package cafebabe;

import android.text.TextUtils;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.eclipse.californium.elements.util.SslContextUtil;

/* compiled from: LogSslSocketFactory.java */
/* loaded from: classes3.dex */
public class dg6 extends SSLSocketFactory {
    public static final String c = dg6.class.getSimpleName();
    public static final String[] d = {SslContextUtil.DEFAULT_SSL_PROTOCOL};

    /* renamed from: a, reason: collision with root package name */
    public ArrayList<X509TrustManager> f2754a = new ArrayList<>(10);
    public SSLContext b;

    /* compiled from: LogSslSocketFactory.java */
    /* loaded from: classes3.dex */
    public class a implements X509TrustManager {
        public a() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            dg6.this.e(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* compiled from: LogSslSocketFactory.java */
    /* loaded from: classes3.dex */
    public class b implements HandshakeCompletedListener {
        public b() {
        }

        @Override // javax.net.ssl.HandshakeCompletedListener
        public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
            if (handshakeCompletedEvent == null) {
                ze6.m(true, dg6.c, "handshakeCompleted:HandshakeCompletedEvent is null");
            } else {
                ze6.m(true, dg6.c, "handshakeCompleted:the exchanged cipher suite isSecure = ", Boolean.valueOf(yi1.g(handshakeCompletedEvent.getCipherSuite())));
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r9v11 */
    /* JADX WARN: Type inference failed for: r9v12 */
    /* JADX WARN: Type inference failed for: r9v25 */
    /* JADX WARN: Type inference failed for: r9v26 */
    /* JADX WARN: Type inference failed for: r9v27 */
    /* JADX WARN: Type inference failed for: r9v28 */
    /* JADX WARN: Type inference failed for: r9v29 */
    /* JADX WARN: Type inference failed for: r9v3 */
    /* JADX WARN: Type inference failed for: r9v30 */
    /* JADX WARN: Type inference failed for: r9v31 */
    /* JADX WARN: Type inference failed for: r9v32 */
    /* JADX WARN: Type inference failed for: r9v33 */
    /* JADX WARN: Type inference failed for: r9v34 */
    /* JADX WARN: Type inference failed for: r9v35 */
    /* JADX WARN: Type inference failed for: r9v36 */
    /* JADX WARN: Type inference failed for: r9v37 */
    /* JADX WARN: Type inference failed for: r9v38 */
    /* JADX WARN: Type inference failed for: r9v39 */
    /* JADX WARN: Type inference failed for: r9v4 */
    /* JADX WARN: Type inference failed for: r9v5, types: [java.io.InputStream] */
    public dg6(KeyStore keyStore, String str, String str2) throws NoSuchAlgorithmException, KeyManagementException {
        InputStream open;
        this.b = SSLContext.getInstance(SslContextUtil.DEFAULT_SSL_PROTOCOL);
        if (TextUtils.equals(SslContextUtil.DEFAULT_SSL_PROTOCOL, str2)) {
            this.b = SSLContext.getInstance(SslContextUtil.DEFAULT_SSL_PROTOCOL);
        }
        if (keyStore == null || TextUtils.isEmpty(str)) {
            return;
        }
        ?? r9 = 0;
        InputStream inputStream = null;
        InputStream inputStream2 = null;
        InputStream inputStream3 = null;
        InputStream inputStream4 = null;
        try {
            try {
                open = ik0.getAppContext().getResources().getAssets().open(str);
            } catch (Throwable th) {
                th = th;
            }
        } catch (IOException unused) {
        } catch (KeyStoreException unused2) {
        } catch (NoSuchAlgorithmException unused3) {
        } catch (CertificateException unused4) {
        }
        try {
            String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
            if (TextUtils.equals(keyStore.getType(), "bks")) {
                open.reset();
                keyStore.load(open, "".toCharArray());
                defaultAlgorithm = "X509";
            } else {
                Certificate generateCertificate = CertificateFactory.getInstance(com.huawei.hms.feature.dynamic.f.e.b).generateCertificate(open);
                keyStore.load(null, "".toCharArray());
                keyStore.setCertificateEntry("trust", generateCertificate);
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
            trustManagerFactory.init(keyStore);
            d(trustManagerFactory);
            r9 = trustManagerFactory;
            if (open != null) {
                try {
                    open.close();
                    r9 = trustManagerFactory;
                } catch (IOException unused5) {
                    ze6.j(true, c, "cer input io close fail");
                    r9 = trustManagerFactory;
                }
            }
        } catch (IOException unused6) {
            inputStream = open;
            ze6.j(true, c, "reset or load or close io exception");
            r9 = inputStream;
            if (inputStream != null) {
                try {
                    inputStream.close();
                    r9 = inputStream;
                } catch (IOException unused7) {
                    ze6.j(true, c, "cer input io close fail");
                    r9 = inputStream;
                }
            }
            g();
        } catch (KeyStoreException unused8) {
            inputStream2 = open;
            ze6.j(true, c, "key store failed");
            r9 = inputStream2;
            if (inputStream2 != null) {
                try {
                    inputStream2.close();
                    r9 = inputStream2;
                } catch (IOException unused9) {
                    ze6.j(true, c, "cer input io close fail");
                    r9 = inputStream2;
                }
            }
            g();
        } catch (NoSuchAlgorithmException unused10) {
            inputStream3 = open;
            ze6.j(true, c, "no such algorithm ");
            r9 = inputStream3;
            if (inputStream3 != null) {
                try {
                    inputStream3.close();
                    r9 = inputStream3;
                } catch (IOException unused11) {
                    ze6.j(true, c, "cer input io close fail");
                    r9 = inputStream3;
                }
            }
            g();
        } catch (CertificateException unused12) {
            inputStream4 = open;
            ze6.j(true, c, "certificate operate failed");
            r9 = inputStream4;
            if (inputStream4 != null) {
                try {
                    inputStream4.close();
                    r9 = inputStream4;
                } catch (IOException unused13) {
                    ze6.j(true, c, "cer input io close fail");
                    r9 = inputStream4;
                }
            }
            g();
        } catch (Throwable th2) {
            th = th2;
            r9 = open;
            if (r9 != 0) {
                try {
                    r9.close();
                } catch (IOException unused14) {
                    ze6.j(true, c, "cer input io close fail");
                }
            }
            throw th;
        }
        g();
    }

