package com.cmcc.cmrcs.android.ui.utils;

import android.content.Context;
import android.text.TextUtils;
import android.util.Log;
import com.chinamobile.app.utils.CommonUtils;
import com.cmcc.cmrcs.android.ui.MyApplication;
import com.rcsbusiness.common.utils.LogF;
import com.rcsbusiness.common.utils.SystemUtil;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Response;

/* loaded from: classes2.dex */
public class SSLOkHttpClientUtils {
    private static final long DEFAULT_MILLISECONDS = 10000;
    public static final String KEY_PWD = "AxPmh2ZWmFAXsz5YiNz5MubVAjDaNj";
    private static final String KEY_STORE_TYPE_P12 = "PKCS12";
    private static OkHttpClient MessageClient = null;
    private static final String TAG = "SSLOkHttpClientUtils";
    private static OkHttpClient defaultTrustClient;
    private static OkHttpClient loginClient;
    public static String UA = "HFX/" + CommonUtils.getVersionName(MyApplication.getAppContext()) + "(Android;Android" + SystemUtil.getSystemVersion() + ";" + SystemUtil.getDeviceBrand() + " " + SystemUtil.getSystemModel() + ")";
    private static Interceptor interceptor = new Interceptor() { // from class: com.cmcc.cmrcs.android.ui.utils.SSLOkHttpClientUtils.1
        @Override // okhttp3.Interceptor
        public Response intercept(Interceptor.Chain chain) throws IOException {
            return chain.proceed(chain.request().newBuilder().addHeader("User-Agent", SSLOkHttpClientUtils.UA).build());
        }
    };
    public static X509TrustManager UnSafeTrustManager = new X509TrustManager() { // from class: com.cmcc.cmrcs.android.ui.utils.SSLOkHttpClientUtils.3
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    };

    /* loaded from: classes2.dex */
    private static class SSLClientParams {
        public X509Certificate[] certificatesChain;
        public PrivateKey clientCertPrivateKey;
        public OkHttpClient okHttpClient;
        public SSLSocketFactory sSLSocketFactory;
        public X509TrustManager trustManager;

        private SSLClientParams() {
        }
    }

    private static X509TrustManager chooseTrustManager(TrustManager[] trustManagerArr) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    private static OkHttpClient createNewSSLClient(Context context) {
        OkHttpClient okHttpClient = null;
        try {
            InputStream open = context.getAssets().open("loginClient.cer");
            InputStream open2 = context.getAssets().open("loginClient.p12");
            TrustManager[] prepareTrustManager = prepareTrustManager(open, null, null);
            X509TrustManager chooseTrustManager = prepareTrustManager != null ? chooseTrustManager(prepareTrustManager) : UnSafeTrustManager;
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE_P12);
            keyStore.load(open2, KEY_PWD.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, KEY_PWD.toCharArray());
            sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{chooseTrustManager}, new SecureRandom());
            okHttpClient = new OkHttpClient().newBuilder().addInterceptor(interceptor).sslSocketFactory(sSLContext.getSocketFactory(), chooseTrustManager).followRedirects(false).followSslRedirects(false).hostnameVerifier(new HostnameVerifier() { // from class: com.cmcc.cmrcs.android.ui.utils.SSLOkHttpClientUtils.4
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    Log.d(SSLOkHttpClientUtils.TAG, "verify: " + str);
                    return true;
                }
            }).build();
            return okHttpClient;
        } catch (Exception e) {
            LogF.i(TAG, "create new client exception");
            return okHttpClient;
        }
    }

    private static SSLSocketFactory createSSLSocketFactory() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{UnSafeTrustManager}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            return null;
        }
    }

    private static OkHttpClient createTrustClient() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.addInterceptor(interceptor).sslSocketFactory(createSSLSocketFactory(), UnSafeTrustManager).hostnameVerifier(new HostnameVerifier() { // from class: com.cmcc.cmrcs.android.ui.utils.SSLOkHttpClientUtils.2
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        }).readTimeout(10000L, TimeUnit.MILLISECONDS).writeTimeout(10000L, TimeUnit.MILLISECONDS).connectTimeout(10000L, TimeUnit.MILLISECONDS);
        return builder.build();
    }

    public static OkHttpClient getClientForUrl(String str) {
        String str2;
        if (TextUtils.isEmpty(str)) {
            return getTrustClient();
        }
        try {
            str2 = new URL(str).getHost();
        } catch (Exception e) {
            str2 = str;
        }
        return str2.contains("andfx.cn") ? getLoginSSLClient(MyApplication.getAppContext()) : getTrustClient();
    }

