package cn.com.infosec.mobile.tls;

import android.text.TextUtils;
import cn.com.bouncycastle.tls.TLSUtils;
import cn.com.bouncycastle.tls.crypto.impl.external.ExternalCredentialedProvider;
import cn.com.infosec.BuildConfig;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.X509TrustManager;
import okhttp3.ConnectionSpec;
import okhttp3.OkHttpClient;
import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;

/* loaded from: classes2.dex */
public class TLSAndroidUtils extends TLSUtils {

    /* renamed from: cn.com.infosec.mobile.tls.TLSAndroidUtils$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL;

        static {
            int[] iArr = new int[SSL_PROTOCOL.values().length];
            $SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL = iArr;
            try {
                iArr[SSL_PROTOCOL.GM.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[SSL_PROTOCOL.GJ.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[SSL_PROTOCOL.GMThenGJ.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[SSL_PROTOCOL.GJThenGM.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[SSL_PROTOCOL.TLS13.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
        }
    }

    static {
        caches.put("PLATFORM", "Android");
    }

    public static SSLConnectionSocketFactory createHttpClientConnectionManagerBuilder(SSL_PROTOCOL ssl_protocol, boolean z, String[] strArr) throws GeneralSecurityException, IOException {
        String str;
        int i = AnonymousClass1.$SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[ssl_protocol.ordinal()];
        if (i == 1) {
            str = "GMTLSv1.1";
        } else if (i == 2) {
            str = "TLS";
        } else if (i == 3) {
            str = "MIXTLS";
        } else if (i == 4) {
            str = "XIMTLS";
        } else {
            if (i != 5) {
                throw new GeneralSecurityException("unsupported protocol");
            }
            str = "TLSv1.3";
        }
        SSLConnectionSocketFactoryBuilder sslContext = SSLConnectionSocketFactoryBuilder.create().setSslContext(createSSLContext(str, strArr));
        if (z) {
            sslContext.setHostnameVerifier(NoopHostnameVerifier.INSTANCE).build();
        }
        return sslContext.build();
    }

    public static SSLConnectionSocketFactory createHttpClientConnectionManagerBuilder(SSL_PROTOCOL ssl_protocol, boolean z, String[] strArr, ExternalCredentialedProvider externalCredentialedProvider) throws GeneralSecurityException, IOException {
        String str;
        if (ssl_protocol == SSL_PROTOCOL.GM) {
            str = "GMTLSv1.1";
        } else if (ssl_protocol == SSL_PROTOCOL.GJ) {
            str = "TLS";
        } else if (ssl_protocol == SSL_PROTOCOL.GMThenGJ) {
            str = "MIXTLS";
        } else {
            if (ssl_protocol != SSL_PROTOCOL.GJThenGM) {
                if (ssl_protocol == SSL_PROTOCOL.TLS13) {
                    throw new GeneralSecurityException("TLSv1.3 not supported yet in twoway ssl");
                }
                throw new GeneralSecurityException("unsupported protocol");
            }
            str = "XIMTLS";
        }
        if (externalCredentialedProvider == null) {
            throw new GeneralSecurityException("externalCredentialedProvider params must mot null");
        }
        SSLConnectionSocketFactoryBuilder sslContext = SSLConnectionSocketFactoryBuilder.create().setSslContext(createSSLContext(str, strArr, externalCredentialedProvider));
        if (z) {
            sslContext.setHostnameVerifier(NoopHostnameVerifier.INSTANCE).build();
        }
        return sslContext.build();
    }