    public void c(SSLSocket sSLSocket) {
        if (sSLSocket == null) {
            return;
        }
        sSLSocket.addHandshakeCompletedListener(new b());
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket() throws IOException {
        return f(this.b.getSocketFactory().createSocket());
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) throws IOException {
        return f(this.b.getSocketFactory().createSocket(str, i));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
        return f(this.b.getSocketFactory().createSocket(str, i, inetAddress, i2));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        return f(this.b.getSocketFactory().createSocket(inetAddress, i));
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        return f(this.b.getSocketFactory().createSocket(inetAddress, i, inetAddress2, i2));
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        return f(this.b.getSocketFactory().createSocket(socket, str, i, z));
    }

    public final void d(TrustManagerFactory trustManagerFactory) {
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers != null) {
            for (TrustManager trustManager : trustManagers) {
                if (trustManager instanceof X509TrustManager) {
                    this.f2754a.add((X509TrustManager) trustManager);
                }
            }
        }
        if (this.f2754a.isEmpty()) {
            ze6.m(true, c, "couldn't find a X509TrustManager!");
        }
    }

    public final void e(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        X509TrustManager x509TrustManager;
        if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
            ze6.t(true, c, "checkServerTrusted chain is empty");
            return;
        }
        try {
            if (this.f2754a.isEmpty() || (x509TrustManager = this.f2754a.get(0)) == null) {
                return;
            }
            x509TrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (IllegalArgumentException | CertificateException e) {
            String str2 = c;
            ze6.j(true, str2, "checkServerTrusted exception");
            if (!h(e) || !i(x509CertificateArr)) {
                throw new CertificateException("SSLSocket checkServerTrusted error");
            }
            ze6.t(true, str2, "checkServerTrusted need trust");
        }
    }

    public final Socket f(Socket socket) {
        if (!(socket instanceof SSLSocket)) {
            return socket;
        }
        SSLSocket sSLSocket = (SSLSocket) socket;
        zd9.setEnableSafeCipherSuites(sSLSocket);
        sSLSocket.setEnabledProtocols(d);
        c(sSLSocket);
        return sSLSocket;
    }

    public final void g() throws KeyManagementException {
        this.b.init(null, new X509TrustManager[]{new a()}, j0a.getSecureRandom());
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return new String[0];
    }

    public SSLContext getSslContext() {
        return this.b;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return new String[0];
    }

    public X509TrustManager getTrustManager() {
        if (this.f2754a.size() > 0) {
            return this.f2754a.get(0);
        }
        return null;
    }

    public final boolean h(Exception exc) {
        ze6.m(true, c, "check certificate");
        if (exc == null || exc.getCause() == null || exc.getCause().getMessage() == null) {
            return false;
        }
        return exc.getCause().getMessage().contains("Certificate expired");
    }

    public final boolean i(X509Certificate[] x509CertificateArr) {
        ze6.m(true, c, "check special certificate");
        return "root.home".equals(l41.c(x509CertificateArr[0]));
    }
}
