1) {
                            int length2 = this.OIDs[length].length - 1;
                            while (length2 > -1 && bArr[length2] == this.OIDs[length][length2]) {
                                length2--;
                            }
                            if (length2 < 0) {
                                break;
                            }
                            length--;
                        }
                    } else {
                        length = -1;
                        this.bis.skip(preLen);
                    }
                    int read = this.bis.read();
                    int preLen2 = preLen(-1);
                    if (length > -1) {
                        byte[] bArr2 = new byte[preLen2];
                        try {
                            this.bis.read(bArr2);
                            if (sb.length() > 0) {
                                sb.append(',');
                            }
                            sb.append(this.DNstr[length]).append('=').append(new String(bArr2, read == 30 ? "UTF-16BE" : "UTF-8"));
                        } catch (IOException e) {
                        }
                    } else {
                        this.bis.skip(preLen2);
                    }
                }
            }
            try {
                this.bis.close();
            } catch (IOException e2) {
            }
            if (sb == null || sb.length() == 0) {
                return null;
            }
            return sb.toString();
        }
    }

    public SslCerHandler(Context context) {
        this.mContext = context.getApplicationContext();
    }

    private OkHttpClient.Builder setCertificates(OkHttpClient.Builder builder, InputStream... inputStreamArr) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
            keyStore.load(null);
            int length = inputStreamArr.length;
            int i = 0;
            int i2 = 0;
            while (i < length) {
                InputStream inputStream = inputStreamArr[i];
                int i3 = i2 + 1;
                keyStore.setCertificateEntry(Integer.toString(i2), certificateFactory.generateCertificate(inputStream));
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                    }
                }
                i++;
                i2 = i3;
            }
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            sSLContext.init(null, trustManagers, new SecureRandom());
            builder.sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagers[0]);
        } catch (Exception e2) {
            LogF.e(TAG, e2.getMessage());
        }
        builder.hostnameVerifier(new HostnameVerifier() { // from class: com.dependentgroup.fetion.zixing.activity.SslCerHandler.3
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                String peerHost = sSLSession.getPeerHost();
                try {
                    for (X509Certificate x509Certificate : (X509Certificate[]) sSLSession.getPeerCertificates()) {
                        String[] split = new x500p(x509Certificate.getSubjectX500Principal()).getName().split(Constants.ACCEPT_TIME_SEPARATOR_SP);
                        LogF.d(SslCerHandler.TAG, "verify: hostname=" + str);
                        LogF.d(SslCerHandler.TAG, "verify: peerHost=" + peerHost);
                        for (String str2 : split) {
                            LogF.d(SslCerHandler.TAG, "verify: s=" + str2);
                            if (str2.startsWith(ICalParameters.CN) && str2.contains(str) && str2.contains(peerHost)) {
                                return true;
                            }
                        }
                    }
                } catch (SSLPeerUnverifiedException e3) {
                    LogF.e(SslCerHandler.TAG, e3.getMessage());
                }
                return false;
            }
        });
        return builder;
    }

    public void cancel() {
        this.mCanceled = true;
    }

    public void onHandle(SslErrorHandlerAdapter sslErrorHandlerAdapter, String str) {
        onHandle(sslErrorHandlerAdapter, str, null);
    }

    public void onHandle(final SslErrorHandlerAdapter sslErrorHandlerAdapter, String str, final OnSslVerifyCallback onSslVerifyCallback) {
        try {
            setCertificates(new OkHttpClient.Builder(), new ByteArrayInputStream(KeystoreConst.Root_CA.getBytes()), new ByteArrayInputStream(Base64.decode(KeystoreConst.Root_CA_2048.getBytes(), 0)), new ByteArrayInputStream(KeystoreConst.Server_CA.getBytes()), new ByteArrayInputStream(Base64.decode(KeystoreConst.Server_CA_2048.getBytes(), 0))).build().newCall(new Request.Builder().url(str).build()).enqueue(new Callback() { // from class: com.dependentgroup.fetion.zixing.activity.SslCerHandler.1
                @Override // okhttp3.Callback
                public void onFailure(Call call, IOException iOException) {
                    LogF.e(SslCerHandler.TAG, "testCer: 证书校验出错", iOException);
                    sslErrorHandlerAdapter.proceed();
                    SslCerHandler.this.mUiHandler.post(new Runnable() { // from class: com.dependentgroup.fetion.zixing.activity.SslCerHandler.1.1
                        @Override // java.lang.Runnable
                        public void run() {
                            if (SslCerHandler.this.mCanceled || onSslVerifyCallback == null) {
                                return;
                            }
                            onSslVerifyCallback.onSslVerifyFailed();
                        }
                    });
                }

                @Override // okhttp3.Callback
                public void onResponse(Call call, Response response) throws IOException {
                    LogF.d(SslCerHandler.TAG, "testCer: 证书校验通过");
                    sslErrorHandlerAdapter.proceed();
                    SslCerHandler.this.mUiHandler.post(new Runnable() { // from class: com.dependentgroup.fetion.zixing.activity.SslCerHandler.1.2
                        @Override // java.lang.Runnable
                        public void run() {
                            if (SslCerHandler.this.mCanceled || onSslVerifyCallback == null) {
                                return;
                            }
                            onSslVerifyCallback.onSslVerifySuccess();
                        }
                    });
                }
            });
        } catch (Exception e) {
            LogF.e(TAG, "testCer: 读取证书出错", e);
            sslErrorHandlerAdapter.proceed();
            this.mUiHandler.post(new Runnable() { // from class: com.dependentgroup.fetion.zixing.activity.SslCerHandler.2
                @Override // java.lang.Runnable
                public void run() {
                    if (SslCerHandler.this.mCanceled || onSslVerifyCallback == null) {
                        return;
                    }
                    onSslVerifyCallback.onSslVerifyFailed();
                }
            });
        }
    }
}
