package com.winit.starnews.hin.common.utils;

import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Handler;
import android.util.SparseArray;
import com.winit.starnews.hin.R;
import com.winit.starnews.hin.utils.Constans;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.X509HostnameVerifier;

/* loaded from: classes.dex */
public class SSLTrustManager implements X509TrustManager {
    private static final String DECISION_INTENT = ".starnews.hin.common.utils.DECISION";
    protected static final String DECISION_INTENT_CERT = ".starnews.hin.common.utils.DECISION.cert";
    protected static final String DECISION_INTENT_ID = ".starnews.hin.common.utils.DECISION.decisionId";
    protected static final String DECISION_TITLE_ID = ".starnews.hin.common.utils.DECISION.titleId";
    private static int mDecisionId = 0;
    private static SparseArray<SSLAcceptDecision> mOpenDecisions = new SparseArray<>();
    private Context mContext;
    private X509TrustManager mDefaultTrustMgr;
    private Handler mHandler;
    private boolean mVerifyCertificate;
    private boolean mVerifyHostName;

    /* loaded from: classes.dex */
    public class SSLAcceptDecision {
        public static final int DECISION_ABORT = 1;
        public static final int DECISION_ALWAYS = 3;
        public static final int DECISION_INVALID = 0;
        public static final int DECISION_ONCE = 2;
        int state = 0;

        public SSLAcceptDecision() {
        }
    }

    /* loaded from: classes.dex */
    private class ServerHostNameVerifier implements X509HostnameVerifier {
        public ServerHostNameVerifier(HostnameVerifier hostnameVerifier) {
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public void verify(String str, X509Certificate x509Certificate) throws SSLException {
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public void verify(String str, SSLSocket sSLSocket) throws IOException {
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier
        public void verify(String str, String[] strArr, String[] strArr2) throws SSLException {
        }

        @Override // org.apache.http.conn.ssl.X509HostnameVerifier, javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            if (SSLTrustManager.this.mContext.getString(R.string.base_url).endsWith(str) || !SSLTrustManager.this.mVerifyHostName) {
                return true;
            }
            try {
                for (String str2 : ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(sSLSession.getPeerCertificates()[0].getEncoded()))).getSubjectDN().getName().split(",")) {
                    if (str2.contains("CN=")) {
                        SSLTrustManager.this.mVerifyHostName = !str.equals(str2.replace("CN=", "").trim()) && SSLTrustManager.this.interactHostname(str);
                    }
                }
                return !SSLTrustManager.this.mVerifyHostName;
            } catch (Exception e) {
                return true;
            }
        }
    }

    public SSLTrustManager(Context context) {
        this.mContext = context;
        this.mHandler = new Handler(context.getMainLooper());
        initTrustedConnectionVerification();
        TrustManager[] trustManagerArr = {null};
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init((KeyStore) null);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        } catch (KeyStoreException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        }
        for (int i = 0; i < trustManagerArr.length; i++) {
            if (trustManagerArr[i] instanceof X509TrustManager) {
                this.mDefaultTrustMgr = (X509TrustManager) trustManagerArr[i];
                return;
            }
        }
    }

    private String certificateChainMessage(X509Certificate[] x509CertificateArr, CertificateException certificateException) {
        StringBuffer stringBuffer = new StringBuffer();
        if (certificateException.getCause() != null) {
            if (certificateException.getCause().getCause() instanceof CertificateExpiredException) {
                stringBuffer.append(this.mContext.getString(R.string.ssl_expired_certificate));
            } else {
                stringBuffer.append(this.mContext.getString(R.string.ssl_no_trust_anchor));
            }
            stringBuffer.append("\n");
        }
        stringBuffer.append("\n");
        stringBuffer.append(this.mContext.getString(R.string.ssl_connect_anyway));
        return stringBuffer.toString();
    }

