package com.yelong.retrofit;

import android.content.Context;
import android.os.Build;
import com.google.android.exoplayer2.source.rtsp.SessionDescription;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.Proxy;
import java.net.ProxySelector;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.URI;
import java.net.UnknownHostException;
import java.security.InvalidKeyException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;
import okhttp3.internal.tls.OkHostnameVerifier;

/* loaded from: classes3.dex */
public final class SSLFactory {

    /* loaded from: classes3.dex */
    private static final class TLSSocketFactoryWrapper extends SSLSocketFactory {
        private final SSLSocketFactory delegate;
        private final SSLParameters parameters;

        private TLSSocketFactoryWrapper(SSLSocketFactory sSLSocketFactory, SSLParameters sSLParameters) {
            this.delegate = sSLSocketFactory;
            this.parameters = sSLParameters;
        }

        private Socket enableTLSOnSocket(Socket socket) {
            if (socket instanceof SSLSocket) {
                SSLSocket sSLSocket = (SSLSocket) socket;
                SSLParameters sSLParameters = this.parameters;
                String[] protocols = sSLParameters == null ? null : sSLParameters.getProtocols();
                if (protocols != null) {
                    sSLSocket.setEnabledProtocols(protocols);
                }
                SSLParameters sSLParameters2 = this.parameters;
                String[] cipherSuites = sSLParameters2 != null ? sSLParameters2.getCipherSuites() : null;
                if (Build.VERSION.SDK_INT < 21 && cipherSuites != null) {
                    sSLSocket.setEnabledCipherSuites(cipherSuites);
                }
            }
            return socket;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static SSLSocketFactory wrap(SSLSocketFactory sSLSocketFactory, SSLParameters sSLParameters) {
            int i2 = Build.VERSION.SDK_INT;
            return (i2 < 16 || i2 >= 20) ? sSLSocketFactory : new TLSSocketFactoryWrapper(sSLSocketFactory, sSLParameters);
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket() throws IOException {
            return enableTLSOnSocket(this.delegate.createSocket());
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i2) throws IOException, UnknownHostException {
            return enableTLSOnSocket(this.delegate.createSocket(str, i2));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i2, InetAddress inetAddress, int i3) throws IOException, UnknownHostException {
            return enableTLSOnSocket(this.delegate.createSocket(str, i2, inetAddress, i3));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i2) throws IOException {
            return enableTLSOnSocket(this.delegate.createSocket(inetAddress, i2));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i2, InetAddress inetAddress2, int i3) throws IOException {
            return enableTLSOnSocket(this.delegate.createSocket(inetAddress, i2, inetAddress2, i3));
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public Socket createSocket(Socket socket, String str, int i2, boolean z2) throws IOException {
            return enableTLSOnSocket(this.delegate.createSocket(socket, str, i2, z2));
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getDefaultCipherSuites() {
            return this.delegate.getDefaultCipherSuites();
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getSupportedCipherSuites() {
            return this.delegate.getSupportedCipherSuites();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class TrustManagerWrapper implements X509TrustManager {
        private final X509TrustManager delegate;
        private final PublicKey publicKey;

        TrustManagerWrapper(X509TrustManager x509TrustManager, PublicKey publicKey) {
            this.delegate = x509TrustManager;
            this.publicKey = publicKey;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                PublicKey publicKey = this.publicKey;
                if (publicKey != null) {
                    try {
                        x509Certificate.verify(publicKey);
                    } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException e2) {
                        e2.printStackTrace();
                    }
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            X509TrustManager x509TrustManager = this.delegate;
            return x509TrustManager != null ? x509TrustManager.getAcceptedIssuers() : new X509Certificate[0];
        }
    }

    private static KeyStore cert2KeyStore(CertificateFactory certificateFactory, List<InputStream> list) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        int size = list.size();
        for (int i2 = 0; i2 < size; i2++) {
            InputStream inputStream = list.get(i2);
            keyStore.setCertificateEntry(Integer.toString(i2), certificateFactory.generateCertificate(inputStream));
            if (inputStream != null) {
                inputStream.close();
            }
        }
        return keyStore;
    }

    private static X509TrustManager getTrustManger(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException, IllegalStateException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
            return new TrustManagerWrapper((X509TrustManager) trustManagers[0], keyStore.getCertificate(SessionDescription.SUPPORTED_SDP_VERSION).getPublicKey());
        }
        throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ boolean lambda$register$0(String str, SSLSession sSLSession) {
        return OkHostnameVerifier.INSTANCE.verify("api.jiankangzhushou.net", sSLSession);
    }

    private static List<InputStream> openCerts(Context context) throws IOException {
        String[] list = context.getAssets().list("certs");
        if (list == null || list.length <= 0) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(list.length);
        for (String str : list) {
            arrayList.add(context.getAssets().open("certs/" + str));
        }
        return arrayList;
    }

    public static void register(Context context, OkHttpClient.Builder builder) {
        try {
            X509TrustManager trustManger = getTrustManger(cert2KeyStore(CertificateFactory.getInstance("X.509"), openCerts(context)));
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{trustManger}, new SecureRandom());
            builder.sslSocketFactory(TLSSocketFactoryWrapper.wrap(sSLContext.getSocketFactory(), SSLParametersCompat.wrap(sSLContext.getSupportedSSLParameters())), trustManger);
            builder.hostnameVerifier(new HostnameVerifier() { // from class: com.yelong.retrofit.e
                @Override // javax.net.ssl.HostnameVerifier
                public final boolean verify(String str, SSLSession sSLSession) {
                    boolean lambda$register$0;
                    lambda$register$0 = SSLFactory.lambda$register$0(str, sSLSession);
                    return lambda$register$0;
                }
            });
            builder.proxy(Proxy.NO_PROXY);
            builder.proxySelector(new ProxySelector() { // from class: com.yelong.retrofit.SSLFactory.1
                @Override // java.net.ProxySelector
                public void connectFailed(URI uri, SocketAddress socketAddress, IOException iOException) {
                }

                @Override // java.net.ProxySelector
                public List<Proxy> select(URI uri) {
                    return Collections.singletonList(Proxy.NO_PROXY);
                }
            });
        } catch (IOException e2) {
            e2.printStackTrace();
        } catch (KeyManagementException e3) {
            e3.printStackTrace();
        } catch (KeyStoreException e4) {
            e4.printStackTrace();
        } catch (NoSuchAlgorithmException e5) {
            e5.printStackTrace();
        } catch (CertificateException e6) {
            e6.printStackTrace();
        }
    }
}
