package ak.im.module;

import ak.im.utils.Log;
import ak.im.utils.c4;
import ak.im.utils.i5;
import android.util.Base64;
import java.net.URL;
import java.security.KeyStore;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class AkeyChatX509PrivateCA implements X509TrustManager {
    private static final String TAG = "AkeyChatX509PrivateCA";

    /* renamed from: b, reason: collision with root package name */
    X509TrustManager f1290b;
    private String domain;
    private URL mUrl;

    public AkeyChatX509PrivateCA(URL url) throws CertificateException {
        this.mUrl = url;
        this.domain = url == null ? "" : url.getHost();
        Log.i(TAG, "x509 cert verification for url " + url + ", domain " + this.domain);
        systemDefaultTrustManager();
    }

    private boolean checkCertificateBySelf(X509TrustManager x509TrustManager, X509Certificate[] x509CertificateArr) {
        Principal principal;
        X509Certificate x509Certificate;
        int length;
        boolean z;
        X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
        X509Certificate x509Certificate2 = x509CertificateArr[x509CertificateArr.length - 1];
        int length2 = acceptedIssuers.length;
        int i = 0;
        while (true) {
            principal = null;
            if (i >= length2) {
                x509Certificate = null;
                break;
            }
            x509Certificate = acceptedIssuers[i];
            if (x509Certificate.getSubjectDN().equals(x509Certificate2.getIssuerDN())) {
                break;
            }
            i++;
        }
        if (x509Certificate == null) {
            Log.i(TAG, "checkCertificateBySelf local is not exist");
            return false;
        }
        if (x509Certificate2.getSubjectDN().equals(x509Certificate2.getIssuerDN())) {
            x509CertificateArr[x509CertificateArr.length - 1] = x509Certificate;
            Log.i(TAG, "server certificate is root,replace local certificate to server");
            length = x509CertificateArr.length - 1;
            z = false;
        } else {
            length = x509CertificateArr.length;
            z = true;
        }
        int i2 = length;
        while (i2 >= 0) {
            Log.i(TAG, "checkCertificateBySelf " + i2);
            X509Certificate x509Certificate3 = (z && i2 == length) ? x509Certificate : x509CertificateArr[i2];
            Principal issuerDN = x509Certificate3.getIssuerDN();
            Principal subjectDN = x509Certificate3.getSubjectDN();
            if (principal != null) {
                if (!issuerDN.equals(principal)) {
                    Log.i(TAG, "checkCertificateBySelf dn is not match,sd is " + principal + ",id is " + issuerDN);
                    return false;
                }
                try {
                    x509CertificateArr[i2].verify(x509CertificateArr[i2 + 1].getPublicKey());
                } catch (Exception unused) {
                    Log.i(TAG, "checkCertificateBySelf publickey is not match");
                    return false;
                }
            }
            i2--;
            principal = subjectDN;
        }
        return true;
    }

    private static X509Certificate clientBootstrapCertInfo() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (nextElement.equals("AKeyChatAndroidBootstrapCertificate")) {
                    return (X509Certificate) keyStore.getCertificate(nextElement);
                }
            }
        } catch (Exception e) {
            Log.e(TAG, "e:\n" + e.getMessage());
        }
        return null;
    }

    private static void getCertInfo(X509Certificate x509Certificate, ArrayList<String> arrayList) throws CertificateParsingException {
        arrayList.add("Subject commonName=" + x509Certificate.getSubjectDN().getName());
        arrayList.add("SerialNum=" + x509Certificate.getSerialNumber().toString());
        arrayList.add("NotBefore=" + c4.getFormatedTime(x509Certificate.getNotBefore().getTime(), "yyyy-MM-dd HH:mm:ss"));
        arrayList.add("NotAfter=" + c4.getFormatedTime(x509Certificate.getNotAfter().getTime(), "yyyy-MM-dd HH:mm:ss"));
        arrayList.add("Issuser=" + x509Certificate.getIssuerDN().toString());
        arrayList.add("X509v3 Subject Alternative Name");
        Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
        if (subjectAlternativeNames != null) {
            for (List<?> list : subjectAlternativeNames) {
                Integer num = (Integer) list.get(0);
                if (num.intValue() == 2) {
                    arrayList.add("dns=" + list.get(1));
                } else if (num.intValue() == 7) {
                    arrayList.add("ip=" + list.get(1));
                }
            }
        }
        arrayList.add("\n");
    }

