package com.tencent.security.ssl;

import android.annotation.SuppressLint;
import android.text.TextUtils;
import com.tencent.bugly.crashreport.CrashReport;
import com.tencent.gamehelper.global.SpFactory;
import com.tencent.gamehelper.utils.DateUtil;
import com.tencent.mars.xlog.common.log.TLog;
import com.tencent.qapmsdk.crash.CrashConstants;
import com.xiaomi.mipush.sdk.Constants;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.GregorianCalendar;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;

/* loaded from: classes4.dex */
public class TLSCertificateHelperDelegate implements ITLSCertificateHelper {

    /* renamed from: a, reason: collision with root package name */
    private static boolean f15309a = false;

    private void a(KeyStore keyStore, String str) throws CertificateException, KeyStoreException {
        if (TextUtils.isEmpty(str)) {
            return;
        }
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance(CrashConstants.DEFAULT_CERTIFICATE_TYPE).generateCertificates(new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8)));
        int i = 0;
        Calendar calendar = Calendar.getInstance();
        String str2 = "smoba_cert";
        for (Certificate certificate : generateCertificates) {
            if (i == 0) {
                Date notAfter = ((X509Certificate) certificate).getNotAfter();
                String str3 = "smoba_cert-" + DateUtil.a(notAfter.getTime());
                calendar.setTime(notAfter);
                calendar.add(2, -1);
                SpFactory.a().edit().putLong("next_cert_check_time", calendar.getTimeInMillis()).apply();
                str2 = str3;
            }
            i++;
            keyStore.setCertificateEntry(str2 + Constants.ACCEPT_TIME_SEPARATOR_SERVER + i, certificate);
        }
    }

    private void a(OkHttpClient.Builder builder) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, trustManagers, new SecureRandom());
                builder.sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagers[0]);
                TLog.d("SSLGenerator", "build ssl socket factory success");
                return;
            }
            TLog.e("SSLGenerator", "no X509TrustManager found");
        } catch (Exception e) {
            TLog.e("SSLGenerator", "ssl construct fail", e);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:15:0x003b  */
    /* JADX WARN: Removed duplicated region for block: B:25:? A[Catch: Exception -> 0x004a, SYNTHETIC, TRY_LEAVE, TryCatch #3 {Exception -> 0x004a, blocks: (B:6:0x0007, B:10:0x002c, B:19:0x003d, B:16:0x0046, B:23:0x0042, B:17:0x0049), top: B:5:0x0007, inners: #2 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.String b(java.lang.String r5) {
        /*
            r4 = this;
            boolean r0 = android.text.TextUtils.isEmpty(r5)
            r1 = 0
            if (r0 != 0) goto L55
            java.io.ByteArrayInputStream r0 = new java.io.ByteArrayInputStream     // Catch: java.lang.Exception -> L4a
            java.lang.String r2 = "UTF-8"
            java.nio.charset.Charset r2 = java.nio.charset.Charset.forName(r2)     // Catch: java.lang.Exception -> L4a
            byte[] r5 = r5.getBytes(r2)     // Catch: java.lang.Exception -> L4a
            r0.<init>(r5)     // Catch: java.lang.Exception -> L4a
            okio.Source r5 = okio.Okio.source(r0)     // Catch: java.lang.Exception -> L4a
            okio.BufferedSource r5 = okio.Okio.buffer(r5)     // Catch: java.lang.Exception -> L4a
            okio.ByteString r0 = r5.readByteString()     // Catch: java.lang.Throwable -> L30 java.lang.Throwable -> L33
            okio.ByteString r0 = r0.sha256()     // Catch: java.lang.Throwable -> L30 java.lang.Throwable -> L33
            java.lang.String r1 = r0.hex()     // Catch: java.lang.Throwable -> L30 java.lang.Throwable -> L33
            if (r5 == 0) goto L55
            r5.close()     // Catch: java.lang.Exception -> L4a
            goto L55
        L30:
            r0 = move-exception
            r2 = r1
            goto L39
        L33:
            r0 = move-exception
            throw r0     // Catch: java.lang.Throwable -> L35
        L35:
            r2 = move-exception
            r3 = r2
            r2 = r0
            r0 = r3
        L39:
            if (r5 == 0) goto L49
            if (r2 == 0) goto L46
            r5.close()     // Catch: java.lang.Throwable -> L41 java.lang.Exception -> L4a
            goto L49
        L41:
            r5 = move-exception
            r2.addSuppressed(r5)     // Catch: java.lang.Exception -> L4a
            goto L49
        L46:
            r5.close()     // Catch: java.lang.Exception -> L4a
        L49:
            throw r0     // Catch: java.lang.Exception -> L4a
        L4a:
            r5 = move-exception
            com.tencent.bugly.crashreport.CrashReport.postCatchedException(r5)
            java.lang.String r5 = "SSLGenerator"
            java.lang.String r0 = "failed to generate SHA256 digest"
            com.tencent.mars.xlog.common.log.TLog.e(r5, r0)
        L55:
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tencent.security.ssl.TLSCertificateHelperDelegate.b(java.lang.String):java.lang.String");
    }

    private void b(OkHttpClient.Builder builder) {
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.tencent.security.ssl.TLSCertificateHelperDelegate.1
                @Override // javax.net.ssl.X509TrustManager
                @SuppressLint({"TrustAllX509TrustManager"})
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                @SuppressLint({"TrustAllX509TrustManager"})
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            builder.sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagerArr[0]);
            f15309a = true;
        } catch (Exception unused) {
        }
    }

    @Override // com.tencent.security.ssl.ITLSCertificateHelper
    public String a() {
        String string = SpFactory.a().getString("cert_digest_key", "");
        if (!TextUtils.isEmpty(string)) {
        }
        return string;
    }

    @Override // com.tencent.security.ssl.ITLSCertificateHelper
    public void a(String str) {
        try {
            SpFactory.a().edit().putString("cert_digest_key", b(str)).apply();
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            a(keyStore, str);
        } catch (Exception e) {
            CrashReport.postCatchedException(e);
            TLog.e("SSLGenerator", "failed to save SHA256 digest");
        }
    }

    @Override // com.tencent.security.ssl.ITLSCertificateHelper
    public void a(OkHttpClient.Builder builder, boolean z) {
        if (z) {
            a(builder);
        } else {
            b(builder);
        }
        f15309a = true;
    }

    @Override // com.tencent.security.ssl.ITLSCertificateHelper
    public boolean b() {
        return f15309a;
    }

    @Override // com.tencent.security.ssl.ITLSCertificateHelper
    public boolean c() {
        return new GregorianCalendar().getTimeInMillis() > SpFactory.a().getLong("next_cert_check_time", 0L);
    }
}
