package com.huawei.m.a;

import android.text.TextUtils;
import com.huawei.ecs.mtk.log.Logger;
import com.huawei.im.esdk.log.TagInfo;
import com.huawei.im.esdk.service.login.n;
import com.huawei.im.esdk.strategy.f;
import com.huawei.im.esdk.utils.h;
import com.huawei.it.w3m.core.utility.PackageUtils;
import com.huawei.welink.hotfix.common.PatchRedirect;
import com.huawei.welink.hotfix.common.RedirectParams;
import com.huawei.welink.hotfix.common.log.HotfixLogger;
import com.xiaomi.mipush.sdk.Constants;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* compiled from: SSLSocketClient.java */
/* loaded from: classes4.dex */
public class b {
    public static PatchRedirect $PatchRedirect;

    /* compiled from: SSLSocketClient.java */
    /* loaded from: classes4.dex */
    public static final class a implements X509TrustManager {
        public static PatchRedirect $PatchRedirect;

        a() {
            PatchRedirect patchRedirect = $PatchRedirect;
            RedirectParams redirectParams = new RedirectParams("SSLSocketClient$1()", new Object[0], this);
            if (patchRedirect == null || !patchRedirect.isSupport(redirectParams)) {
                return;
            }
            HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: SSLSocketClient$1()");
            patchRedirect.accessDispatch(redirectParams);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            PatchRedirect patchRedirect = $PatchRedirect;
            RedirectParams redirectParams = new RedirectParams("checkClientTrusted(java.security.cert.X509Certificate[],java.lang.String)", new Object[]{x509CertificateArr, str}, this);
            if (patchRedirect == null || !patchRedirect.isSupport(redirectParams)) {
                return;
            }
            HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: checkClientTrusted(java.security.cert.X509Certificate[],java.lang.String)");
            patchRedirect.accessDispatch(redirectParams);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            PatchRedirect patchRedirect = $PatchRedirect;
            RedirectParams redirectParams = new RedirectParams("checkServerTrusted(java.security.cert.X509Certificate[],java.lang.String)", new Object[]{x509CertificateArr, str}, this);
            if (patchRedirect != null && patchRedirect.isSupport(redirectParams)) {
                HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: checkServerTrusted(java.security.cert.X509Certificate[],java.lang.String)");
                patchRedirect.accessDispatch(redirectParams);
                return;
            }
            if (PackageUtils.RELEASE_TYPE.SIT.equals(PackageUtils.b())) {
                Logger.info(TagInfo.APPTAG, "sit environment, no use tls cert verify");
                return;
            }
            Logger.info(TagInfo.APPTAG, "start check Server cert");
            Exception e2 = null;
            try {
                Collection c2 = h.c(com.huawei.im.esdk.common.p.a.b());
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    x509Certificate.checkValidity();
                    Iterator it2 = c2.iterator();
                    while (it2.hasNext()) {
                        try {
                            x509Certificate.verify(((Certificate) it2.next()).getPublicKey());
                            Logger.info(TagInfo.APPTAG, "check server cert success!");
                            return;
                        } catch (Exception e3) {
                            e2 = e3;
                        }
                    }
                }
            } catch (Exception e4) {
                e2 = e4;
                Logger.error(TagInfo.APPTAG, e2.toString());
            }
            throw new CertificateException("error in validating certificate", e2);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            PatchRedirect patchRedirect = $PatchRedirect;
            RedirectParams redirectParams = new RedirectParams("getAcceptedIssuers()", new Object[0], this);
            if (patchRedirect == null || !patchRedirect.isSupport(redirectParams)) {
                return new X509Certificate[0];
            }
            HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: getAcceptedIssuers()");
            return (X509Certificate[]) patchRedirect.accessDispatch(redirectParams);
        }
    }

    /* compiled from: SSLSocketClient.java */
    /* renamed from: com.huawei.m.a.b$b, reason: collision with other inner class name */
    /* loaded from: classes4.dex */
    public static final class C0390b implements HostnameVerifier {
        public static PatchRedirect $PatchRedirect;

        C0390b() {
            PatchRedirect patchRedirect = $PatchRedirect;
            RedirectParams redirectParams = new RedirectParams("SSLSocketClient$2()", new Object[0], this);
            if (patchRedirect == null || !patchRedirect.isSupport(redirectParams)) {
                return;
            }
            HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: SSLSocketClient$2()");
            patchRedirect.accessDispatch(redirectParams);
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            PatchRedirect patchRedirect = $PatchRedirect;
            RedirectParams redirectParams = new RedirectParams("verify(java.lang.String,javax.net.ssl.SSLSession)", new Object[]{str, sSLSession}, this);
            if (patchRedirect != null && patchRedirect.isSupport(redirectParams)) {
                HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: verify(java.lang.String,javax.net.ssl.SSLSession)");
                return ((Boolean) patchRedirect.accessDispatch(redirectParams)).booleanValue();
            }
            ArrayList arrayList = new ArrayList();
            List<com.huawei.im.esdk.data.e.a> a2 = n.a().a("usg_info_key");
            if (a2 == null || a2.size() == 0) {
                Logger.error(TagInfo.APPTAG, "get usg address failed");
            } else {
                arrayList.add(b.a(a2.get(0).a()));
            }
            arrayList.add(b.a(f.a().getHttpProxyUri()));
            if (TextUtils.isEmpty(str)) {
                return false;
            }
            return arrayList.contains(str);
        }
    }

    public static String a(String str) {
        PatchRedirect patchRedirect = $PatchRedirect;
        RedirectParams redirectParams = new RedirectParams("getHostName(java.lang.String)", new Object[]{str}, null);
        if (patchRedirect == null || !patchRedirect.isSupport(redirectParams)) {
            return !TextUtils.isEmpty(str) ? str.contains(Constants.COLON_SEPARATOR) ? str.split(Constants.COLON_SEPARATOR)[0] : str : "";
        }
        HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: getHostName(java.lang.String)");
        return (String) patchRedirect.accessDispatch(redirectParams);
    }

    public static HostnameVerifier a() {
        PatchRedirect patchRedirect = $PatchRedirect;
        RedirectParams redirectParams = new RedirectParams("getHostnameVerifier()", new Object[0], null);
        if (patchRedirect == null || !patchRedirect.isSupport(redirectParams)) {
            return new C0390b();
        }
        HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: getHostnameVerifier()");
        return (HostnameVerifier) patchRedirect.accessDispatch(redirectParams);
    }

    public static SSLSocketFactory b() {
        PatchRedirect patchRedirect = $PatchRedirect;
        RedirectParams redirectParams = new RedirectParams("getSSLSocketFactory()", new Object[0], null);
        if (patchRedirect != null && patchRedirect.isSupport(redirectParams)) {
            HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: getSSLSocketFactory()");
            return (SSLSocketFactory) patchRedirect.accessDispatch(redirectParams);
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, c(), new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    private static TrustManager[] c() {
        PatchRedirect patchRedirect = $PatchRedirect;
        RedirectParams redirectParams = new RedirectParams("getTrustManager()", new Object[0], null);
        if (patchRedirect == null || !patchRedirect.isSupport(redirectParams)) {
            return new TrustManager[]{new a()};
        }
        HotfixLogger.d("original class start invoke redirect accessDispatch method. methodId: getTrustManager()");
        return (TrustManager[]) patchRedirect.accessDispatch(redirectParams);
    }
}
