package com.pingan.aladdin.core.network.okhttp.https;

import android.text.TextUtils;
import com.bonree.agent.android.instrumentation.Instrumented;
import com.bonree.agent.android.instrumentation.JSONObjectInstrumentation;
import com.pingan.aladdin.core.AladdinGlobal;
import com.pingan.aladdin.core.Debuger;
import com.pingan.aladdin.core.NativeConfig;
import com.pingan.aladdin.core.network.okhttp.https.HttpsUtils;
import com.pingan.aladdin.core.utils.FileUtil;
import com.pingan.aladdin.core.utils.StringUtil;
import com.secneo.apkwrapper.Helper;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;
import org.json.JSONException;
import org.json.JSONObject;

@Instrumented
/* loaded from: classes2.dex */
public class PaHttpsUtils {
    private static final String CERTIFICATE = "";
    private static final String CONFIGFILE = "tls_certificates.json";
    private static HashMap<String, OkHttpClient> clients;
    private static HashMap<String, String> configs;

    static {
        Helper.stub();
        configs = new HashMap<>();
        clients = new HashMap<>();
    }

    public static void clearCertData() {
        configs.clear();
        configs = null;
        clients.clear();
        clients = null;
    }

    private static InputStream getAssetsCertificateFileStream(String str) {
        try {
            if (TextUtils.isEmpty(str)) {
                str = "certificate.cer";
            }
            return AladdinGlobal.getInstance().getApplicationContext().getResources().getAssets().open(str);
        } catch (IOException e) {
            Debuger.logD(e.getMessage());
            return null;
        }
    }

    public static String getCertFilePath(String str) {
        Debuger.logD("getCertFilePath   configs.size=" + configs.size());
        String str2 = configs.get(str);
        if (!StringUtil.isEmpty(str2)) {
            return str2;
        }
        for (Map.Entry<String, String> entry : configs.entrySet()) {
            String key = entry.getKey();
            if (!StringUtil.isEmpty(key)) {
                if (key.trim().startsWith("*.")) {
                    if (str.endsWith(key.replaceFirst("\\*\\.", ""))) {
                        return entry.getValue();
                    }
                } else if (key.trim().endsWith(".*") && str.startsWith(key.replaceFirst("\\.\\*", ""))) {
                    return entry.getValue();
                }
            }
        }
        return str2;
    }

    public static Certificate getCertificate(String str) {
        Certificate certificate = null;
        InputStream certificateFileStream = getCertificateFileStream(str);
        try {
            try {
                certificate = CertificateFactory.getInstance("X.509").generateCertificate(certificateFileStream);
                if (certificateFileStream != null) {
                    try {
                        certificateFileStream.close();
                    } catch (IOException e) {
                        Debuger.logD(e.getMessage());
                    }
                }
            } catch (CertificateException e2) {
                Debuger.logD(e2.getMessage());
                if (certificateFileStream != null) {
                    try {
                        certificateFileStream.close();
                    } catch (IOException e3) {
                        Debuger.logD(e3.getMessage());
                    }
                }
            }
            return certificate;
        } catch (Throwable th) {
            if (certificateFileStream != null) {
                try {
                    certificateFileStream.close();
                } catch (IOException e4) {
                    Debuger.logD(e4.getMessage());
                }
            }
            throw th;
        }
    }

    private static InputStream getCertificateFileStream(String str) {
        try {
            if (TextUtils.isEmpty(str)) {
                return null;
            }
            return new BufferedInputStream(new FileInputStream(str));
        } catch (IOException e) {
            Debuger.logD(e.getMessage());
            return null;
        }
    }

    private static InputStream getCertificateResStream(int i) {
        try {
            return AladdinGlobal.getInstance().getApplicationContext().getResources().openRawResource(i);
        } catch (Exception e) {
            Debuger.logD(e.getMessage());
            return null;
        }
    }

    private static InputStream getCertificateStream() {
        return new ByteArrayInputStream("".getBytes());
    }

    public static OkHttpClient getCloneClient(String str) {
        return clients.get(getHost(str));
    }

    public static String getHost(String str) {
        try {
            return new URL(str).getHost();
        } catch (MalformedURLException e) {
            Debuger.logD(e.getMessage());
            return null;
        }
    }

    public static HttpsUtils.SSLParams getSSLParams(String str) {
        String certFilePath = getCertFilePath(getHost(str));
        Debuger.logD("PaHttpsUtils", "filePath:--->" + certFilePath);
        HttpsUtils.SSLParams sSLParams = new HttpsUtils.SSLParams();
        if (!TextUtils.isEmpty(certFilePath)) {
            sSLParams.sSLSocketFactory = getSSLSocketFactory(getCertificate(certFilePath), sSLParams);
        }
        return sSLParams;
    }

