package com.venus.library.baselibrary.http;

import android.annotation.SuppressLint;
import android.content.Context;
import com.umeng.analytics.pro.b;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.TypeCastException;
import kotlin.jvm.internal.j;
import kotlin.n;

/* loaded from: classes4.dex */
public final class CertManager implements X509TrustManager {
    private Certificate certificate;
    private boolean isWork;
    private String pubIssuer;
    private byte[] pubKey;
    private String pubSub;

    public CertManager(Context context, String str) {
        j.b(context, b.Q);
        j.b(str, "assetsFileName");
        try {
            InputStream open = context.getAssets().open(str);
            j.a((Object) open, "context.assets.open(assetsFileName)");
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(open);
                j.a((Object) generateCertificate, "certificateFactory.gener…eCertificate(inputStream)");
                this.certificate = generateCertificate;
                if (generateCertificate == null) {
                    j.d("certificate");
                    throw null;
                }
                if (generateCertificate == null) {
                    throw new TypeCastException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                }
                Principal subjectDN = ((X509Certificate) generateCertificate).getSubjectDN();
                Certificate certificate = this.certificate;
                if (certificate == null) {
                    j.d("certificate");
                    throw null;
                }
                if (certificate == null) {
                    throw new TypeCastException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                }
                Principal issuerDN = ((X509Certificate) certificate).getIssuerDN();
                j.a((Object) subjectDN, "pubSubjectDN");
                String name = subjectDN.getName();
                j.a((Object) name, "pubSubjectDN.name");
                this.pubSub = name;
                j.a((Object) issuerDN, "pubIssuerDN");
                String name2 = issuerDN.getName();
                j.a((Object) name2, "pubIssuerDN.name");
                this.pubIssuer = name2;
                Certificate certificate2 = this.certificate;
                if (certificate2 == null) {
                    j.d("certificate");
                    throw null;
                }
                PublicKey publicKey = certificate2.getPublicKey();
                j.a((Object) publicKey, "certificate.publicKey");
                byte[] encoded = publicKey.getEncoded();
                j.a((Object) encoded, "certificate.publicKey.encoded");
                this.pubKey = encoded;
                this.isWork = true;
                n nVar = n.a;
                kotlin.io.b.a(open, null);
            } finally {
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    @SuppressLint({"TrustAllX509TrustManager"})
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        if (this.isWork && x509CertificateArr != null) {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                trustManagerFactory.init((KeyStore) null);
                j.a((Object) trustManagerFactory, "tmf");
                for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                    if (trustManager == null) {
                        throw new TypeCastException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
                    }
                    ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, str);
                }
                Principal subjectDN = x509CertificateArr[0].getSubjectDN();
                j.a((Object) subjectDN, "chain[0].subjectDN");
                String name = subjectDN.getName();
                if (this.pubSub == null) {
                    j.d("pubSub");
                    throw null;
                }
                if (!j.a((Object) name, (Object) r0)) {
                    throw new CertificateException("server's SubjectDN is not equals to client's SubjectDN");
                }
                Principal issuerDN = x509CertificateArr[0].getIssuerDN();
                j.a((Object) issuerDN, "chain[0].issuerDN");
                String name2 = issuerDN.getName();
                if (this.pubIssuer == null) {
                    j.d("pubIssuer");
                    throw null;
                }
                if (!j.a((Object) name2, (Object) r8)) {
                    throw new CertificateException("server's IssuerDN is not equals to client's IssuerDN");
                }
            } catch (Exception e) {
                throw new CertificateException(e);
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
