package cn.com.bouncycastle.tls;

import cn.com.bouncycastle.jsse.provider.BouncyCastleJsseProvider;
import cn.com.bouncycastle.jsse.provider.ProvX509KeyManagerExternal;
import cn.com.bouncycastle.tls.crypto.impl.external.ExternalCredentialedProvider;
import d.c.n.s;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: classes.dex */
public class TLSUtils {
    static {
        Provider provider = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME);
        if (provider == null) {
            Security.addProvider(new BouncyCastleProvider());
        } else if (provider.getVersion() < 1.62d || !"org.bouncycastle.jce.provider.BouncyCastleProvider".equals(provider.getClass().getName())) {
            Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
            Security.addProvider(new BouncyCastleProvider());
        }
        Security.addProvider(new BouncyCastleJsseProvider(BouncyCastleProvider.PROVIDER_NAME));
    }

    public static HostnameVerifier createDefaultHostNameVerifier() {
        return new HostnameVerifier() { // from class: cn.com.bouncycastle.tls.TLSUtils.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        };
    }

    private static KeyManager[] createExternalKeyManagers(ExternalCredentialedProvider externalCredentialedProvider) throws GeneralSecurityException {
        return new KeyManager[]{new ProvX509KeyManagerExternal(externalCredentialedProvider, false), new ProvX509KeyManagerExternal(externalCredentialedProvider, true)};
    }

    public static SSLContext createSSLContext(String str, String[] strArr) throws GeneralSecurityException, IOException {
        return createSSLContext(str, strArr, null);
    }

    public static SSLContext createSSLContext(String str, String[] strArr, ExternalCredentialedProvider externalCredentialedProvider) throws IOException, GeneralSecurityException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        KeyStore keyStore = KeyStore.getInstance(s.f4927d);
        keyStore.load(null, null);
        filterCerts(strArr);
        for (int i2 = 0; i2 < strArr.length; i2++) {
            keyStore.setCertificateEntry("ca" + i2, certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(strArr[i2]))));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore);
        SSLContext sSLContext = SSLContext.getInstance(str, BouncyCastleJsseProvider.PROVIDER_NAME);
        sSLContext.init(externalCredentialedProvider != null ? createExternalKeyManagers(externalCredentialedProvider) : null, trustManagerFactory.getTrustManagers(), SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
        return sSLContext;
    }

    public static SSLContext createSSLContext(String str, String[] strArr, InputStream inputStream, String str2, String str3, InputStream inputStream2, String str4, String str5) throws CertificateException, NoSuchProviderException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        KeyStore keyStore = KeyStore.getInstance(s.f4927d);
        keyStore.load(null, null);
        filterCerts(strArr);
        for (int i2 = 0; i2 < strArr.length; i2++) {
            keyStore.setCertificateEntry("ca" + i2, certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(strArr[i2]))));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        KeyStore keyStore2 = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
        keyStore2.load(inputStream, str2.toCharArray());
        keyManagerFactory.init(keyStore2, str3.toCharArray());
        if (inputStream2 != null && str4 != null && str5 != null) {
            KeyStore keyStore3 = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
            keyStore3.load(inputStream2, str4.toCharArray());
            keyManagerFactory.init(keyStore3, str5.toCharArray());
        }
        SSLContext sSLContext = SSLContext.getInstance(str, BouncyCastleJsseProvider.PROVIDER_NAME);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
        return sSLContext;
    }

    public static SSLContext createSSLContext(String str, String[] strArr, String str2, String str3, String str4, String str5, String str6, String str7) throws CertificateException, NoSuchProviderException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        KeyStore keyStore = KeyStore.getInstance(s.f4927d);
        keyStore.load(null, null);
        filterCerts(strArr);
        for (int i2 = 0; i2 < strArr.length; i2++) {
            keyStore.setCertificateEntry("ca" + i2, certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(strArr[i2]))));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        KeyStore keyStore2 = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
        keyStore2.load(new FileInputStream(str2), str3.toCharArray());
        keyManagerFactory.init(keyStore2, str4.toCharArray());
        if (str5 != null && str6 != null && str7 != null) {
            KeyStore keyStore3 = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
            keyStore3.load(new FileInputStream(str5), str6.toCharArray());
            keyManagerFactory.init(keyStore3, str7.toCharArray());
        }
        SSLContext sSLContext = SSLContext.getInstance(str, BouncyCastleJsseProvider.PROVIDER_NAME);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
        return sSLContext;
    }

    public static SSLSocketFactory createSSLSocketFactory(String str, String[] strArr) throws GeneralSecurityException, IOException {
        return createSSLSocketFactory(str, strArr, null);
    }

    public static SSLSocketFactory createSSLSocketFactory(String str, String[] strArr, ExternalCredentialedProvider externalCredentialedProvider) throws GeneralSecurityException, IOException {
        return createSSLContext(str, strArr, externalCredentialedProvider).getSocketFactory();
    }

    public static SSLSocketFactory createSSLSocketFactory(String str, String[] strArr, InputStream inputStream, String str2, String str3, InputStream inputStream2, String str4, String str5) throws GeneralSecurityException, IOException {
        return createSSLContext(str, strArr, inputStream, str2, str3, inputStream2, str4, str5).getSocketFactory();
    }

    public static SSLSocketFactory createSSLSocketFactory(String str, String[] strArr, String str2, String str3, String str4, String str5, String str6, String str7) throws GeneralSecurityException, IOException {
        File file = new File(str2);
        if (file.exists()) {
            FileInputStream fileInputStream = new FileInputStream(file);
            File file2 = new File(str5);
            return createSSLSocketFactory(str, strArr, fileInputStream, str3, str4, file2.exists() ? new FileInputStream(file2) : null, str6, str7);
        }
        throw new IOException("file not exist:" + str2);
    }

    public static TrustManager createTrustManager(String[] strArr) throws GeneralSecurityException, IOException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        KeyStore keyStore = KeyStore.getInstance(s.f4927d);
        keyStore.load(null, null);
        for (int i2 = 0; i2 < strArr.length; i2++) {
            keyStore.setCertificateEntry("ca" + i2, certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(strArr[i2]))));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers()[0];
    }

    private static void filterCerts(String[] strArr) {
        for (int i2 = 0; i2 < strArr.length; i2++) {
            strArr[i2] = strArr[i2].replace("-----BEGIN CERTIFICATE-----", "").replace("-----END CERTIFICATE-----", "").replace("\n", "");
        }
    }

    public static String getVersionName() {
        return "2.0.2.2";
    }
}
