package com.xunmeng.basiccomponent.pnet.jni.struct;

import android.content.res.Resources;
import android.net.http.X509TrustManagerExtensions;
import android.os.Build;
import android.text.TextUtils;
import com.xunmeng.basiccomponent.pnet.p;
import com.xunmeng.core.ab.a;
import com.xunmeng.core.c.b;
import com.xunmeng.pinduoduo.aop_defensor.f;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.ProxySelector;
import java.net.URI;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: Pdd */
/* loaded from: classes.dex */
public class PnetPlatform {
    private static final String TAG = "PnetPlatform";
    static final boolean isAndroidPlatform = isAndroid();
    private static X509TrustManager pnetTrustManager;

    /* compiled from: Pdd */
    /* loaded from: classes.dex */
    public static final class ProxyInfo {
        public static final int PROXY_TYPE_DIRECT = 0;
        public static final int PROXY_TYPE_HTTP = 1;
        public static final int PROXY_TYPE_HTTP_TUNNEL = 3;
        public static final int PROXY_TYPE_SOCKS = 2;
        public String host;
        public short port;
        public int type = 0;
    }

    /* compiled from: Pdd */
    /* loaded from: classes.dex */
    public static final class VerifyResult {
        public static final int VERIFY_CERT_CHAIN_SUCC = 1;
        public static final int VERIFY_CERT_PIN_SUCC = 2;
        public static final int VERIFY_FAIL = 0;
    }

    static TNetInfo GetNetInfo() {
        return p.a().b();
    }

    static ProxyInfo GetProxyInfo(String str) {
        try {
        } catch (Throwable th) {
            b.e(TAG, "GetProxyInfo t:" + th);
        }
        if (TextUtils.isEmpty(str)) {
            b.e(TAG, "GetProxyInfo but url null");
            return null;
        }
        ProxySelector proxySelector = ProxySelector.getDefault();
        if (proxySelector == null) {
            b.d(TAG, "GetProxyInfo proxySelector null, use system property instead");
            String property = System.getProperty("http.proxyHost");
            String property2 = System.getProperty("http.proxyPort");
            if (!TextUtils.isEmpty(property) && !TextUtils.isEmpty(property2)) {
                ProxyInfo proxyInfo = new ProxyInfo();
                proxyInfo.type = str.startsWith("http://") ? 1 : 3;
                proxyInfo.host = property;
                proxyInfo.port = Short.parseShort(property2);
                return proxyInfo;
            }
            return null;
        }
        List<Proxy> select = proxySelector.select(new URI(str));
        if (select != null && !select.isEmpty()) {
            ProxyInfo proxyInfo2 = new ProxyInfo();
            for (Proxy proxy : select) {
                if (proxy.type() == Proxy.Type.HTTP) {
                    proxyInfo2.type = str.startsWith("http://") ? 1 : 3;
                    proxyInfo2.host = ((InetSocketAddress) proxy.address()).getHostName();
                    proxyInfo2.port = (short) ((InetSocketAddress) proxy.address()).getPort();
                    return proxyInfo2;
                }
            }
            int i = 0;
            Proxy proxy2 = select.get(0);
            if (proxy2.type() != Proxy.Type.DIRECT) {
                i = proxy2.type() == Proxy.Type.HTTP ? 1 : 2;
            }
            proxyInfo2.type = i;
            if (1 == proxyInfo2.type && !str.startsWith("http://")) {
                proxyInfo2.type = 3;
            }
            if (proxyInfo2.type != 0) {
                proxyInfo2.host = ((InetSocketAddress) proxy2.address()).getHostName();
                proxyInfo2.port = (short) ((InetSocketAddress) proxy2.address()).getPort();
            }
            return proxyInfo2;
        }
        return null;
    }