    public static SSLConnectionSocketFactory createHttpClientConnectionManagerBuilder(SSL_PROTOCOL ssl_protocol, boolean z, String[] strArr, InputStream inputStream, String str, String str2, InputStream inputStream2, String str3, String str4) throws GeneralSecurityException, IOException {
        String str5;
        int i = AnonymousClass1.$SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[ssl_protocol.ordinal()];
        if (i != 1) {
            if (i != 2) {
                if (i != 3) {
                    if (i != 4) {
                        if (i != 5) {
                            throw new GeneralSecurityException("unsupported protocol");
                        }
                        throw new GeneralSecurityException("TLSv1.3 not supported yet in twoway ssl");
                    }
                    if (inputStream == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
                        throw new GeneralSecurityException("keystore params must mot null");
                    }
                    str5 = "XIMTLS";
                } else {
                    if (inputStream == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
                        throw new GeneralSecurityException("keystore params must mot null");
                    }
                    str5 = "MIXTLS";
                }
            } else {
                if (inputStream == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
                    throw new GeneralSecurityException("sign keystore params must mot null");
                }
                str5 = "TLS";
            }
        } else {
            if (inputStream == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || inputStream2 == null || TextUtils.isEmpty(str3) || TextUtils.isEmpty(str4)) {
                throw new GeneralSecurityException("keystore params must mot null");
            }
            str5 = "GMTLSv1.1";
        }
        SSLConnectionSocketFactoryBuilder sslContext = SSLConnectionSocketFactoryBuilder.create().setSslContext(createSSLContext(str5, strArr, inputStream, str, str2, inputStream2, str3, str4));
        if (z) {
            sslContext.setHostnameVerifier(NoopHostnameVerifier.INSTANCE).build();
        }
        return sslContext.build();
    }

    public static SSLConnectionSocketFactory createHttpClientConnectionManagerBuilder(SSL_PROTOCOL ssl_protocol, boolean z, String[] strArr, String str, String str2, String str3, String str4, String str5, String str6) throws GeneralSecurityException, IOException {
        String str7;
        int i = AnonymousClass1.$SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[ssl_protocol.ordinal()];
        if (i != 1) {
            if (i != 2) {
                if (i != 3) {
                    if (i != 4) {
                        if (i != 5) {
                            throw new GeneralSecurityException("unsupported protocol");
                        }
                        throw new GeneralSecurityException("TLSv1.3 not supported yet in twoway ssl");
                    }
                    if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3)) {
                        throw new GeneralSecurityException("keystore params must mot null");
                    }
                    str7 = "XIMTLS";
                } else {
                    if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3)) {
                        throw new GeneralSecurityException("keystore params must mot null");
                    }
                    str7 = "MIXTLS";
                }
            } else {
                if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3)) {
                    throw new GeneralSecurityException("sign keystore params must mot null");
                }
                str7 = "TLS";
            }
        } else {
            if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3) || TextUtils.isEmpty(str4) || TextUtils.isEmpty(str5) || TextUtils.isEmpty(str6)) {
                throw new GeneralSecurityException("keystore params must mot null");
            }
            str7 = "GMTLSv1.1";
        }
        SSLConnectionSocketFactoryBuilder sslContext = SSLConnectionSocketFactoryBuilder.create().setSslContext(createSSLContext(str7, strArr, str, str2, str3, str4, str5, str6));
        if (z) {
            sslContext.setHostnameVerifier(NoopHostnameVerifier.INSTANCE).build();
        }
        return sslContext.build();
    }

    public static OkHttpClient.Builder createOkHttpClientBuilder(SSL_PROTOCOL ssl_protocol, boolean z, boolean z2, String[] strArr) throws GeneralSecurityException, IOException {
        caches.put("IS_IN_OKHTTP", true);
        caches.put("IS_OKHTTP4", Boolean.valueOf(z));
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        ConnectionSpec.Builder builder2 = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS);
        String[] strArr2 = new String[1];
        String str = "GMTLSv1.1";
        strArr2[0] = z ? "TLSv1.2" : "GMTLSv1.1";
        ConnectionSpec build = builder2.tlsVersions(strArr2).cipherSuites("TLS_ECC_WITH_SM4_SM3", "TLS_ECDHE_WITH_SM4_SM3").build();
        ConnectionSpec connectionSpec = ConnectionSpec.MODERN_TLS;
        ArrayList arrayList = new ArrayList();
        int i = AnonymousClass1.$SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[ssl_protocol.ordinal()];
        if (i == 1) {
            arrayList.add(build);
        } else if (i == 2) {
            arrayList.add(connectionSpec);
            str = "TLS";
        } else if (i == 3) {
            str = "MIXTLS";
        } else if (i == 4) {
            str = "XIMTLS";
        } else if (i != 5) {
            str = null;
        } else {
            if (!z) {
                throw new GeneralSecurityException("TLSv1.3 not supported before okhttp4");
            }
            str = "TLSv1.3";
        }
        builder.sslSocketFactory(createSSLSocketFactory(str, strArr), (X509TrustManager) createTrustManager(strArr));
        if (!arrayList.isEmpty()) {
            builder.connectionSpecs(arrayList);
        }
        if (z2) {
            builder.hostnameVerifier(createDefaultHostNameVerifier());
        }
        return builder;
    }

