package cn.com.bouncycastle.tls;

import cn.com.bouncycastle.jce.provider.ISecBouncyCastleProvider;
import cn.com.bouncycastle.jsse.provider.BouncyCastleJsseProvider;
import cn.com.bouncycastle.jsse.provider.ProvX509KeyManagerExternal;
import cn.com.bouncycastle.tls.crypto.impl.external.ExternalCredentialedProvider;
import cn.com.bouncycastle.util.encoders.Base64;
import cn.com.bouncycastle.util.encoders.DecoderException;
import com.hundsun.khylib.ca.CertificateHandle;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes.dex */
public class TLSUtils {
    public static Map<String, Object> caches = new HashMap();

    /* JADX WARN: Type inference failed for: r0v4, types: [cn.com.bouncycastle.tls.TLSUtils$1] */
    static {
        ISecBouncyCastleProvider iSecBouncyCastleProvider = new ISecBouncyCastleProvider();
        try {
            boolean z = TLSUtils.class.getClassLoader().loadClass("com.tencent.soter.core.SoterCore") != null;
            System.out.println("SoterExist:" + z);
            if (z) {
                iSecBouncyCastleProvider.remove("Alg.Alias.Signature.SHA256withRSA/PSS");
                iSecBouncyCastleProvider.remove("Alg.Alias.Signature.SHA256WithRSA/PSS");
                iSecBouncyCastleProvider.remove("Alg.Alias.Signature.SHA256withRSASSA-PSS");
                iSecBouncyCastleProvider.remove("Alg.Alias.Signature.SHA256WithRSASSA-PSS");
                iSecBouncyCastleProvider.remove("Alg.Alias.Signature.SHA256WITHRSASSA-PSS");
            }
        } catch (ClassNotFoundException unused) {
        }
        Security.addProvider(iSecBouncyCastleProvider);
        Security.addProvider(new BouncyCastleJsseProvider(ISecBouncyCastleProvider.PROVIDER_NAME));
        caches.put("PLATFORM", "Java");
        new Thread() { // from class: cn.com.bouncycastle.tls.TLSUtils.1
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                super.run();
                try {
                    CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateHandle.X509, ISecBouncyCastleProvider.PROVIDER_NAME);
                    X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode("MIIBzTCCAXCgAwIBAgIGAXKnMKNyMAwGCCqBHM9VAYN1BQAwSTELMAkGA1UEBhMCQ04xDjAMBgNVBAoTBUdNU1NMMRAwDgYDVQQLEwdQS0kvU00yMRgwFgYDVQQDEw9Sb290Q0EgZm9yIFRlc3QwIhgPMjAxNTEyMzExNjAwMDBaGA8yMDM1MTIzMDE2MDAwMFowSTELMAkGA1UEBhMCQ04xDjAMBgNVBAoTBUdNU1NMMRAwDgYDVQQLEwdQS0kvU00yMRgwFgYDVQQDEw9Sb290Q0EgZm9yIFRlc3QwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATj+apYlL+ddWXZ7+mFZXZJGbcJFXUN+Fszz6humeyWZP4qEEr2N0+aZdwo/21ft232yo0jPLzdscKB261zSQXSoz4wPDAZBgNVHQ4EEgQQnGnsD7oaOcWv6CTrspwSBDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIAxjAMBggqgRzPVQGDdQUAA0kAMEYCIQCEnW5BlQh0vmsOLxSoXYc/7zs++wWyFc1tnBHENR4ElwIhAI1Lwu6in1ruflZhzseWulXwcITf3bm/Y5X1g1XFWQUH")));
                    TLSUtils.caches.put("CertificateFactory", certificateFactory);
                    x509Certificate.checkValidity();
                    PublicKey publicKey = x509Certificate.getPublicKey();
                    System.out.println(publicKey.getAlgorithm());
                    Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
                    signature.initVerify(publicKey);
                    signature.update(x509Certificate.getTBSCertificate());
                    boolean verify = signature.verify(x509Certificate.getSignature());
                    System.out.println("Verified:" + verify);
                } catch (InvalidKeyException e) {
                    e.printStackTrace();
                } catch (NoSuchAlgorithmException e2) {
                    e2.printStackTrace();
                } catch (NoSuchProviderException e3) {
                    e3.printStackTrace();
                } catch (SignatureException e4) {
                    e4.printStackTrace();
                } catch (CertificateException e5) {
                    e5.printStackTrace();
                }
            }
        }.start();
    }

    public static java.security.cert.Certificate buildCert(CertificateFactory certificateFactory, String str) {
        File file = new File(str);
        if (!file.exists()) {
            return buildCertFromBase64(certificateFactory, str);
        }
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
            StringBuilder sb = new StringBuilder();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null || readLine.length() <= 0) {
                    break;
                }
                sb.append(readLine);
            }
            java.security.cert.Certificate buildCertFromBase64 = buildCertFromBase64(certificateFactory, sb.toString());
            return buildCertFromBase64 != null ? buildCertFromBase64 : certificateFactory.generateCertificate(new FileInputStream(file));
        } catch (FileNotFoundException | IOException | CertificateException unused) {
            return null;
        }
    }

    private static java.security.cert.Certificate buildCertFromBase64(CertificateFactory certificateFactory, String str) {
        try {
            return certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(str.replace("-----BEGIN CERTIFICATE-----", "").replace("-----END CERTIFICATE-----", "").replace("\n", ""))));
        } catch (DecoderException | CertificateException unused) {
            return null;
        }
    }

