package com.lakala.zf.front.framework.commons.request.ssl;

import android.util.Base64;
import com.lakala.zf.front.framework.commons.logger.Logger;
import com.lakala.zf.front.framework.commons.request.bean.CerConfig;
import com.lakala.zf.front.framework.commons.request.bean.SSLSocketConfig;
import com.lakala.zf.front.framework.commons.request.bean.ServiceConfig;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* compiled from: LklSSLSocketFactory.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000B\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0004\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u001f\u0010\b\u001a\n\u0012\u0004\u0012\u00020\n\u0018\u00010\t2\b\u0010\u000b\u001a\u0004\u0018\u00010\fH\u0002¢\u0006\u0002\u0010\rJ\u0012\u0010\u000e\u001a\u0004\u0018\u00010\u000f2\u0006\u0010\u000b\u001a\u00020\fH\u0002J\u0012\u0010\u0010\u001a\u0004\u0018\u00010\u000f2\u0006\u0010\u000b\u001a\u00020\fH\u0002J\u000e\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u0014J\u001d\u0010\u0015\u001a\b\u0012\u0004\u0012\u00020\u00160\t2\b\u0010\u000b\u001a\u0004\u0018\u00010\fH\u0002¢\u0006\u0002\u0010\u0017J\u001b\u0010\u0018\u001a\b\u0012\u0004\u0012\u00020\u00160\t2\u0006\u0010\u000b\u001a\u00020\fH\u0002¢\u0006\u0002\u0010\u0017J\u001b\u0010\u0019\u001a\b\u0012\u0004\u0012\u00020\u00160\t2\u0006\u0010\u000b\u001a\u00020\fH\u0002¢\u0006\u0002\u0010\u0017R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000¨\u0006\u001a"}, d2 = {"Lcom/lakala/zf/front/framework/commons/request/ssl/LklSSLSocketFactory;", "", "()V", "CERTIFICATE_FORMAT", "", "KEY_STORE_TYPE_BKS", "KEY_STORE_TYPE_P12", "PROTOCOL_TYPE", "getKeyManagerArray", "", "Ljavax/net/ssl/KeyManager;", "cerConfig", "Lcom/lakala/zf/front/framework/commons/request/bean/CerConfig;", "(Lcom/lakala/zf/front/framework/commons/request/bean/CerConfig;)[Ljavax/net/ssl/KeyManager;", "getKeyManagerForInput", "Ljavax/net/ssl/KeyManagerFactory;", "getKeyManagerForString", "getSSLSocketConfig", "Lcom/lakala/zf/front/framework/commons/request/bean/SSLSocketConfig;", "netConfig", "Lcom/lakala/zf/front/framework/commons/request/bean/ServiceConfig;", "getTrustManagerArray", "Ljavax/net/ssl/TrustManager;", "(Lcom/lakala/zf/front/framework/commons/request/bean/CerConfig;)[Ljavax/net/ssl/TrustManager;", "getTrustManagerForInput", "getTrustManagerForString", "Common_release"}, k = 1, mv = {1, 4, 1})
/* loaded from: classes3.dex */
public final class LklSSLSocketFactory {
    private static final String CERTIFICATE_FORMAT = "X509";
    public static final LklSSLSocketFactory INSTANCE = new LklSSLSocketFactory();
    private static final String KEY_STORE_TYPE_BKS = "BKS";
    private static final String KEY_STORE_TYPE_P12 = "PKCS12";
    private static final String PROTOCOL_TYPE = "TLS";

    private LklSSLSocketFactory() {
    }

    private final KeyManager[] getKeyManagerArray(CerConfig cerConfig) {
        KeyManagerFactory keyManagerForInput;
        String cerString = cerConfig != null ? cerConfig.getCerString() : null;
        if (cerString == null || cerString.length() == 0) {
            if ((cerConfig != null ? cerConfig.getCerInputStream() : null) == null || (keyManagerForInput = getKeyManagerForInput(cerConfig)) == null) {
                return null;
            }
            return keyManagerForInput.getKeyManagers();
        }
        Intrinsics.checkNotNull(cerConfig);
        KeyManagerFactory keyManagerForString = getKeyManagerForString(cerConfig);
        if (keyManagerForString != null) {
            return keyManagerForString.getKeyManagers();
        }
        return null;
    }

    private final KeyManagerFactory getKeyManagerForInput(CerConfig cerConfig) {
        KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE_P12);
        InputStream cerInputStream = cerConfig.getCerInputStream();
        String password = cerConfig.getPassword();
        if (password == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        char[] charArray = password.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "(this as java.lang.String).toCharArray()");
        keyStore.load(cerInputStream, charArray);
        InputStream cerInputStream2 = cerConfig.getCerInputStream();
        if (cerInputStream2 != null) {
            cerInputStream2.close();
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(CERTIFICATE_FORMAT);
        String password2 = cerConfig.getPassword();
        if (password2 == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        char[] charArray2 = password2.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray2, "(this as java.lang.String).toCharArray()");
        keyManagerFactory.init(keyStore, charArray2);
        return keyManagerFactory;
    }