    public static OkHttpClient.Builder createOkHttpClientBuilder(SSL_PROTOCOL ssl_protocol, boolean z, boolean z2, String[] strArr, ExternalCredentialedProvider externalCredentialedProvider) throws GeneralSecurityException, IOException {
        caches.put("IS_IN_OKHTTP", true);
        caches.put("IS_OKHTTP4", Boolean.valueOf(z));
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        ConnectionSpec.Builder builder2 = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS);
        String[] strArr2 = new String[1];
        String str = "GMTLSv1.1";
        strArr2[0] = z ? "TLSv1.2" : "GMTLSv1.1";
        ConnectionSpec build = builder2.tlsVersions(strArr2).cipherSuites("TLS_ECC_WITH_SM4_SM3", "TLS_ECDHE_WITH_SM4_SM3").build();
        ConnectionSpec connectionSpec = ConnectionSpec.MODERN_TLS;
        ArrayList arrayList = new ArrayList();
        if (ssl_protocol == SSL_PROTOCOL.GM) {
            arrayList.add(build);
        } else if (ssl_protocol == SSL_PROTOCOL.GJ) {
            arrayList.add(connectionSpec);
            str = "TLS";
        } else if (ssl_protocol == SSL_PROTOCOL.GMThenGJ) {
            str = "MIXTLS";
        } else {
            if (ssl_protocol != SSL_PROTOCOL.GJThenGM) {
                if (ssl_protocol == SSL_PROTOCOL.TLS13) {
                    throw new GeneralSecurityException("TLSv1.3 not supported yet in twoway ssl");
                }
                throw new GeneralSecurityException("unsupported protocol");
            }
            str = "XIMTLS";
        }
        if (externalCredentialedProvider == null) {
            throw new GeneralSecurityException("externalCredentialedProvider params must mot null");
        }
        builder.sslSocketFactory(createSSLSocketFactory(str, strArr, externalCredentialedProvider), (X509TrustManager) createTrustManager(strArr));
        if (!arrayList.isEmpty()) {
            builder.connectionSpecs(arrayList);
        }
        if (z2) {
            builder.hostnameVerifier(createDefaultHostNameVerifier());
        }
        return builder;
    }

    public static OkHttpClient.Builder createOkHttpClientBuilder(SSL_PROTOCOL ssl_protocol, boolean z, boolean z2, String[] strArr, InputStream inputStream, String str, String str2, InputStream inputStream2, String str3, String str4) throws GeneralSecurityException, IOException {
        String str5;
        caches.put("IS_IN_OKHTTP", true);
        caches.put("IS_OKHTTP4", Boolean.valueOf(z));
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        ConnectionSpec.Builder builder2 = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS);
        String[] strArr2 = new String[1];
        strArr2[0] = z ? "TLSv1.2" : "GMTLSv1.1";
        ConnectionSpec build = builder2.tlsVersions(strArr2).cipherSuites("TLS_ECC_WITH_SM4_SM3", "TLS_ECDHE_WITH_SM4_SM3").build();
        ConnectionSpec connectionSpec = ConnectionSpec.MODERN_TLS;
        ArrayList arrayList = new ArrayList();
        int i = AnonymousClass1.$SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[ssl_protocol.ordinal()];
        if (i == 1) {
            arrayList.add(build);
            if (inputStream == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || inputStream2 == null || TextUtils.isEmpty(str3) || TextUtils.isEmpty(str4)) {
                throw new GeneralSecurityException("keystore params must mot null");
            }
            str5 = "GMTLSv1.1";
        } else if (i == 2) {
            arrayList.add(connectionSpec);
            if (inputStream == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
                throw new GeneralSecurityException("sign keystore params must mot null");
            }
            str5 = "TLS";
        } else if (i != 3) {
            if (i != 4) {
                if (i != 5) {
                    throw new GeneralSecurityException("unsupported protocol");
                }
                throw new GeneralSecurityException("TLSv1.3 not supported yet in twoway ssl");
            }
            if (inputStream == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
                throw new GeneralSecurityException("keystore params must mot null");
            }
            str5 = "XIMTLS";
        } else {
            if (inputStream == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
                throw new GeneralSecurityException("keystore params must mot null");
            }
            str5 = "MIXTLS";
        }
        builder.sslSocketFactory(createSSLSocketFactory(str5, strArr, inputStream, str, str2, inputStream2, str3, str4), (X509TrustManager) createTrustManager(strArr));
        if (!arrayList.isEmpty()) {
            builder.connectionSpecs(arrayList);
        }
        if (z2) {
            builder.hostnameVerifier(createDefaultHostNameVerifier());
        }
        return builder;
    }