    /* JADX WARN: Code restructure failed: missing block: B:41:0x00b7, code lost:
    
        if (r1 == null) goto L35;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String localCertInfo() {
        /*
            java.lang.String r0 = "localCertInfo"
            r1 = 0
            java.util.ArrayList r2 = new java.util.ArrayList     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            r2.<init>()     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            java.lang.String r3 = "MTLS:"
            r2.add(r3)     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            java.security.cert.X509Certificate r3 = clientBootstrapCertInfo()     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            if (r3 == 0) goto L16
            getCertInfo(r3, r2)     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
        L16:
            java.lang.String r3 = "IN APP:"
            r2.add(r3)     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            android.content.Context r3 = ak.im.f1.get()     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            android.content.res.Resources r3 = r3.getResources()     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            int r4 = ak.im.r1.trusted     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            java.io.InputStream r3 = r3.openRawResource(r4)     // Catch: java.lang.Throwable -> L7c android.content.res.Resources.NotFoundException -> L7e java.security.cert.CertificateException -> L9c
            java.lang.String r4 = "X.509"
            java.security.cert.CertificateFactory r4 = java.security.cert.CertificateFactory.getInstance(r4)     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            java.util.Collection r4 = r4.generateCertificates(r3)     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            r5 = 0
            java.security.cert.X509Certificate[] r6 = new java.security.cert.X509Certificate[r5]     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            java.lang.Object[] r4 = r4.toArray(r6)     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            java.security.cert.X509Certificate[] r4 = (java.security.cert.X509Certificate[]) r4     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
        L3c:
            int r6 = r4.length     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            if (r5 >= r6) goto L47
            r6 = r4[r5]     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            getCertInfo(r6, r2)     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            int r5 = r5 + 1
            goto L3c
        L47:
            int r4 = r2.size()     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            if (r4 <= 0) goto L67
            java.lang.String r4 = "\n"
            java.lang.String r1 = ak.im.utils.i5.generateListString(r2, r4)     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            r2.<init>()     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            java.lang.String r4 = "infostr:\n"
            r2.append(r4)     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            r2.append(r1)     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
            ak.im.utils.Log.i(r0, r2)     // Catch: java.lang.Throwable -> L6d android.content.res.Resources.NotFoundException -> L70 java.security.cert.CertificateException -> L76
        L67:
            if (r3 == 0) goto Lbd
            r3.close()     // Catch: java.io.IOException -> Lbd
            goto Lbd
        L6d:
            r0 = move-exception
            r1 = r3
            goto Lbe
        L70:
            r2 = move-exception
            r7 = r2
            r2 = r1
            r1 = r3
            r3 = r7
            goto L81
        L76:
            r2 = move-exception
            r7 = r2
            r2 = r1
            r1 = r3
            r3 = r7
            goto L9f
        L7c:
            r0 = move-exception
            goto Lbe
        L7e:
            r2 = move-exception
            r3 = r2
            r2 = r1
        L81:
            java.lang.StringBuilder r4 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L7c
            r4.<init>()     // Catch: java.lang.Throwable -> L7c
            java.lang.String r5 = "NotFoundException: "
            r4.append(r5)     // Catch: java.lang.Throwable -> L7c
            java.lang.String r3 = r3.getMessage()     // Catch: java.lang.Throwable -> L7c
            r4.append(r3)     // Catch: java.lang.Throwable -> L7c
            java.lang.String r3 = r4.toString()     // Catch: java.lang.Throwable -> L7c
            ak.im.utils.Log.e(r0, r3)     // Catch: java.lang.Throwable -> L7c
            if (r1 == 0) goto Lbc
            goto Lb9
        L9c:
            r2 = move-exception
            r3 = r2
            r2 = r1
        L9f:
            java.lang.StringBuilder r4 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L7c
            r4.<init>()     // Catch: java.lang.Throwable -> L7c
            java.lang.String r5 = "CertificateException: "
            r4.append(r5)     // Catch: java.lang.Throwable -> L7c
            java.lang.String r3 = r3.getMessage()     // Catch: java.lang.Throwable -> L7c
            r4.append(r3)     // Catch: java.lang.Throwable -> L7c
            java.lang.String r3 = r4.toString()     // Catch: java.lang.Throwable -> L7c
            ak.im.utils.Log.e(r0, r3)     // Catch: java.lang.Throwable -> L7c
            if (r1 == 0) goto Lbc
        Lb9:
            r1.close()     // Catch: java.io.IOException -> Lbc
        Lbc:
            r1 = r2
        Lbd:
            return r1
        Lbe:
            if (r1 == 0) goto Lc3
            r1.close()     // Catch: java.io.IOException -> Lc3
        Lc3:
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: ak.im.module.AkeyChatX509PrivateCA.localCertInfo():java.lang.String");
    }