    static int VerifyCertChain(String str, ArrayList<byte[]> arrayList, ArrayList<String> arrayList2) {
        List<Certificate> arrayList3;
        if (!isAndroidPlatform || a.a("ab_pnet_ignore_verify_cert_chain_61000", false)) {
            return 1;
        }
        if (TextUtils.isEmpty(str) || arrayList == null || arrayList.isEmpty()) {
            b.e(TAG, "VerifyCertChain param error1，host:%s", str);
            return 0;
        }
        boolean z = (arrayList2 == null || arrayList2.isEmpty()) ? false : true;
        X509TrustManager pnetTrustManager2 = getPnetTrustManager();
        if (pnetTrustManager2 == null) {
            return 0;
        }
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            X509Certificate[] x509CertificateArr = new X509Certificate[arrayList.size()];
            Iterator<byte[]> it = arrayList.iterator();
            int i = 0;
            while (it.hasNext()) {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(it.next());
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                safeClose(byteArrayInputStream);
                try {
                    b.a(TAG, "issuer:%s, subject:%s, start_ts:%s, end_ts:%s, sigAlgName:%s, publicKeyAlgName:%s", x509Certificate.getIssuerX500Principal().getName(), x509Certificate.getSubjectX500Principal().getName(), x509Certificate.getNotBefore().toString(), x509Certificate.getNotAfter().toString(), x509Certificate.getSigAlgName(), x509Certificate.getPublicKey().getAlgorithm());
                } catch (Throwable unused) {
                }
                x509Certificate.checkValidity();
                x509CertificateArr[i] = x509Certificate;
                i++;
            }
            if (!com.xunmeng.basiccomponent.pnet.b.b.a().a(str, x509CertificateArr[0])) {
                b.e(TAG, "host:%s, cert subject name:%s, verify hostname fail", str, x509CertificateArr[0]);
                return 0;
            }
            if (Build.VERSION.SDK_INT >= 17) {
                try {
                    List<X509Certificate> checkServerTrusted = new X509TrustManagerExtensions(pnetTrustManager2).checkServerTrusted(x509CertificateArr, "RSA", str);
                    if (!z) {
                        return 1;
                    }
                    arrayList3 = new ArrayList<>(checkServerTrusted);
                } catch (Throwable th) {
                    b.e(TAG, "checkServerTrusted failed:%s", f.a(th));
                    return 0;
                }
            } else {
                try {
                    arrayList3 = com.xunmeng.basiccomponent.pnet.a.a.a(pnetTrustManager2).a(new ArrayList(Arrays.asList(x509CertificateArr)));
                    if (!z) {
                        return 1;
                    }
                } catch (Throwable th2) {
                    b.e(TAG, "PnetCertificateChainChecker check fail:%s", f.a(th2));
                    return 0;
                }
            }
            if (arrayList3 != null && !arrayList3.isEmpty()) {
                return hitCertificatePinner(arrayList3, arrayList2) ? 2 : 0;
            }
            b.e(TAG, "certificatePinner fail");
            return 0;
        } catch (CertificateException e) {
            b.e(TAG, "step2 fail:CertificateException:%s", e.getMessage());
            return 0;
        } catch (Throwable th3) {
            b.e(TAG, "step2 fail:%s", f.a(th3));
            return 0;
        }
    }

    private static X509TrustManager getPnetTrustManager() {
        if (pnetTrustManager == null) {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init((KeyStore) null);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                    pnetTrustManager = (X509TrustManager) trustManagers[0];
                }
                b.e(TAG, "Unexpected default trust managers:" + Arrays.toString(trustManagers));
            } catch (Resources.NotFoundException e) {
                b.e(TAG, "getlatformTrustManager:Resources.NotFoundException:%s", e.getMessage());
            } catch (GeneralSecurityException e2) {
                b.e(TAG, "platformTrustManager:GeneralSecurityException:%s", e2.getMessage());
            } catch (Throwable unused) {
            }
            return null;
        }
        return pnetTrustManager;
    }

