package defpackage;

import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class ww2 implements X509TrustManager {
    private static final String d = ww2.class.getSimpleName();
    private static String e;
    private static String f;
    private Map<BigInteger, Boolean> a = new ConcurrentHashMap();
    private Map<String, X509CRL> b = new ConcurrentHashMap();
    protected List<X509TrustManager> c = new ArrayList();

    public ww2() {
        a();
    }

    public ww2(String str, String str2) {
        e = str;
        f = str2;
        a();
        a(str, "");
    }

    public ww2(String str, String str2, String str3) {
        e = str;
        f = str2;
        a();
        a(str, str3);
    }

    private String a(X509Certificate x509Certificate) throws CertificateParsingException, UnsupportedEncodingException {
        String b = b(x509Certificate);
        if (b != null) {
            return b;
        }
        jj2.d(d, "getCrlByAlternativeNames return null");
        return c(x509Certificate);
    }

    private void a() {
        Exception e2;
        int i;
        jj2.d(d, "loadAndroidSystemCA start");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            keyStore.load(null, null);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            i = 0;
            for (int i2 = 0; i2 < trustManagers.length; i2++) {
                try {
                    if (trustManagers[i2] instanceof X509TrustManager) {
                        this.c.add((X509TrustManager) trustManagers[i2]);
                        i++;
                    }
                } catch (IOException e3) {
                    e2 = e3;
                    jj2.c(d, "loadAndroidSystemCA: exception : " + e2.getMessage());
                    jj2.d(d, "loadAndroidSystemCA end with ca num " + i);
                } catch (KeyStoreException e4) {
                    e2 = e4;
                    jj2.c(d, "loadAndroidSystemCA: exception : " + e2.getMessage());
                    jj2.d(d, "loadAndroidSystemCA end with ca num " + i);
                } catch (NoSuchAlgorithmException e5) {
                    e2 = e5;
                    jj2.c(d, "loadAndroidSystemCA: exception : " + e2.getMessage());
                    jj2.d(d, "loadAndroidSystemCA end with ca num " + i);
                } catch (CertificateException e6) {
                    e2 = e6;
                    jj2.c(d, "loadAndroidSystemCA: exception : " + e2.getMessage());
                    jj2.d(d, "loadAndroidSystemCA end with ca num " + i);
                }
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e7) {
            e2 = e7;
            i = 0;
        }
        jj2.d(d, "loadAndroidSystemCA end with ca num " + i);
    }

    private void a(String str, String str2) {
        jj2.d(d, "loadAppBksCA start");
        if (ji2.p(str)) {
            jj2.c(d, "loadAppBksCA bksPath empty");
            return;
        }
        File file = new File(str);
        if (!file.exists() || !file.isDirectory()) {
            jj2.c(d, "invalid bksPath");
            return;
        }
        for (File file2 : file.listFiles()) {
            if (file2.getName().endsWith(".bks")) {
                try {
                    b(file2.getCanonicalPath(), str2);
                } catch (IOException e2) {
                    jj2.d(d, "failed to read bks files: " + e2.toString());
                }
            }
        }
        jj2.d(d, "loadAppBksCA end all ca store num " + this.c.size());
    }

    private void a(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        jj2.d(d, "doCheckServerTrusted start,ca chain size : " + x509CertificateArr.length + ",auth type: " + str);
        int size = this.c.size();
        for (int i = 0; i < size; i++) {
            try {
                this.c.get(i).checkServerTrusted(x509CertificateArr, str);
                jj2.d(d, "doCheckServerTrusted succeed, index is " + i + ",root ca issuer is : " + x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                return;
            } catch (CertificateException e2) {
                jj2.c(d, "doCheckServerTrusted error :" + e2.getMessage() + " , index : " + i);
                if (i == size - 1) {
                    if (x509CertificateArr != null && x509CertificateArr.length > 0) {
                        jj2.c(d, "root ca issuer : " + x509CertificateArr[x509CertificateArr.length - 1].getIssuerDN());
                    }
                    throw new CertificateException("check server chain failed");
                }
            }
        }
        jj2.d(d, "doCheckServerTrusted end");
    }

    private boolean a(X509Certificate[] x509CertificateArr) {
        boolean d2;
        for (X509Certificate x509Certificate : x509CertificateArr) {
            try {
                d2 = d(x509Certificate);
                this.a.put(x509Certificate.getSerialNumber(), Boolean.valueOf(d2));
            } catch (IOException | CertificateException e2) {
                jj2.d(d, "hasRevoked exception " + e2.getMessage());
            }
            if (d2) {
                return true;
            }
        }
        return false;
    }

