package com.tmc.net;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.eclipse.paho.client.mqttv3.internal.security.SSLSocketFactoryFactory;

/* loaded from: classes2.dex */
public class SslContextHelper {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class UnifiedTrustManager implements X509TrustManager {
        private X509Certificate[] mAcceptedIssuers;
        private X509TrustManager mDefaultTrustManager;
        private X509TrustManager mLocalTrustManager;

        public UnifiedTrustManager(KeyStore keyStore) throws KeyStoreException {
            try {
                X509TrustManager createTrustManager = createTrustManager((KeyStore) null);
                this.mDefaultTrustManager = createTrustManager;
                L.msg("mDefaultTrustManager %s\n", createTrustManager);
                X509TrustManager createTrustManager2 = createTrustManager(keyStore);
                this.mLocalTrustManager = createTrustManager2;
                L.msg("mLocalTrustManager %s\n", createTrustManager2);
                X509Certificate[] acceptedIssuers = this.mDefaultTrustManager.getAcceptedIssuers();
                X509Certificate[] acceptedIssuers2 = this.mLocalTrustManager.getAcceptedIssuers();
                X509Certificate[] x509CertificateArr = new X509Certificate[acceptedIssuers.length + acceptedIssuers2.length];
                this.mAcceptedIssuers = x509CertificateArr;
                System.arraycopy(acceptedIssuers, 0, x509CertificateArr, 0, acceptedIssuers.length);
                System.arraycopy(acceptedIssuers2, 0, this.mAcceptedIssuers, acceptedIssuers.length, acceptedIssuers2.length);
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }
        }

        private X509TrustManager createTrustManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            for (int i = 0; i < trustManagers.length; i++) {
                if (trustManagers[i] instanceof X509TrustManager) {
                    return (X509TrustManager) trustManagers[i];
                }
            }
            return null;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.mDefaultTrustManager.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                L.msg("mDefault: 0\n");
                this.mDefaultTrustManager.checkServerTrusted(x509CertificateArr, str);
                L.msg("mDefault: 1\n");
            } catch (Exception e) {
                L.msg("mLocal: 0\n");
                L.msg("mLocal: ", e);
                try {
                    this.mLocalTrustManager.checkServerTrusted(x509CertificateArr, str);
                    L.msg("mLocal: 1\n");
                } catch (Exception e2) {
                    throw new CertificateException(e2.toString());
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.mAcceptedIssuers;
        }
    }

    public static KeyStore buildKeyStore(InputStream inputStream) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        return buildKeyStore(readCertList(inputStream));
    }

    public static KeyStore buildKeyStore(String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        return buildKeyStore(readCertList(str));
    }

    public static KeyStore buildKeyStore(Certificate certificate) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca", certificate);
        return keyStore;
    }

    public static KeyStore buildKeyStore(List<Certificate> list) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        int size = list.size();
        for (int i = 0; i < size; i++) {
            keyStore.setCertificateEntry("ca" + i, list.get(i));
        }
        return keyStore;
    }

    public static Certificate readCert(InputStream inputStream) throws CertificateException, IOException {
        Certificate certificate = null;
        if (inputStream == null) {
            return null;
        }
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        while (inputStream.available() > 0) {
            certificate = certificateFactory.generateCertificate(inputStream);
            System.out.println("ca=" + ((X509Certificate) certificate).getSubjectDN());
        }
        return certificate;
    }

    public static Certificate readCert(String str) throws CertificateException, IOException {
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(str));
        Certificate readCert = readCert(bufferedInputStream);
        bufferedInputStream.close();
        return readCert;
    }

    public static List<Certificate> readCertList(InputStream inputStream) throws CertificateException, IOException {
        if (inputStream == null) {
            return null;
        }
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ArrayList arrayList = new ArrayList();
        while (inputStream.available() > 0) {
            Certificate generateCertificate = certificateFactory.generateCertificate(inputStream);
            System.out.println("ca=" + ((X509Certificate) generateCertificate).getSubjectDN());
            arrayList.add(generateCertificate);
        }
        return arrayList;
    }

    public static List<Certificate> readCertList(String str) throws CertificateException, IOException {
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(str));
        List<Certificate> readCertList = readCertList(bufferedInputStream);
        bufferedInputStream.close();
        return readCertList;
    }

    public static SSLContext trustSslContext(InputStream inputStream) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, CertificateException, IOException {
        SSLContext sSLContext;
        KeyStore buildKeyStore = buildKeyStore(readCertList(inputStream));
        try {
            sSLContext = SSLContext.getInstance("TLSv1.2");
            try {
                L.msg("sslConext with TLSv1.2 support\n");
            } catch (Exception unused) {
            }
        } catch (Exception unused2) {
            sSLContext = null;
        }
        if (sSLContext == null) {
            try {
                sSLContext = SSLContext.getInstance("TLSv1.1");
                L.msg("sslConext with TLSv1.1 support\n");
            } catch (Exception unused3) {
            }
        }
        if (sSLContext == null) {
            try {
                sSLContext = SSLContext.getInstance(SSLSocketFactoryFactory.DEFAULT_PROTOCOL);
                L.msg("sslConext with TLS support\n");
            } catch (Exception unused4) {
            }
        }
        L.msg("sslContext created\n");
        UnifiedTrustManager unifiedTrustManager = new UnifiedTrustManager(buildKeyStore);
        L.msg("trustManager %s\n", unifiedTrustManager);
        sSLContext.init(null, new TrustManager[]{unifiedTrustManager}, null);
        SSLParameters supportedSSLParameters = sSLContext.getSupportedSSLParameters();
        String[] protocols = supportedSSLParameters != null ? supportedSSLParameters.getProtocols() : null;
        if (protocols != null) {
            for (int i = 0; i < protocols.length; i++) {
                L.msg("proto[%d] %s\n", Integer.valueOf(i), protocols[i]);
            }
        }
        if (supportedSSLParameters != null) {
            protocols = supportedSSLParameters.getCipherSuites();
        }
        if (protocols != null) {
            for (int i2 = 0; i2 < protocols.length; i2++) {
                L.msg("cipherSuites[%d] %s\n", Integer.valueOf(i2), protocols[i2]);
            }
        }
        return sSLContext;
    }

    public static SSLContext trustSslContext(String str) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException, CertificateException {
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(str));
        SSLContext trustSslContext = trustSslContext(bufferedInputStream);
        bufferedInputStream.close();
        return trustSslContext;
    }
}