    /* JADX WARN: Removed duplicated region for block: B:29:0x0029 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    static boolean hitCertificatePinner(java.util.List<java.security.cert.Certificate> r9, java.util.ArrayList<java.lang.String> r10) {
        /*
            java.lang.String r0 = "PnetPlatform"
            r1 = 0
            r2 = 1
            java.util.Iterator r9 = r9.iterator()     // Catch: java.lang.Throwable -> L80
            r3 = 0
        L9:
            boolean r4 = r9.hasNext()     // Catch: java.lang.Throwable -> L7e
            if (r4 == 0) goto L8f
            java.lang.Object r4 = r9.next()     // Catch: java.lang.Throwable -> L7e
            java.security.cert.Certificate r4 = (java.security.cert.Certificate) r4     // Catch: java.lang.Throwable -> L7e
            if (r4 != 0) goto L18
            goto L9
        L18:
            r5 = r4
            java.security.cert.X509Certificate r5 = (java.security.cert.X509Certificate) r5     // Catch: java.lang.Throwable -> L7e
            java.lang.String r5 = sha256(r5)     // Catch: java.lang.Throwable -> L7e
            java.security.cert.X509Certificate r4 = (java.security.cert.X509Certificate) r4     // Catch: java.lang.Throwable -> L7e
            java.lang.String r4 = sha1(r4)     // Catch: java.lang.Throwable -> L7e
            java.util.Iterator r6 = r10.iterator()     // Catch: java.lang.Throwable -> L7e
        L29:
            boolean r7 = r6.hasNext()     // Catch: java.lang.Throwable -> L7e
            if (r7 == 0) goto L9
            java.lang.Object r7 = r6.next()     // Catch: java.lang.Throwable -> L7e
            java.lang.String r7 = (java.lang.String) r7     // Catch: java.lang.Throwable -> L7e
            boolean r8 = android.text.TextUtils.isEmpty(r7)     // Catch: java.lang.Throwable -> L7e
            if (r8 == 0) goto L3c
            goto L29
        L3c:
            java.lang.String r8 = "sha256/"
            boolean r8 = r7.startsWith(r8)     // Catch: java.lang.Throwable -> L7e
            if (r8 == 0) goto L5c
            if (r5 == 0) goto L7b
            r8 = 7
            java.lang.String r7 = r7.substring(r8)     // Catch: java.lang.Throwable -> L7e
            boolean r7 = r5.equalsIgnoreCase(r7)     // Catch: java.lang.Throwable -> L7e
            if (r7 == 0) goto L7b
            java.lang.String r4 = "hitCertificatePinner:sha256:%s"
            java.lang.Object[] r6 = new java.lang.Object[r2]     // Catch: java.lang.Throwable -> L7e
            r6[r1] = r5     // Catch: java.lang.Throwable -> L7e
            com.xunmeng.core.c.b.a(r0, r4, r6)     // Catch: java.lang.Throwable -> L7e
        L5a:
            r3 = 1
            goto L9
        L5c:
            java.lang.String r8 = "sha1/"
            boolean r8 = r7.startsWith(r8)     // Catch: java.lang.Throwable -> L7e
            if (r8 == 0) goto L7b
            if (r4 == 0) goto L7b
            r8 = 5
            java.lang.String r7 = r7.substring(r8)     // Catch: java.lang.Throwable -> L7e
            boolean r7 = r4.equalsIgnoreCase(r7)     // Catch: java.lang.Throwable -> L7e
            if (r7 == 0) goto L7b
            java.lang.String r5 = "hitCertificatePinner:sha1:%s"
            java.lang.Object[] r6 = new java.lang.Object[r2]     // Catch: java.lang.Throwable -> L7e
            r6[r1] = r4     // Catch: java.lang.Throwable -> L7e
            com.xunmeng.core.c.b.a(r0, r5, r6)     // Catch: java.lang.Throwable -> L7e
            goto L5a
        L7b:
            if (r3 == 0) goto L29
            goto L9
        L7e:
            r9 = move-exception
            goto L82
        L80:
            r9 = move-exception
            r3 = 0
        L82:
            java.lang.Object[] r10 = new java.lang.Object[r2]
            java.lang.String r9 = com.xunmeng.pinduoduo.aop_defensor.f.a(r9)
            r10[r1] = r9
            java.lang.String r9 = "hitCertificatePinner:%s"
            com.xunmeng.core.c.b.e(r0, r9, r10)
        L8f:
            return r3
        */
        throw new UnsupportedOperationException("Method not decompiled: com.xunmeng.basiccomponent.pnet.jni.struct.PnetPlatform.hitCertificatePinner(java.util.List, java.util.ArrayList):boolean");
    }

    private static boolean isAndroid() {
        return f.a("Dalvik", (Object) System.getProperty("java.vm.name"));
    }

    private static void safeClose(Closeable closeable) {
        try {
            closeable.close();
        } catch (Throwable th) {
            b.e(TAG, "safeClose:%s", f.a(th));
        }
    }

    private static String sha1(X509Certificate x509Certificate) {
        a.f a2;
        try {
            a2 = a.f.a(x509Certificate.getEncoded()).b();
        } catch (CertificateEncodingException unused) {
            a2 = a.f.a("sha1 CertificateEncodingException is occur");
        }
        return a2 != null ? a2.d() : "";
    }

    private static String sha256(X509Certificate x509Certificate) {
        a.f a2;
        try {
            a2 = a.f.a(x509Certificate.getEncoded()).c();
        } catch (CertificateEncodingException unused) {
            a2 = a.f.a("sha256 CertificateEncodingException is occur");
        }
        return a2 != null ? a2.d() : "";
    }
}