    private String b(X509Certificate x509Certificate) throws CertificateParsingException {
        List<?> next;
        String str;
        Collection<List<?>> issuerAlternativeNames = x509Certificate.getIssuerAlternativeNames();
        if (issuerAlternativeNames == null) {
            return null;
        }
        Iterator<List<?>> it = issuerAlternativeNames.iterator();
        while (it.hasNext() && (next = it.next()) != null) {
            for (Object obj : next) {
                if ((obj instanceof String) && (str = (String) obj) != null && str.endsWith(".crl")) {
                    return str;
                }
            }
        }
        return null;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: RegionMakerVisitor
        jadx.core.utils.exceptions.JadxRuntimeException: Can't find top splitter block for handler:B:28:0x0040
        	at jadx.core.utils.BlockUtils.getTopSplitterForHandler(BlockUtils.java:1166)
        	at jadx.core.dex.visitors.regions.RegionMaker.processTryCatchBlocks(RegionMaker.java:1022)
        	at jadx.core.dex.visitors.regions.RegionMakerVisitor.visit(RegionMakerVisitor.java:55)
        */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v0 */
    /* JADX WARN: Type inference failed for: r1v1 */
    /* JADX WARN: Type inference failed for: r1v10 */
    /* JADX WARN: Type inference failed for: r1v11 */
    /* JADX WARN: Type inference failed for: r1v12 */
    /* JADX WARN: Type inference failed for: r1v13 */
    /* JADX WARN: Type inference failed for: r1v14 */
    /* JADX WARN: Type inference failed for: r1v15 */
    /* JADX WARN: Type inference failed for: r1v2 */
    /* JADX WARN: Type inference failed for: r1v3, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r1v4 */
    /* JADX WARN: Type inference failed for: r1v7 */
    /* JADX WARN: Type inference failed for: r1v8, types: [int] */
    private void b(java.lang.String r6, java.lang.String r7) {
        /*
            r5 = this;
            java.lang.String r0 = "close inputStream IOException"
            if (r7 != 0) goto L6
            java.lang.String r7 = ""
        L6:
            r1 = 0
            java.io.FileInputStream r2 = new java.io.FileInputStream     // Catch: java.lang.Throwable -> L51 java.security.NoSuchAlgorithmException -> L54 java.io.IOException -> L56 java.security.cert.CertificateException -> L58 java.security.KeyStoreException -> L5a
            r2.<init>(r6)     // Catch: java.lang.Throwable -> L51 java.security.NoSuchAlgorithmException -> L54 java.io.IOException -> L56 java.security.cert.CertificateException -> L58 java.security.KeyStoreException -> L5a
            java.lang.String r1 = "X509"
            javax.net.ssl.TrustManagerFactory r1 = javax.net.ssl.TrustManagerFactory.getInstance(r1)     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            java.lang.String r3 = "bks"
            java.security.KeyStore r3 = java.security.KeyStore.getInstance(r3)     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            char[] r7 = r7.toCharArray()     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            r3.load(r2, r7)     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            r1.init(r3)     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            javax.net.ssl.TrustManager[] r7 = r1.getTrustManagers()     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            r1 = 0
        L27:
            int r3 = r7.length     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            if (r1 >= r3) goto L3c
            r3 = r7[r1]     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            boolean r3 = r3 instanceof javax.net.ssl.X509TrustManager     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            if (r3 == 0) goto L39
            java.util.List<javax.net.ssl.X509TrustManager> r3 = r5.c     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            r4 = r7[r1]     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            javax.net.ssl.X509TrustManager r4 = (javax.net.ssl.X509TrustManager) r4     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
            r3.add(r4)     // Catch: java.lang.Throwable -> L46 java.security.NoSuchAlgorithmException -> L48 java.io.IOException -> L4a java.security.cert.CertificateException -> L4c java.security.KeyStoreException -> L4e
        L39:
            int r1 = r1 + 1
            goto L27
        L3c:
            r2.close()     // Catch: java.io.IOException -> L40
            goto L82
        L40:
            java.lang.String r6 = defpackage.ww2.d
            defpackage.jj2.c(r6, r0)
            goto L82
        L46:
            r6 = move-exception
            goto L83
        L48:
            r7 = move-exception
            goto L4f
        L4a:
            r7 = move-exception
            goto L4f
        L4c:
            r7 = move-exception
            goto L4f
        L4e:
            r7 = move-exception
        L4f:
            r1 = r2
            goto L5b
        L51:
            r6 = move-exception
            r2 = r1
            goto L83
        L54:
            r7 = move-exception
            goto L5b
        L56:
            r7 = move-exception
            goto L5b
        L58:
            r7 = move-exception
            goto L5b
        L5a:
            r7 = move-exception
        L5b:
            java.lang.String r2 = defpackage.ww2.d     // Catch: java.lang.Throwable -> L51
            java.lang.StringBuilder r3 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L51
            r3.<init>()     // Catch: java.lang.Throwable -> L51
            java.lang.String r4 = "loadBksCA: "
            r3.append(r4)     // Catch: java.lang.Throwable -> L51
            r3.append(r6)     // Catch: java.lang.Throwable -> L51
            java.lang.String r6 = " exception : "
            r3.append(r6)     // Catch: java.lang.Throwable -> L51
            java.lang.String r6 = r7.getMessage()     // Catch: java.lang.Throwable -> L51
            r3.append(r6)     // Catch: java.lang.Throwable -> L51
            java.lang.String r6 = r3.toString()     // Catch: java.lang.Throwable -> L51
            defpackage.jj2.c(r2, r6)     // Catch: java.lang.Throwable -> L51
            if (r1 == 0) goto L82
            r1.close()     // Catch: java.io.IOException -> L40
        L82:
            return
        L83:
            if (r2 == 0) goto L8e
            r2.close()     // Catch: java.io.IOException -> L89
            goto L8e
        L89:
            java.lang.String r7 = defpackage.ww2.d
            defpackage.jj2.c(r7, r0)
        L8e:
            throw r6
        */
        throw new UnsupportedOperationException("Method not decompiled: defpackage.ww2.b(java.lang.String, java.lang.String):void");
    }