    public static OkHttpClient getClientForUrl(String str, boolean z) {
        String str2;
        if (TextUtils.isEmpty(str)) {
            return getTrustClient(z);
        }
        try {
            str2 = new URL(str).getHost();
        } catch (Exception e) {
            str2 = str;
        }
        return str2.contains("andfx.cn") ? getMessageSSLClient(MyApplication.getAppContext(), z) : getTrustClient(z);
    }

    private static synchronized OkHttpClient getLoginSSLClient(Context context) {
        OkHttpClient okHttpClient;
        synchronized (SSLOkHttpClientUtils.class) {
            try {
                if (loginClient == null) {
                    loginClient = createNewSSLClient(context);
                }
                okHttpClient = loginClient;
            } catch (Exception e) {
                e.printStackTrace();
                Log.d(TAG, "exception222:" + e.toString());
                okHttpClient = null;
            }
        }
        return okHttpClient;
    }

    private static synchronized OkHttpClient getMessageSSLClient(Context context, boolean z) {
        OkHttpClient okHttpClient;
        synchronized (SSLOkHttpClientUtils.class) {
            if (MessageClient == null || z) {
                MessageClient = createNewSSLClient(context);
            }
            okHttpClient = MessageClient;
        }
        return okHttpClient;
    }

    private static OkHttpClient getTrustClient() {
        if (defaultTrustClient == null) {
            defaultTrustClient = createTrustClient();
        }
        return defaultTrustClient;
    }

    private static OkHttpClient getTrustClient(boolean z) {
        return z ? createTrustClient() : getTrustClient();
    }

    private static KeyManager[] prepareKeyManager(InputStream inputStream, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE_P12);
            keyStore.load(inputStream, str.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, str.toCharArray());
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static TrustManager[] prepareTrustManager(InputStream... inputStreamArr) {
        int i;
        TrustManager[] trustManagerArr = null;
        int i2 = 0;
        if (inputStreamArr != null && inputStreamArr.length > 0) {
            try {
                try {
                    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(null);
                    int length = inputStreamArr.length;
                    int i3 = 0;
                    int i4 = 0;
                    while (i3 < length) {
                        InputStream inputStream = inputStreamArr[i3];
                        if (inputStream == null) {
                            i = i4;
                        } else {
                            i = i4 + 1;
                            keyStore.setCertificateEntry(Integer.toString(i4), certificateFactory.generateCertificate(inputStream));
                        }
                        i3++;
                        i4 = i;
                    }
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    trustManagerArr = trustManagerFactory.getTrustManagers();
                    int length2 = inputStreamArr.length;
                    while (i2 < length2) {
                        InputStream inputStream2 = inputStreamArr[i2];
                        if (inputStream2 != null) {
                            try {
                                inputStream2.close();
                            } catch (IOException e) {
                                e.printStackTrace();
                            }
                        }
                        i2++;
                    }
                } catch (Exception e2) {
                    e2.printStackTrace();
                    int length3 = inputStreamArr.length;
                    while (i2 < length3) {
                        InputStream inputStream3 = inputStreamArr[i2];
                        if (inputStream3 != null) {
                            try {
                                inputStream3.close();
                            } catch (IOException e3) {
                                e3.printStackTrace();
                            }
                        }
                        i2++;
                    }
                }
            } catch (Throwable th) {
                int length4 = inputStreamArr.length;
                while (i2 < length4) {
                    InputStream inputStream4 = inputStreamArr[i2];
                    if (inputStream4 != null) {
                        try {
                            inputStream4.close();
                        } catch (IOException e4) {
                            e4.printStackTrace();
                        }
                    }
                    i2++;
                }
                throw th;
            }
        }
        return trustManagerArr;
    }

    private static void setClientCertificates(SSLClientParams sSLClientParams, InputStream inputStream, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE_P12);
            keyStore.load(inputStream, str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                sSLClientParams.clientCertPrivateKey = (PrivateKey) keyStore.getKey(nextElement, str.toCharArray());
                if (sSLClientParams.clientCertPrivateKey != null) {
                    Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                    sSLClientParams.certificatesChain = new X509Certificate[certificateChain.length];
                    for (int i = 0; i < sSLClientParams.certificatesChain.length; i++) {
                        sSLClientParams.certificatesChain[i] = (X509Certificate) certificateChain[i];
                    }
                }
            }
        } catch (Exception e) {
            LogF.e(TAG, "setClientCertificates fail " + e.getMessage());
            e.printStackTrace();
        }
    }
}
