package com.tencent.moai.proxycat.ssl;

import android.content.Intent;
import android.content.res.AssetManager;
import android.security.KeyChain;
import android.security.KeyChainException;
import android.util.Log;
import com.tencent.moai.proxycat.ProxyCatManager;
import com.tencent.moai.proxycat.util.Logger;
import java.io.BufferedInputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes2.dex */
public class SSLManager {
    private static final String TAG = "SSLManager";
    private static SSLManager kfh = new SSLManager();
    private SSLContext ehW;
    private boolean isInit;
    private KeyStore keZ;
    private KeyStore kfa;
    private KeyManagerFactory kfb;
    private TrustManagerFactory kfc;
    private SSLEngine kfd;
    private SSLSession kfe;
    private int kff;
    private int kfg;

    /* renamed from: com.tencent.moai.proxycat.ssl.SSLManager$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] kfi = new int[SSLEngineResult.HandshakeStatus.values().length];

        static {
            try {
                kfi[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                kfi[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                kfi[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                kfi[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                kfi[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public interface HandShakeCallBack {
        SSLEngineResult.HandshakeStatus byb();

        SSLEngineResult.HandshakeStatus byc();

        SSLEngineResult.HandshakeStatus byd() throws IOException;

        SSLEngineResult.HandshakeStatus bye() throws IOException;

        SSLEngineResult.HandshakeStatus byf();
    }

    private SSLManager() {
    }

    public static SSLManager bxV() {
        return kfh;
    }

    public void a(HandShakeCallBack handShakeCallBack) {
        try {
            this.kfd.beginHandshake();
            SSLEngineResult.HandshakeStatus handshakeStatus = this.kfd.getHandshakeStatus();
            boolean z = false;
            while (!z) {
                int i = AnonymousClass1.kfi[handshakeStatus.ordinal()];
                if (i == 1) {
                    Logger.d(TAG, "status finish");
                    if (handShakeCallBack != null) {
                        handshakeStatus = handShakeCallBack.byb();
                    }
                } else if (i == 2) {
                    Logger.d(TAG, "status need task");
                    if (handShakeCallBack != null) {
                        handshakeStatus = handShakeCallBack.byc();
                    }
                } else if (i == 3) {
                    Logger.d(TAG, "status need unwrap");
                    if (handShakeCallBack != null) {
                        handshakeStatus = handShakeCallBack.byd();
                    }
                } else if (i == 4) {
                    Logger.d(TAG, "status need wrap");
                    if (handShakeCallBack != null) {
                        handshakeStatus = handShakeCallBack.bye();
                    }
                } else if (i == 5) {
                    Logger.d(TAG, "status no handshaking");
                    if (handShakeCallBack != null) {
                        handshakeStatus = handShakeCallBack.byf();
                    }
                    z = true;
                }
            }
        } catch (IOException e) {
            Logger.e(TAG, Log.getStackTraceString(e));
        }
    }

    public SSLEngineResult.HandshakeStatus b(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws IOException {
        SSLEngineResult.HandshakeStatus bya;
        do {
            this.kfd.unwrap(byteBuffer, byteBuffer2);
            bya = bya();
            if (bya != SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                break;
            }
        } while (byteBuffer.hasRemaining());
        return bya;
    }

    public void bxW() {
        StringBuilder sb = new StringBuilder();
        try {
            X509Certificate[] certificateChain = KeyChain.getCertificateChain(ProxyCatManager.bxm().getContext(), "ProxyCat certificate");
            if (certificateChain != null && certificateChain.length > 0) {
                for (X509Certificate x509Certificate : certificateChain) {
                    sb.append(x509Certificate.getIssuerDN());
                    sb.append("\n");
                }
            }
        } catch (KeyChainException e) {
            Logger.e(TAG, Log.getStackTraceString(e));
        } catch (InterruptedException e2) {
            Logger.e(TAG, Log.getStackTraceString(e2));
        }
        Logger.d(TAG, "Certificate info:" + sb.toString());
    }

    public void bxX() {
        try {
            this.keZ = KeyStore.getInstance("BKS");
            this.kfa = KeyStore.getInstance("BKS");
            AssetManager assets = ProxyCatManager.bxm().getContext().getAssets();
            char[] charArray = "123456".toCharArray();
            try {
                this.keZ.load(assets.open("server.keystore"), charArray);
                this.kfa.load(assets.open("server.truststore"), charArray);
                try {
                    this.kfb = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    this.kfb.init(this.keZ, charArray);
                    this.kfc = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    this.kfc.init(this.kfa);
                    try {
                        this.ehW = SSLContext.getInstance("TLS");
                        this.ehW.init(this.kfb.getKeyManagers(), this.kfc.getTrustManagers(), null);
                        this.kfd = this.ehW.createSSLEngine();
                        this.kfd.setUseClientMode(false);
                        this.kfd.setNeedClientAuth(true);
                        this.kfe = this.kfd.getSession();
                        this.kff = this.kfe.getApplicationBufferSize();
                        this.kfg = this.kfe.getPacketBufferSize();
                        this.isInit = true;
                    } catch (KeyManagementException e) {
                        Logger.e(TAG, Log.getStackTraceString(e));
                    } catch (NoSuchAlgorithmException e2) {
                        Logger.e(TAG, Log.getStackTraceString(e2));
                    }
                } catch (KeyStoreException e3) {
                    Logger.e(TAG, Log.getStackTraceString(e3));
                } catch (NoSuchAlgorithmException e4) {
                    Logger.e(TAG, Log.getStackTraceString(e4));
                } catch (UnrecoverableKeyException e5) {
                    Logger.e(TAG, Log.getStackTraceString(e5));
                }
            } catch (IOException e6) {
                Logger.e(TAG, Log.getStackTraceString(e6));
            } catch (NoSuchAlgorithmException e7) {
                Logger.e(TAG, Log.getStackTraceString(e7));
            } catch (CertificateException e8) {
                Logger.e(TAG, Log.getStackTraceString(e8));
            }
        } catch (KeyStoreException e9) {
            Logger.e(TAG, Log.getStackTraceString(e9));
        }
    }

    public int bxY() {
        return this.kff;
    }

    public int bxZ() {
        return this.kfg;
    }

    public SSLEngineResult.HandshakeStatus bya() {
        while (true) {
            Runnable delegatedTask = this.kfd.getDelegatedTask();
            if (delegatedTask == null) {
                break;
            }
            delegatedTask.run();
        }
        SSLEngineResult.HandshakeStatus handshakeStatus = this.kfd.getHandshakeStatus();
        if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
            Logger.e(TAG, "handshake shouldn't need additional tasks");
        }
        return handshakeStatus;
    }

    public SSLEngineResult.HandshakeStatus c(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws IOException {
        SSLEngineResult.HandshakeStatus bya;
        do {
            this.kfd.wrap(byteBuffer, byteBuffer2);
            bya = bya();
            if (bya != SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                break;
            }
        } while (byteBuffer.hasRemaining());
        return bya;
    }

    public Intent createInstallIntent() throws IOException {
        BufferedInputStream bufferedInputStream = new BufferedInputStream(ProxyCatManager.bxm().getContext().getAssets().open("client.cer"));
        byte[] bArr = new byte[bufferedInputStream.available()];
        bufferedInputStream.read(bArr);
        Intent createInstallIntent = KeyChain.createInstallIntent();
        createInstallIntent.putExtra("name", "ProxyCat certificate");
        createInstallIntent.putExtra("CERT", bArr);
        return createInstallIntent;
    }

    public boolean isInit() {
        return this.isInit;
    }
}