    private String c(X509Certificate x509Certificate) throws UnsupportedEncodingException {
        byte[] extensionValue;
        Set<String> nonCriticalExtensionOIDs = x509Certificate.getNonCriticalExtensionOIDs();
        if (nonCriticalExtensionOIDs == null) {
            return null;
        }
        for (String str : nonCriticalExtensionOIDs) {
            if (str != null && (extensionValue = x509Certificate.getExtensionValue(str)) != null) {
                String str2 = new String(extensionValue, StandardCharsets.UTF_8);
                if (str2.endsWith(".crl")) {
                    return str2.substring(str2.contains("http://") ? str2.lastIndexOf("http://") : str2.lastIndexOf("https://"));
                }
            }
        }
        return null;
    }

    private boolean d(X509Certificate x509Certificate) throws IOException, CertificateException {
        if (this.a.containsKey(x509Certificate.getSerialNumber())) {
            return this.a.get(x509Certificate.getSerialNumber()).booleanValue();
        }
        String a = a(x509Certificate);
        jj2.d(d, "get crl " + a);
        if (a == null) {
            return false;
        }
        String str = f + a.substring(a.lastIndexOf("/"));
        jj2.d(d, "get x509crl start " + a);
        X509CRL x509crl = this.b.get(a);
        if (x509crl == null) {
            x509crl = zw2.a(str);
            if (x509crl == null) {
                jj2.d(d, "x509CRL null for " + a);
                return false;
            }
            this.b.put(a, x509crl);
        }
        jj2.d(d, "check x509CRL start " + a);
        if (x509crl.isRevoked(x509Certificate)) {
            jj2.c(d, "isRevoked " + x509Certificate.getSerialNumber());
            return true;
        }
        for (X509CRLEntry x509CRLEntry : x509crl.getRevokedCertificates()) {
            if (x509CRLEntry != null && x509CRLEntry.getSerialNumber().equals(x509Certificate.getSerialNumber())) {
                jj2.c(d, "isRevoked in entities" + x509Certificate.getSerialNumber());
                return true;
            }
        }
        jj2.d(d, "check x509CRL end " + a);
        return false;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (x509CertificateArr == null) {
            throw new CertificateException("certificate chain is null");
        }
        if (x509CertificateArr.length <= 0) {
            throw new CertificateException("certificate chain is empty");
        }
        if (str == null) {
            throw new CertificateException("certificate authType is null");
        }
        a(x509CertificateArr, str);
        if (e == null) {
            jj2.d(d, "pemPath null, ignore checkServerTrusted Revoked.");
        }
        if (a(x509CertificateArr)) {
            throw new CertificateException("check server hasRevoked");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        try {
            ArrayList arrayList = new ArrayList();
            Iterator<X509TrustManager> it = this.c.iterator();
            while (it.hasNext()) {
                arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        } catch (Exception e2) {
            jj2.c(d, "getAcceptedIssuers exception : " + e2.getMessage());
            return new X509Certificate[0];
        }
    }
}