    public static HostnameVerifier createDefaultHostNameVerifier() {
        return new HostnameVerifier() { // from class: cn.com.bouncycastle.tls.TLSUtils.2
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        };
    }

    private static KeyManager[] createExternalKeyManagers(ExternalCredentialedProvider externalCredentialedProvider) throws GeneralSecurityException {
        return new KeyManager[]{new ProvX509KeyManagerExternal(externalCredentialedProvider, false), new ProvX509KeyManagerExternal(externalCredentialedProvider, true)};
    }

    public static SSLContext createSSLContext(String str, String[] strArr) throws GeneralSecurityException, DecoderException, IOException {
        return createSSLContext(str, strArr, null);
    }

    public static SSLContext createSSLContext(String str, String[] strArr, ExternalCredentialedProvider externalCredentialedProvider) throws IOException, DecoderException, GeneralSecurityException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateHandle.X509, ISecBouncyCastleProvider.PROVIDER_NAME);
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(null, null);
        for (int i = 0; i < strArr.length; i++) {
            keyStore.setCertificateEntry("ca" + i, buildCert(certificateFactory, strArr[i]));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore);
        SSLContext sSLContext = SSLContext.getInstance(str, BouncyCastleJsseProvider.PROVIDER_NAME);
        sSLContext.init(externalCredentialedProvider != null ? createExternalKeyManagers(externalCredentialedProvider) : null, trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    public static SSLContext createSSLContext(String str, String[] strArr, InputStream inputStream, String str2, String str3, InputStream inputStream2, String str4, String str5) throws CertificateException, DecoderException, NoSuchProviderException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateHandle.X509, ISecBouncyCastleProvider.PROVIDER_NAME);
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(null, null);
        for (int i = 0; i < strArr.length; i++) {
            keyStore.setCertificateEntry("ca" + i, buildCert(certificateFactory, strArr[i]));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        KeyStore keyStore2 = KeyStore.getInstance("PKCS12", new ISecBouncyCastleProvider());
        keyStore2.load(inputStream, str2.toCharArray());
        keyManagerFactory.init(keyStore2, str3.toCharArray());
        if (inputStream2 != null && str4 != null && str5 != null) {
            KeyStore keyStore3 = KeyStore.getInstance("PKCS12", new ISecBouncyCastleProvider());
            keyStore3.load(inputStream2, str4.toCharArray());
            keyManagerFactory.init(keyStore3, str5.toCharArray());
        }
        SSLContext sSLContext = SSLContext.getInstance(str, BouncyCastleJsseProvider.PROVIDER_NAME);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    public static SSLContext createSSLContext(String str, String[] strArr, String str2, String str3, String str4, String str5, String str6, String str7) throws CertificateException, DecoderException, NoSuchProviderException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateHandle.X509, ISecBouncyCastleProvider.PROVIDER_NAME);
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(null, null);
        for (int i = 0; i < strArr.length; i++) {
            keyStore.setCertificateEntry("ca" + i, buildCert(certificateFactory, strArr[i]));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        KeyStore keyStore2 = KeyStore.getInstance("PKCS12", new ISecBouncyCastleProvider());
        keyStore2.load(new FileInputStream(str2), str3.toCharArray());
        keyManagerFactory.init(keyStore2, str4.toCharArray());
        if (str5 != null && str6 != null && str7 != null) {
            KeyStore keyStore3 = KeyStore.getInstance("PKCS12", new ISecBouncyCastleProvider());
            keyStore3.load(new FileInputStream(str5), str6.toCharArray());
            keyManagerFactory.init(keyStore3, str7.toCharArray());
        }
        SSLContext sSLContext = SSLContext.getInstance(str, BouncyCastleJsseProvider.PROVIDER_NAME);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    public static SSLSocketFactory createSSLSocketFactory(String str, String[] strArr) throws GeneralSecurityException, DecoderException, IOException {
        return createSSLSocketFactory(str, strArr, null);
    }

    public static SSLSocketFactory createSSLSocketFactory(String str, String[] strArr, ExternalCredentialedProvider externalCredentialedProvider) throws GeneralSecurityException, DecoderException, IOException {
        return createSSLContext(str, strArr, externalCredentialedProvider).getSocketFactory();
    }

    public static SSLSocketFactory createSSLSocketFactory(String str, String[] strArr, InputStream inputStream, String str2, String str3, InputStream inputStream2, String str4, String str5) throws GeneralSecurityException, DecoderException, IOException {
        return createSSLContext(str, strArr, inputStream, str2, str3, inputStream2, str4, str5).getSocketFactory();
    }

    public static SSLSocketFactory createSSLSocketFactory(String str, String[] strArr, String str2, String str3, String str4, String str5, String str6, String str7) throws GeneralSecurityException, DecoderException, IOException {
        File file = new File(str2);
        if (file.exists()) {
            FileInputStream fileInputStream = new FileInputStream(file);
            File file2 = new File(str5);
            return createSSLSocketFactory(str, strArr, fileInputStream, str3, str4, file2.exists() ? new FileInputStream(file2) : null, str6, str7);
        }
        throw new IOException("file not exist:" + str2);
    }

    public static TrustManager createTrustManager(String[] strArr) throws GeneralSecurityException, DecoderException, IOException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateHandle.X509, ISecBouncyCastleProvider.PROVIDER_NAME);
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(null, null);
        for (int i = 0; i < strArr.length; i++) {
            keyStore.setCertificateEntry("ca" + i, buildCert(certificateFactory, strArr[i]));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers()[0];
    }

    public static String getVersionName() {
        return "2.0.4.0";
    }
}
