package app.common;

import android.util.Base64;
import app.domain.certpin.CertEntity;
import b.g.Y;
import bcsfqwue.or1y0r7j;
import e.e.b.j;
import e.i.d;
import e.i.r;
import e.i.v;
import e.o;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import net.sourceforge.pinyin4j.ChineseToPinyinResource;

/* loaded from: classes2.dex */
public final class MFSSLSocketClientNew {
    public static final MFSSLSocketClientNew INSTANCE = new MFSSLSocketClientNew();

    private MFSSLSocketClientNew() {
    }

    private final TrustManager[] getTrustManager(final CertEntity certEntity) {
        return new TrustManager[]{new X509TrustManager() { // from class: app.common.MFSSLSocketClientNew$getTrustManager$1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                j.b(x509CertificateArr, or1y0r7j.augLK1m9(1346));
                j.b(str, "authType");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                List<String> a2;
                boolean c2;
                String a3;
                List<String> a4;
                boolean c3;
                j.b(x509CertificateArr, "chain");
                j.b(str, "authType");
                if (x509CertificateArr.length == 0) {
                    throw new IllegalArgumentException("checkServerTrusted: X509Certificate is empty");
                }
                Object obj = null;
                int i2 = 2;
                if (CertEntity.this.isRoot() && x509CertificateArr.length < 3) {
                    for (X509Certificate x509Certificate : x509CertificateArr) {
                        x509Certificate.getPublicKey();
                        Principal issuerDN = x509Certificate.getIssuerDN();
                        j.a((Object) issuerDN, "x509Certificate.issuerDN");
                        String name = issuerDN.getName();
                        j.a((Object) name, "x509Certificate.issuerDN.name");
                        a4 = v.a((CharSequence) name, new String[]{ChineseToPinyinResource.Field.COMMA}, false, 0, 6, (Object) null);
                        for (String str2 : a4) {
                            c3 = r.c(str2, "CN=", false, 2, null);
                            if (c3) {
                                if (str2 == null) {
                                    throw new o("null cannot be cast to non-null type java.lang.String");
                                }
                                String substring = str2.substring(3);
                                j.a((Object) substring, "(this as java.lang.String).substring(startIndex)");
                                if (CertEntity.this.get(substring) != null) {
                                    return;
                                }
                            }
                        }
                    }
                    throw new CertificateException("CPE-?");
                }
                int length = x509CertificateArr.length;
                String str3 = "CPE-?";
                int i3 = 0;
                boolean z = false;
                while (i3 < length) {
                    X509Certificate x509Certificate2 = x509CertificateArr[i3];
                    PublicKey publicKey = x509Certificate2.getPublicKey();
                    Principal subjectDN = x509Certificate2.getSubjectDN();
                    j.a((Object) subjectDN, "x509Certificate.subjectDN");
                    String name2 = subjectDN.getName();
                    j.a((Object) name2, "x509Certificate.subjectDN.name");
                    a2 = v.a((CharSequence) name2, new String[]{ChineseToPinyinResource.Field.COMMA}, false, 0, 6, (Object) null);
                    for (String str4 : a2) {
                        c2 = r.c(str4, "CN=", false, i2, obj);
                        if (c2) {
                            if (str4 == null) {
                                throw new o("null cannot be cast to non-null type java.lang.String");
                            }
                            String substring2 = str4.substring(3);
                            j.a((Object) substring2, "(this as java.lang.String).substring(startIndex)");
                            CertEntity.CertData certData = CertEntity.this.get(substring2);
                            if (!CertEntity.this.isRoot()) {
                                if (certData == null) {
                                    throw new CertificateException(str3);
                                }
                                str3 = certData.getRefNum();
                                j.a((Object) publicKey, "publicKey");
                                z = certData.compare(publicKey);
                                if (!z) {
                                    throw new CertificateException(str3);
                                }
                            } else if (certData == null) {
                                j.a((Object) publicKey, "publicKey");
                                byte[] encode = Base64.encode(publicKey.getEncoded(), 0);
                                j.a((Object) encode, "Base64.encode(publicKey.encoded, 0)");
                                a3 = r.a(new String(encode, d.f11633a), "\n", "", false, 4, (Object) null);
                                Y.b(a3);
                            } else {
                                str3 = certData.getRefNum();
                                if (!z) {
                                    j.a((Object) publicKey, "publicKey");
                                    if (!certData.compare(publicKey)) {
                                        z = false;
                                    }
                                }
                                z = true;
                            }
                        }
                        obj = null;
                        i2 = 2;
                    }
                    i3++;
                    obj = null;
                    i2 = 2;
                }
                if (!z) {
                    throw new CertificateException(str3);
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }};
    }

    public final SSLSocketFactory getSSLSocketFactoryForCertConfig(CertEntity certEntity) {
        j.b(certEntity, or1y0r7j.augLK1m9(4647));
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, getTrustManager(certEntity), new SecureRandom());
            j.a((Object) sSLContext, "sslContext");
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            j.a((Object) socketFactory, "sslContext.socketFactory");
            return socketFactory;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }
}