    private int createDecisionId(SSLAcceptDecision sSLAcceptDecision) {
        int i;
        synchronized (mOpenDecisions) {
            i = mDecisionId;
            mOpenDecisions.put(i, sSLAcceptDecision);
            mDecisionId++;
        }
        return i;
    }

    private String hostNameMessage(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(this.mContext.getString(R.string.ssl_hostname_mismatch));
        stringBuffer.append("\n\n");
        stringBuffer.append(this.mContext.getString(R.string.ssl_connect_anyway));
        return stringBuffer.toString();
    }

    private void initTrustedConnectionVerification() {
        this.mVerifyCertificate = PreferencesManager.getInstance(this.mContext).showSSLCertificateErrorAlert();
        this.mVerifyHostName = PreferencesManager.getInstance(this.mContext).showHostNameErrorAlert();
    }

    private int interact(final String str, final int i) {
        SSLAcceptDecision sSLAcceptDecision = new SSLAcceptDecision();
        final int createDecisionId = createDecisionId(sSLAcceptDecision);
        this.mHandler.post(new Runnable() { // from class: com.winit.starnews.hin.common.utils.SSLTrustManager.1
            @Override // java.lang.Runnable
            public void run() {
                Intent intent = new Intent(SSLTrustManager.this.mContext, (Class<?>) SSLTrustErrorActivity.class);
                intent.setFlags(268435456);
                intent.setData(Uri.parse(SSLTrustManager.class.getName() + Constans.CricketTags.FORWARD_SLASH + createDecisionId));
                intent.putExtra(SSLTrustManager.DECISION_INTENT_ID, createDecisionId);
                intent.putExtra(SSLTrustManager.DECISION_INTENT_CERT, str);
                intent.putExtra(SSLTrustManager.DECISION_TITLE_ID, i);
                try {
                    SSLTrustManager.this.mContext.startActivity(intent);
                } catch (Exception e) {
                }
            }
        });
        try {
            synchronized (sSLAcceptDecision) {
                while (sSLAcceptDecision.state == 0) {
                    sSLAcceptDecision.wait();
                }
            }
        } catch (InterruptedException e) {
        }
        return sSLAcceptDecision.state;
    }

    private void interactCertificate(X509Certificate[] x509CertificateArr, String str, CertificateException certificateException) throws CertificateException {
        switch (interact(certificateChainMessage(x509CertificateArr, certificateException), R.string.ssl_error_accept_cert)) {
            case 2:
                return;
            case 3:
                PreferencesManager.getInstance(this.mContext).saveShowSSLCertificateErrorAlert(false);
                return;
            default:
                throw certificateException;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean interactHostname(String str) {
        switch (interact(hostNameMessage(str), R.string.ssl_error_accept_cert)) {
            case 2:
                return false;
            case 3:
                PreferencesManager.getInstance(this.mContext).saveShowHostNameErrorAlert(false);
                return false;
            default:
                return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void interactResult(int i, int i2) {
        SSLAcceptDecision sSLAcceptDecision;
        synchronized (mOpenDecisions) {
            sSLAcceptDecision = mOpenDecisions.get(i);
            mOpenDecisions.remove(i);
        }
        if (sSLAcceptDecision == null) {
            return;
        }
        synchronized (sSLAcceptDecision) {
            sSLAcceptDecision.state = i2;
            sSLAcceptDecision.notify();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.mDefaultTrustMgr.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            if (this.mVerifyCertificate) {
                this.mDefaultTrustMgr.checkServerTrusted(x509CertificateArr, str);
            }
        } catch (CertificateException e) {
            interactCertificate(x509CertificateArr, str, e);
        }
        this.mVerifyCertificate = false;
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.mDefaultTrustMgr.getAcceptedIssuers();
    }

    public HostnameVerifier wrapHostnameVerifier(HostnameVerifier hostnameVerifier) {
        if (hostnameVerifier == null) {
            throw new IllegalArgumentException("The default verifier may not be null");
        }
        return new ServerHostNameVerifier(hostnameVerifier);
    }
}
