package com.huawei.crowdtestsdk.http.https;

import android.content.Intent;
import com.huawei.androidcommon.utils.IOUtils;
import com.huawei.crowdtestsdk.common.AppContext;
import com.huawei.crowdtestsdk.common.L;
import com.huawei.crowdtestsdk.constants.Constants;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes.dex */
public class SecureNetSSLSocketFactory extends SSLSocketFactory {
    private static final String BETACLUB_CN_ALIAS = "betaclub_cn";
    public static final int CERTIFICATE_HAD_EXPIRED = 2;
    public static final int CERTIFICATE_WILL_EXPIRED = 1;
    private static final String CERT_UPDATE = "com.huawei.betaclub.CERT_NOTIFICATION";
    private static final String CLIENT_TRUSTSTORE_MANAGER = "X509";
    private static final String KEY_STORE_TYPE_BKS = "BKS";
    private static final long ONE_MONTH = -1702967296;
    private static final String TRUST_STORE_PATH = "server.bks";
    private static final String UNIPORTAL_ALIAS = "uniportal";
    private static volatile SecureNetSSLSocketFactory delegate = null;
    public static final int salLength = 20;
    private static String trustStorePw = "5b42403135BKyBbOa0Oj+OztMfqhMP8XDDqEynpeU0No0Oj+pjtQwB1TM$BZmB$mV+OvDwPmp2kZFzNbYadh0nrXBHGw62BQ==";
    private SSLContext sslContext;
    private KeyStore trustStore;

    private SecureNetSSLSocketFactory() {
        this.sslContext = null;
        try {
            this.sslContext = SSLContext.getInstance("TLSv1.2");
            this.sslContext.init(null, getTrustManagers(), new SecureRandom());
        } catch (KeyManagementException unused) {
            L.e("BETACLUB_SDK", "[SecureNetSSLSocketFactory]Error2");
        } catch (NoSuchAlgorithmException unused2) {
            L.e("BETACLUB_SDK", "[SecureNetSSLSocketFactory]Error1");
        } catch (Exception unused3) {
            L.e("BETACLUB_SDK", "[SecureNetSSLSocketFactory]Error3");
        }
    }

    public static SecureNetSSLSocketFactory getInstance() {
        if (delegate == null) {
            synchronized (SecureNetSSLSocketFactory.class) {
                if (delegate == null) {
                    delegate = new SecureNetSSLSocketFactory();
                }
            }
        }
        return delegate;
    }

    private String getTrustStoreKey() {
        try {
            return new String(SecAction.decrypt(Base64Coder.decode(trustStorePw.substring(10, trustStorePw.length()).getBytes("UTF-8")), SecAction.encryptPBKDF2(SecInput.getAmazonKm(), "5b424031353532623736")), "UTF-8").subSequence(0, r3.length() - 20).toString();
        } catch (UnsupportedEncodingException unused) {
            L.e("BETACLUB_SDK", "[SecureNetSSLSocketFactory.getTrustStoreKey]UnsupportedEncodingException");
            return "";
        }
    }

    private void sendBroadcastCertInvalid(int i) {
        Intent intent = new Intent(CERT_UPDATE);
        intent.putExtra("certCheckedState", i);
        AppContext.getContext().sendBroadcast(intent, Constants.BETACLUB_DOMESTIC_PERMISSION);
        L.i("BETACLUB_SDK", "[SecureNetSSLSocketFactory.sendBroadcastCertInvalid]");
    }

    public static void setEnableSafeCipherSuites(SSLSocket sSLSocket) {
        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
        ArrayList arrayList = new ArrayList();
        for (String str : enabledCipherSuites) {
            String upperCase = str.toUpperCase();
            if (!upperCase.contains("RC4") && !upperCase.contains("DES") && !upperCase.contains("MD5") && !upperCase.contains("ANON") && !upperCase.contains("NULL")) {
                arrayList.add(str);
            }
        }
        sSLSocket.setEnabledCipherSuites((String[]) arrayList.toArray(new String[arrayList.size()]));
    }

