package cafebabe;

import android.content.Context;
import android.net.http.SslError;
import android.webkit.SslErrorHandler;
import com.huawei.smarthome.common.lib.constants.IotHostManager;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import okhttp3.OkHttpClient;

/* compiled from: CertificateUtil.java */
/* loaded from: classes21.dex */
public class l41 {

    /* renamed from: a, reason: collision with root package name */
    public static final String f6413a = "l41";
    public static final X509TrustManager c;
    public static final HostnameVerifier e;
    public static OkHttpClient.Builder g;
    public static final Object b = new Object();
    public static final SSLSocketFactory d = g();
    public static volatile X509TrustManager f = null;

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes21.dex */
    public class a implements r2c {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ SslErrorHandler f6414a;
        public final /* synthetic */ o41 b;

        public a(SslErrorHandler sslErrorHandler, o41 o41Var) {
            this.f6414a = sslErrorHandler;
            this.b = o41Var;
        }

        @Override // cafebabe.r2c
        public void a(Context context, String str) {
            ze6.j(true, l41.f6413a, "verify failed add callback");
            this.f6414a.cancel();
            this.b.onVerifyFailed();
        }

        @Override // cafebabe.r2c
        public void b(Context context, String str) {
            String unused = l41.f6413a;
            l41.d(this.f6414a);
        }
    }

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes21.dex */
    public static class b implements HostnameVerifier {
        public b() {
        }

        public /* synthetic */ b(a aVar) {
            this();
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            if (IotHostManager.getInstance().isCommercialCloud()) {
                ze6.t(true, l41.f6413a, "commercial version, trust all host name forbidden");
                return false;
            }
            String unused = l41.f6413a;
            return true;
        }
    }

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes21.dex */
    public static class c implements X509TrustManager {
        public c() {
        }

        public /* synthetic */ c(a aVar) {
            this();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (IotHostManager.getInstance().isCommercialCloud()) {
                ze6.j(true, l41.f6413a, "commercial version, trust all server forbidden");
                throw new CertificateException("CertificateUtil checkServerTrusted error");
            }
            String unused = l41.f6413a;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static {
        a aVar = null;
        c = new c(aVar);
        e = new b(aVar);
        f();
    }

    public static String c(X509Certificate x509Certificate) {
        wn8 wn8Var;
        if (x509Certificate == null) {
            return "";
        }
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        wn8[] h = new t6c(issuerX500Principal != null ? issuerX500Principal.getName() : "").h(l90.g);
        k50 k50Var = null;
        if (h != null && h.length > 0 && (wn8Var = h[0]) != null) {
            k50Var = wn8Var.getFirst();
        }
        return (k50Var == null || k50Var.getValue() == null) ? "" : hk5.q(k50Var.getValue());
    }

    public static void d(SslErrorHandler sslErrorHandler) {
        if (sslErrorHandler != null) {
            ze6.m(true, f6413a, "handler.proceed()");
            sslErrorHandler.proceed();
        }
    }

    public static X509TrustManager e() {
        try {
            return o0a.a(ik0.getAppContext());
        } catch (IOException unused) {
            ze6.j(true, f6413a, "init aegisTrustManager IO exception");
            return null;
        } catch (KeyStoreException unused2) {
            ze6.j(true, f6413a, "key store fail");
            return null;
        } catch (NoSuchAlgorithmException unused3) {
            ze6.j(true, f6413a, "no such algorithm");
            return null;
        } catch (CertificateException unused4) {
            ze6.j(true, f6413a, "certificate init fail");
            return null;
        }
    }

    public static void f() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        g = builder;
        builder.dispatcher(rp7.a("CertificateUtil OkHttp Dispatcher"));
        g.sslSocketFactory(getSslSocketFactory(), getX509TrustManager());
        g.hostnameVerifier(getHostnameVerifier());
    }