    private void logServerCertificate(X509Certificate[] x509CertificateArr) {
        int i;
        try {
            if (x509CertificateArr.length > 0) {
                String encodeToString = Base64.encodeToString(x509CertificateArr[0].getEncoded(), 2);
                ArrayList arrayList = new ArrayList();
                arrayList.add("-----BEGIN CERTIFICATE-----");
                if (encodeToString.length() > 0) {
                    int length = encodeToString.length() / 64;
                    int length2 = encodeToString.length() % 64;
                    if (length2 != 0) {
                        length++;
                    }
                    for (int i2 = 0; i2 < length; i2++) {
                        int i3 = i2 * 64;
                        if (i2 == length - 1 && length2 != 0) {
                            i = length2;
                            arrayList.add(encodeToString.substring(i3, i + i3));
                        }
                        i = 64;
                        arrayList.add(encodeToString.substring(i3, i + i3));
                    }
                }
                arrayList.add("-----END CERTIFICATE-----");
                Log.e(TAG, "Server X509Certificate:\n" + i5.generateListString(arrayList, "\n"));
            }
        } catch (Exception e) {
            e.printStackTrace();
            Log.i(TAG, "logServerCertificate failed ,msg is " + e.getMessage());
        }
    }

    private int match(String str, String str2) {
        int i = (str == null || str2 == null) ? -1 : 0;
        if (i == 0) {
            if (str.equalsIgnoreCase(str2)) {
                i = 1;
            } else if (str.startsWith("*.") && str2.toLowerCase().endsWith(str.substring(2).toLowerCase())) {
                i = 2;
            }
        }
        Log.i(TAG, "src:[" + str + "],dest:[" + str2 + "],res:[" + i + "]");
        return i;
    }

    public static Date[] mtlsDateValidity() {
        X509Certificate clientBootstrapCertInfo = clientBootstrapCertInfo();
        if (clientBootstrapCertInfo != null) {
            return new Date[]{clientBootstrapCertInfo.getNotBefore(), clientBootstrapCertInfo.getNotAfter()};
        }
        return null;
    }

    public static String[] mtlsValidity() {
        X509Certificate clientBootstrapCertInfo = clientBootstrapCertInfo();
        if (clientBootstrapCertInfo != null) {
            return new String[]{c4.getFormatedTime(clientBootstrapCertInfo.getNotBefore().getTime(), "yyyy-MM-dd HH:mm:ss"), c4.getFormatedTime(clientBootstrapCertInfo.getNotAfter().getTime(), "yyyy-MM-dd HH:mm:ss")};
        }
        return null;
    }

    /* JADX WARN: Code restructure failed: missing block: B:33:0x00c4, code lost:
    
        if (r1 != null) goto L57;
     */
    /* JADX WARN: Code restructure failed: missing block: B:36:0x00f7, code lost:
    
        r1.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:42:0x00f5, code lost:
    
        if (r1 == null) goto L39;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:58:0x0127  */
    /* JADX WARN: Type inference failed for: r5v2 */
    /* JADX WARN: Type inference failed for: r5v3 */
    /* JADX WARN: Type inference failed for: r5v4 */
    /* JADX WARN: Type inference failed for: r5v5 */
    /* JADX WARN: Type inference failed for: r5v7, types: [java.security.KeyStore] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void systemDefaultTrustManager() {
        /*
            Method dump skipped, instructions count: 312
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ak.im.module.AkeyChatX509PrivateCA.systemDefaultTrustManager():void");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
    }

    /* JADX WARN: Removed duplicated region for block: B:57:0x01cc A[EXC_TOP_SPLITTER, SYNTHETIC] */
    @Override // javax.net.ssl.X509TrustManager
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void checkServerTrusted(java.security.cert.X509Certificate[] r18, java.lang.String r19) throws java.security.cert.CertificateException {
        /*
            Method dump skipped, instructions count: 687
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ak.im.module.AkeyChatX509PrivateCA.checkServerTrusted(java.security.cert.X509Certificate[], java.lang.String):void");
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