    public void checkCertValidilty() {
        KeyStore keyStore = this.trustStore;
        if (keyStore != null) {
            try {
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(UNIPORTAL_ALIAS);
                X509Certificate x509Certificate2 = (X509Certificate) this.trustStore.getCertificate(BETACLUB_CN_ALIAS);
                Date date = new Date();
                if (x509Certificate != null && x509Certificate2 != null) {
                    if (x509Certificate != null) {
                        x509Certificate.checkValidity(date);
                    }
                    if (x509Certificate2 != null) {
                        x509Certificate2.checkValidity(date);
                    }
                    long time = x509Certificate != null ? x509Certificate.getNotAfter().getTime() : 0L;
                    long time2 = x509Certificate2 != null ? x509Certificate2.getNotAfter().getTime() : 0L;
                    long time3 = date.getTime();
                    if (time >= time3 && time2 >= time3) {
                        if (time - time3 < ONE_MONTH || time2 - time3 < ONE_MONTH) {
                            sendBroadcastCertInvalid(1);
                            L.i("BETACLUB_SDK", "[SecureNetSSLSocketFactory.checkCertValidilty] certificate will be expired!");
                            return;
                        }
                        return;
                    }
                    sendBroadcastCertInvalid(2);
                    L.i("BETACLUB_SDK", "[SecureNetSSLSocketFactory.checkCertValidilty] certificate had expired!");
                }
            } catch (KeyStoreException unused) {
                L.i("BETACLUB_SDK", "[SecureNetSSLSocketFactory.checkCertValidilty]Error1");
            } catch (CertificateExpiredException unused2) {
                L.i("BETACLUB_SDK", "[SecureNetSSLSocketFactory.checkCertValidilty]Error2");
                sendBroadcastCertInvalid(2);
            } catch (CertificateNotYetValidException unused3) {
                L.i("BETACLUB_SDK", "[SecureNetSSLSocketFactory.checkCertValidilty]Error3");
                sendBroadcastCertInvalid(2);
            }
        }
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(str, i);
        setEnableSafeCipherSuites(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(str, i, inetAddress, i2);
        setEnableSafeCipherSuites(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(inetAddress, i);
        setEnableSafeCipherSuites(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.SocketFactory
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(inetAddress, i, inetAddress2, i2);
        setEnableSafeCipherSuites(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(socket, str, i, z);
        setEnableSafeCipherSuites(sSLSocket);
        return sSLSocket;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getDefaultCipherSuites() {
        return null;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public String[] getSupportedCipherSuites() {
        return null;
    }

    public TrustManager[] getTrustManagers() {
        InputStream inputStream;
        try {
            try {
                inputStream = AppContext.getContext().getResources().getAssets().open(TRUST_STORE_PATH);
            } catch (Throwable th) {
                th = th;
                IOUtils.close((Closeable) null);
                throw th;
            }
        } catch (IOException unused) {
            inputStream = null;
        } catch (KeyStoreException unused2) {
            inputStream = null;
        } catch (NoSuchAlgorithmException unused3) {
            inputStream = null;
        } catch (CertificateException unused4) {
            inputStream = null;
        } catch (Throwable th2) {
            th = th2;
            IOUtils.close((Closeable) null);
            throw th;
        }
        try {
            String trustStoreKey = getTrustStoreKey();
            this.trustStore = KeyStore.getInstance(KEY_STORE_TYPE_BKS);
            this.trustStore.load(inputStream, trustStoreKey.toCharArray());
            checkCertValidilty();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(CLIENT_TRUSTSTORE_MANAGER);
            trustManagerFactory.init(this.trustStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            IOUtils.close(inputStream);
            return trustManagers;
        } catch (IOException unused5) {
            L.e("BETACLUB_SDK", "[SecureNetSSLSocketFactory.getTrustManager]Error3");
            IOUtils.close(inputStream);
            return null;
        } catch (KeyStoreException unused6) {
            L.e("BETACLUB_SDK", "[SecureNetSSLSocketFactory.getTrustManager]Error1");
            IOUtils.close(inputStream);
            return null;
        } catch (NoSuchAlgorithmException unused7) {
            L.e("BETACLUB_SDK", "[SecureNetSSLSocketFactory.getTrustManager]Error2");
            IOUtils.close(inputStream);
            return null;
        } catch (CertificateException unused8) {
            L.e("BETACLUB_SDK", "[SecureNetSSLSocketFactory.getTrustManager]Error4");
            IOUtils.close(inputStream);
            return null;
        }
    }
}
