package com.emm.https.util;

import android.content.Context;
import android.net.Uri;
import android.util.Log;
import com.emm.base.util.EMMInitSettingUtil;
import com.emm.config.util.KeyPinStore;
import com.emm.log.DebugLogger;
import com.xiaomi.mipush.sdk.Constants;
import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.net.imap.IMAPSClient;

/* loaded from: classes2.dex */
public class HttpsConnectioFactory {
    public static final String TAG = "HttpsFactory";
    public static HttpsConnectioFactory instance = new HttpsConnectioFactory();

    /* loaded from: classes2.dex */
    public class HttpsHostnameVerifier implements HostnameVerifier {
        HttpsHostnameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    }

    /* loaded from: classes2.dex */
    public class HttpsX509TrustManager implements X509TrustManager {
        HttpsX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    private HttpsConnectioFactory() {
        initHttps();
    }

    public static HttpsConnectioFactory getInstance() {
        if (instance == null) {
            instance = new HttpsConnectioFactory();
        }
        return instance;
    }

    public HttpsURLConnection createHttpsConnection(Context context, String str, String str2) throws Exception {
        if ("POST".equals(str2.toUpperCase())) {
            str = Uri.encode(str, "@#&=*+-_.,:!?()/~'%");
        }
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str).openConnection();
        if (EMMInitSettingUtil.getInstance().getInitSettings().isSSLVerify()) {
            httpsURLConnection.setSSLSocketFactory(new TLSSocketFactory(KeyPinStore.getInstance(context).getContext().getSocketFactory()));
            httpsURLConnection.setHostnameVerifier(new HostnameVerifier() { // from class: com.emm.https.util.HttpsConnectioFactory.1
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str3, SSLSession sSLSession) {
                    try {
                        Log.i("HttpsConnectioFactory", "----hostname:" + str3);
                        String peerHost = sSLSession.getPeerHost();
                        for (X509Certificate x509Certificate : (X509Certificate[]) sSLSession.getPeerCertificates()) {
                            for (String str4 : x509Certificate.getSubjectX500Principal().getName().split(Constants.ACCEPT_TIME_SEPARATOR_SP)) {
                                Log.i("HttpsConnectioFactory", "----str:" + str4 + " ," + peerHost);
                                if (str4.startsWith("CN")) {
                                    if (str4.contains(str3) && str4.contains(peerHost)) {
                                        x509Certificate.checkValidity();
                                        return true;
                                    }
                                    if (str4.startsWith("CN=*.")) {
                                        String replace = str4.replace("CN=*.", "");
                                        if (str3.contains(replace) && peerHost.contains(replace)) {
                                            x509Certificate.checkValidity();
                                            return true;
                                        }
                                    } else {
                                        continue;
                                    }
                                }
                            }
                        }
                    } catch (CertificateExpiredException e) {
                        DebugLogger.log(3, "证书过期", e);
                    } catch (CertificateNotYetValidException e2) {
                        DebugLogger.log(3, "证书无效", e2);
                    } catch (SSLPeerUnverifiedException e3) {
                        DebugLogger.log(3, "证书异常", e3);
                    }
                    return false;
                }
            });
        }
        return httpsURLConnection;
    }

    public HttpsURLConnection createHttpsConnectionForWebView(Context context, String str, String str2) throws Exception {
        try {
            HttpsX509TrustManager httpsX509TrustManager = new HttpsX509TrustManager();
            HttpsHostnameVerifier httpsHostnameVerifier = new HttpsHostnameVerifier();
            SSLContext sSLContext = SSLContext.getInstance(IMAPSClient.DEFAULT_PROTOCOL);
            sSLContext.init(null, new X509TrustManager[]{httpsX509TrustManager}, new SecureRandom());
            if (sSLContext != null) {
                HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
            }
            HttpsURLConnection.setDefaultHostnameVerifier(httpsHostnameVerifier);
        } catch (Exception e) {
            e.printStackTrace();
        }
        if ("POST".equals(str2.toUpperCase())) {
            str = Uri.encode(str, "@#&=*+-_.,:!?()/~'%");
        }
        return (HttpsURLConnection) new URL(str).openConnection();
    }

    public void initHttps() {
        try {
            if (EMMInitSettingUtil.getInstance().getInitSettings().isSSLVerify()) {
                return;
            }
            HttpsX509TrustManager httpsX509TrustManager = new HttpsX509TrustManager();
            HttpsHostnameVerifier httpsHostnameVerifier = new HttpsHostnameVerifier();
            SSLContext sSLContext = SSLContext.getInstance(IMAPSClient.DEFAULT_PROTOCOL);
            sSLContext.init(null, new X509TrustManager[]{httpsX509TrustManager}, new SecureRandom());
            if (sSLContext != null) {
                HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
            }
            HttpsURLConnection.setDefaultHostnameVerifier(httpsHostnameVerifier);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