    private final KeyManagerFactory getKeyManagerForString(CerConfig cerConfig) {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(cerConfig.getCerString(), 0));
        Throwable th = (Throwable) null;
        try {
            Certificate generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
            Intrinsics.checkNotNullExpressionValue(generateCertificate, "cf.generateCertificate(it)");
            if (generateCertificate == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
            }
            ((X509Certificate) generateCertificate).checkValidity();
            Logger.i$default(Logger.INSTANCE, "Longer", "yanggz>>>>>ca=" + ((X509Certificate) generateCertificate).getSubjectDN(), 0, 0, 12, null);
            Logger.i$default(Logger.INSTANCE, "Longer", "yanggz>>>>>key=" + ((X509Certificate) generateCertificate).getPublicKey(), 0, 0, 12, null);
            Unit unit = Unit.INSTANCE;
            CloseableKt.closeFinally(byteArrayInputStream, th);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("ca", generateCertificate);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            String password = cerConfig.getPassword();
            if (password == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            char[] charArray = password.toCharArray();
            Intrinsics.checkNotNullExpressionValue(charArray, "(this as java.lang.String).toCharArray()");
            keyManagerFactory.init(keyStore, charArray);
            return keyManagerFactory;
        } catch (Throwable th2) {
            try {
                throw th2;
            } catch (Throwable th3) {
                CloseableKt.closeFinally(byteArrayInputStream, th2);
                throw th3;
            }
        }
    }

    private final TrustManager[] getTrustManagerArray(final CerConfig cerConfig) {
        String cerString = cerConfig != null ? cerConfig.getCerString() : null;
        if (cerString == null || cerString.length() == 0) {
            return (cerConfig != null ? cerConfig.getCerInputStream() : null) != null ? getTrustManagerForInput(cerConfig) : new TrustManager[]{new LklX509TrustManager(r0) { // from class: com.lakala.zf.front.framework.commons.request.ssl.LklSSLSocketFactory$getTrustManagerArray$2
            }};
        }
        TrustManager[] trustManagerArr = new TrustManager[1];
        r0 = cerConfig != null ? cerConfig.getCerString() : null;
        trustManagerArr[0] = new LklX509TrustManager(r0) { // from class: com.lakala.zf.front.framework.commons.request.ssl.LklSSLSocketFactory$getTrustManagerArray$1
        };
        return trustManagerArr;
    }

    private final TrustManager[] getTrustManagerForInput(CerConfig cerConfig) {
        KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE_BKS);
        InputStream cerInputStream = cerConfig.getCerInputStream();
        String password = cerConfig.getPassword();
        if (password == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        char[] charArray = password.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "(this as java.lang.String).toCharArray()");
        keyStore.load(cerInputStream, charArray);
        InputStream cerInputStream2 = cerConfig.getCerInputStream();
        if (cerInputStream2 != null) {
            cerInputStream2.close();
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(CERTIFICATE_FORMAT);
        trustManagerFactory.init(keyStore);
        Intrinsics.checkNotNullExpressionValue(trustManagerFactory, "trustManagerFactory");
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        Intrinsics.checkNotNullExpressionValue(trustManagers, "trustManagerFactory.trustManagers");
        return trustManagers;
    }

    private final TrustManager[] getTrustManagerForString(CerConfig cerConfig) {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(cerConfig.getCerString(), 0));
        Throwable th = (Throwable) null;
        try {
            Certificate generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
            Intrinsics.checkNotNullExpressionValue(generateCertificate, "cf.generateCertificate(caInput)");
            if (generateCertificate == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
            }
            ((X509Certificate) generateCertificate).checkValidity();
            Logger.i$default(Logger.INSTANCE, "LklSSLSocketFactory", "yanggz>>>>>ca=" + ((X509Certificate) generateCertificate).getSubjectDN(), 0, 0, 12, null);
            Logger.i$default(Logger.INSTANCE, "LklSSLSocketFactory", "yanggz>>>>>key=" + ((X509Certificate) generateCertificate).getPublicKey(), 0, 0, 12, null);
            Logger.i$default(Logger.INSTANCE, "LklSSLSocketFactory", "yanggz>>>>>key=" + ((X509Certificate) generateCertificate).getIssuerDN(), 0, 0, 12, null);
            Unit unit = Unit.INSTANCE;
            CloseableKt.closeFinally(byteArrayInputStream, th);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            keyStore.setCertificateEntry("0", generateCertificate);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            Intrinsics.checkNotNullExpressionValue(trustManagerFactory, "trustManagerFactory");
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            Intrinsics.checkNotNullExpressionValue(trustManagers, "trustManagerFactory.trustManagers");
            return trustManagers;
        } catch (Throwable th2) {
            try {
                throw th2;
            } catch (Throwable th3) {
                CloseableKt.closeFinally(byteArrayInputStream, th2);
                throw th3;
            }
        }
    }

    public final SSLSocketConfig getSSLSocketConfig(ServiceConfig netConfig) {
        SSLContext sslContext;
        TrustManager[] trustManagerArray;
        boolean z;
        Intrinsics.checkNotNullParameter(netConfig, "netConfig");
        SSLSocketConfig sSLSocketConfig = new SSLSocketConfig(null, null, 3, null);
        try {
            sslContext = SSLContext.getInstance("TLS");
            KeyManager[] keyManagerArray = getKeyManagerArray(netConfig.getKeyStore());
            trustManagerArray = getTrustManagerArray(netConfig.getTrustStore());
            sslContext.init(keyManagerArray, trustManagerArray, new SecureRandom());
            z = true;
            if (!(!(trustManagerArray.length == 0)) || !(trustManagerArray[0] instanceof X509TrustManager)) {
                z = false;
            }
        } catch (Exception e) {
            e.printStackTrace();
            Logger.e$default(Logger.INSTANCE, "LklSSLSocketFactory", "erro:" + e.getLocalizedMessage(), 0, 0, 12, null);
        }
        if (!z) {
            throw new IllegalArgumentException("Unexpected default trust managers:".toString());
        }
        Intrinsics.checkNotNullExpressionValue(sslContext, "sslContext");
        sSLSocketConfig.setSSLSocketFactory(sslContext.getSocketFactory());
        TrustManager trustManager = trustManagerArray[0];
        if (trustManager == null) {
            throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
        }
        sSLSocketConfig.setX509TrustManager((X509TrustManager) trustManager);
        return sSLSocketConfig;
    }
}