    /* JADX WARN: Removed duplicated region for block: B:11:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0025  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static javax.net.ssl.SSLSocketFactory g() {
        /*
            r0 = 0
            r1 = 1
            r2 = 0
            java.lang.String r3 = "TLSv1.2"
            javax.net.ssl.SSLContext r3 = javax.net.ssl.SSLContext.getInstance(r3)     // Catch: java.lang.Throwable -> L17
            javax.net.ssl.TrustManager[] r4 = new javax.net.ssl.TrustManager[r1]     // Catch: java.lang.Throwable -> L18
            javax.net.ssl.X509TrustManager r5 = cafebabe.l41.c     // Catch: java.lang.Throwable -> L18
            r4[r0] = r5     // Catch: java.lang.Throwable -> L18
            java.security.SecureRandom r5 = cafebabe.j0a.getSecureRandom()     // Catch: java.lang.Throwable -> L18
            r3.init(r2, r4, r5)     // Catch: java.lang.Throwable -> L18
            goto L23
        L17:
            r3 = r2
        L18:
            java.lang.String r4 = cafebabe.l41.f6413a
            java.lang.Object[] r5 = new java.lang.Object[r1]
            java.lang.String r6 = "sslContext init error"
            r5[r0] = r6
            cafebabe.ze6.j(r1, r4, r5)
        L23:
            if (r3 == 0) goto L29
            javax.net.ssl.SSLSocketFactory r2 = r3.getSocketFactory()
        L29:
            return r2
        */
        throw new UnsupportedOperationException("Method not decompiled: cafebabe.l41.g():javax.net.ssl.SSLSocketFactory");
    }

    public static HostnameVerifier getHostnameVerifier() {
        return h() ? e : k0a.STRICT_HOSTNAME_VERIFIER;
    }

    public static SSLSocketFactory getSslSocketFactory() {
        if (h()) {
            return d;
        }
        try {
            return k0a.getInstance(ik0.getAppContext());
        } catch (IOException unused) {
            ze6.j(true, f6413a, "get sslSocket factory io fail");
            return null;
        } catch (IllegalAccessException unused2) {
            ze6.j(true, f6413a, "illegal access exception");
            return null;
        } catch (KeyManagementException unused3) {
            ze6.j(true, f6413a, "key management exception");
            return null;
        } catch (KeyStoreException unused4) {
            ze6.j(true, f6413a, "key store fail");
            return null;
        } catch (NoSuchAlgorithmException unused5) {
            ze6.j(true, f6413a, "no such algorithm");
            return null;
        } catch (CertificateException unused6) {
            ze6.j(true, f6413a, "get certificate fail");
            return null;
        }
    }

    public static HostnameVerifier getTrustAllHostnameVerifier() {
        return e;
    }

    public static SSLSocketFactory getTrustAllSslSocketFactory() {
        return d;
    }

    public static X509TrustManager getX509TrustAllManager() {
        return c;
    }

    public static X509TrustManager getX509TrustManager() {
        if (h()) {
            return c;
        }
        if (f != null) {
            return f;
        }
        synchronized (b) {
            if (f == null) {
                f = e();
            }
        }
        return f;
    }

    public static boolean h() {
        return (IotHostManager.getInstance().isCommercialCloud() || IotHostManager.getInstance().getHostIndex() == 3) ? false : true;
    }

    public static void i(SslErrorHandler sslErrorHandler, SslError sslError, Context context) {
        String str = f6413a;
        ze6.m(true, str, "verifyWebViewCertificate start");
        if (sslErrorHandler == null || sslError == null || context == null) {
            ze6.t(true, str, "parameters contain null");
        } else if (!h()) {
            q2c.a(sslErrorHandler, sslError, context);
        } else {
            ze6.m(true, str, "isTrustAllCloud()");
            d(sslErrorHandler);
        }
    }

    public static void j(SslErrorHandler sslErrorHandler, SslError sslError, Context context, o41 o41Var) {
        if (o41Var == null) {
            ze6.t(true, f6413a, "callback is null");
            return;
        }
        if (sslErrorHandler == null || sslError == null || context == null) {
            ze6.t(true, f6413a, "parameters contain null");
            o41Var.onVerifyFailed();
        } else if (!h()) {
            q2c.b(sslErrorHandler, sslError, null, context, new a(sslErrorHandler, o41Var));
        } else {
            ze6.m(true, f6413a, "cloud is trust AllCloud");
            d(sslErrorHandler);
        }
    }
}