    public static OkHttpClient.Builder createOkHttpClientBuilder(SSL_PROTOCOL ssl_protocol, boolean z, boolean z2, String[] strArr, String str, String str2, String str3, String str4, String str5, String str6) throws GeneralSecurityException, IOException {
        caches.put("IS_IN_OKHTTP", true);
        caches.put("IS_OKHTTP4", Boolean.valueOf(z));
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        ConnectionSpec.Builder builder2 = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS);
        String[] strArr2 = new String[1];
        String str7 = "GMTLSv1.1";
        strArr2[0] = z ? "TLSv1.2" : "GMTLSv1.1";
        ConnectionSpec build = builder2.tlsVersions(strArr2).cipherSuites("TLS_ECC_WITH_SM4_SM3", "TLS_ECDHE_WITH_SM4_SM3").build();
        ConnectionSpec connectionSpec = ConnectionSpec.MODERN_TLS;
        ArrayList arrayList = new ArrayList();
        int i = AnonymousClass1.$SwitchMap$cn$com$infosec$mobile$tls$SSL_PROTOCOL[ssl_protocol.ordinal()];
        if (i == 1) {
            arrayList.add(build);
            if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3) || TextUtils.isEmpty(str4) || TextUtils.isEmpty(str5) || TextUtils.isEmpty(str6)) {
                throw new GeneralSecurityException("keystore params must mot null");
            }
        } else if (i == 2) {
            arrayList.add(connectionSpec);
            if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3)) {
                throw new GeneralSecurityException("sign keystore params must mot null");
            }
            str7 = "TLS";
        } else if (i != 3) {
            if (i != 4) {
                if (i != 5) {
                    throw new GeneralSecurityException("unsupported protocol");
                }
                throw new GeneralSecurityException("TLSv1.3 not supported yet in twoway ssl");
            }
            if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3) || TextUtils.isEmpty(str4) || TextUtils.isEmpty(str5) || TextUtils.isEmpty(str6)) {
                throw new GeneralSecurityException("keystore params must mot null");
            }
            str7 = "XIMTLS";
        } else {
            if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3) || TextUtils.isEmpty(str4) || TextUtils.isEmpty(str5) || TextUtils.isEmpty(str6)) {
                throw new GeneralSecurityException("keystore params must mot null");
            }
            str7 = "MIXTLS";
        }
        builder.sslSocketFactory(createSSLSocketFactory(str7, strArr, str, str2, str3, str4, str5, str6), (X509TrustManager) createTrustManager(strArr));
        if (!arrayList.isEmpty()) {
            builder.connectionSpecs(arrayList);
        }
        if (z2) {
            builder.hostnameVerifier(createDefaultHostNameVerifier());
        }
        return builder;
    }

    public static List<ConnectionSpec> createOkHttpConnectionSpecs(boolean z) {
        ConnectionSpec.Builder builder = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS);
        String[] strArr = new String[1];
        strArr[0] = z ? "TLSv1.2" : "GMTLSv1.1";
        return Arrays.asList(builder.tlsVersions(strArr).cipherSuites("TLS_ECC_WITH_SM4_SM3", "TLS_ECDHE_WITH_SM4_SM3").build(), ConnectionSpec.MODERN_TLS);
    }

    public static String version() {
        return BuildConfig.VERSION_NAME;
    }
}