    private static SSLSocketFactory getSSLSocketFactory(Certificate certificate, HttpsUtils.SSLParams sSLParams) {
        SSLSocketFactory sSLSocketFactory = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("ca", certificate);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagers, null);
            sSLSocketFactory = sSLContext.getSocketFactory();
            if (trustManagers != null && sSLParams != null) {
                sSLParams.trustManager = (X509TrustManager) trustManagers[0];
            }
        } catch (IOException e) {
            Debuger.logD(e.getMessage());
        } catch (KeyManagementException e2) {
            Debuger.logD(e2.getMessage());
        } catch (KeyStoreException e3) {
            Debuger.logD(e3.getMessage());
        } catch (NoSuchAlgorithmException e4) {
            Debuger.logD(e4.getMessage());
        } catch (CertificateException e5) {
            Debuger.logD(e5.getMessage());
        }
        return sSLSocketFactory;
    }

    private static X509TrustManager getX509TrustManager(Certificate certificate) {
        PaX509TrustManager paX509TrustManager = new PaX509TrustManager();
        paX509TrustManager.setHostCa(certificate);
        return paX509TrustManager;
    }

    public static void initCrtConfig() {
        String str = FileUtil.getWebRootPath(AladdinGlobal.getInstance().getApplicationContext()) + File.separator + "config" + File.separator;
        File file = new File(str + CONFIGFILE);
        Debuger.logD("initCrtConfig  file exists = " + file.exists());
        if (file.exists()) {
            StringBuilder sb = new StringBuilder();
            try {
                BufferedReader bufferedReader = new BufferedReader(new FileReader(str + CONFIGFILE));
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    } else {
                        sb.append(readLine);
                    }
                }
                JSONObject init = JSONObjectInstrumentation.init(sb.toString());
                Iterator<String> keys = init.keys();
                while (keys.hasNext()) {
                    String next = keys.next();
                    String str2 = str + init.optString(next);
                    if (new File(str2).exists()) {
                        configs.put(next, str2);
                        Debuger.logD("key=" + next + ", ----cert path =" + str2);
                    }
                }
            } catch (FileNotFoundException e) {
                Debuger.logD(e.getMessage());
            } catch (IOException e2) {
                Debuger.logD(e2.getMessage());
            } catch (JSONException e3) {
                Debuger.logD(e3.getMessage());
            }
        }
    }

    public static boolean isCertificateConfigExists() {
        File file = new File((FileUtil.getWebRootPath(AladdinGlobal.getInstance().getApplicationContext()) + File.separator + "config" + File.separator) + CONFIGFILE);
        Debuger.logD("isCertificateConfigExists   config path = " + file.getAbsolutePath() + ", exists=" + file.exists());
        return file.exists();
    }

    private static InputStream[] readCrtConfig() {
        String str = FileUtil.getWebRootPath(AladdinGlobal.getInstance().getApplicationContext()) + File.separator + "config" + File.separator;
        if (!new File(str + CONFIGFILE).exists()) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        ArrayList arrayList = new ArrayList();
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(str + CONFIGFILE));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                sb.append(readLine);
            }
            JSONObject init = JSONObjectInstrumentation.init(sb.toString());
            Iterator<String> keys = init.keys();
            while (keys.hasNext()) {
                String str2 = str + init.optString(keys.next());
                if (new File(str2).exists()) {
                    arrayList.add(new FileInputStream(str2));
                }
            }
            if (arrayList.size() > 0) {
                return (InputStream[]) arrayList.toArray(new InputStream[arrayList.size()]);
            }
        } catch (FileNotFoundException e) {
            Debuger.logD(e.getMessage());
        } catch (IOException e2) {
            Debuger.logD(e2.getMessage());
        } catch (JSONException e3) {
            Debuger.logD(e3.getMessage());
        }
        return null;
    }

    public static void saveCloneClient(String str, OkHttpClient okHttpClient) {
        clients.put(getHost(str), okHttpClient);
    }

    public static boolean wantSslRequst(String str) {
        try {
            URL url = new URL(str);
            String host = url.getHost();
            String str2 = url.getProtocol() + "://" + host + url.getPath();
            if (NativeConfig.a().b.contains(host) || NativeConfig.a().b.contains(str2) || !NativeConfig.a().f || !isCertificateConfigExists()) {
                return false;
            }
            if (configs.isEmpty()) {
                initCrtConfig();
            }
            return !TextUtils.isEmpty(getCertFilePath(host));
        } catch (MalformedURLException e) {
            Debuger.logD(e.getMessage());
            return false;
        }
    }
}
