package com.nationsky.seccom;

import android.content.Context;
import android.text.TextUtils;
import ch.qos.logback.core.spi.AbstractComponentTracker;
import com.facebook.common.util.UriUtil;
import com.nationsky.seccom.sag.AuthInfoProvider;
import com.nationsky.seccom.sag.NSAGaSDK;
import com.nationsky.seccom.sag.SAGException;
import com.sangfor.ssl.service.utils.IGeneral;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.HttpVersion;
import org.apache.http.conn.params.ConnManagerParams;
import org.apache.http.conn.params.ConnPerRouteBean;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.BasicHttpParams;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.params.HttpParams;
import org.apache.http.params.HttpProtocolParams;

/* compiled from: HttpClientWithCert.java */
/* loaded from: classes2.dex */
public class g {

    /* renamed from: a, reason: collision with root package name */
    private static String f1340a = "HttpClientWithCer";
    private static DefaultHttpClient b;
    private static KeyStore c;
    private static boolean d;
    private static TrustManager[] e;
    private static DefaultHttpClient f;
    private static final TrustManager[] g = {new X509TrustManager() { // from class: com.nationsky.seccom.g.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }};

    private static SchemeRegistry a(Context context, boolean z, AuthInfoProvider authInfoProvider) throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException, SAGException {
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        c();
        aj.b(f1340a, "useTunnel----" + z);
        if (z) {
            schemeRegistry.register(new Scheme(UriUtil.HTTPS_SCHEME, NSAGaSDK.getInstance(context).getNSCSSLSocketFactory(authInfoProvider, null, c(context), null), IGeneral.DEFAULT_SSL_PORT));
        } else {
            schemeRegistry.register(new Scheme("http", NSAGaSDK.getInstance(context).getNSCSocketFactory(authInfoProvider, null, c(context), null), IGeneral.DEFAULT_SSL_PORT));
        }
        return schemeRegistry;
    }

    public static synchronized DefaultHttpClient a(Context context) {
        DefaultHttpClient defaultHttpClient;
        synchronized (g.class) {
            defaultHttpClient = null;
            try {
                BasicHttpParams basicHttpParams = new BasicHttpParams();
                a(basicHttpParams);
                SchemeRegistry c2 = c();
                c2.register(new Scheme(UriUtil.HTTPS_SCHEME, d(context), IGeneral.DEFAULT_SSL_PORT));
                defaultHttpClient = new DefaultHttpClient(new ThreadSafeClientConnManager(basicHttpParams, c2), basicHttpParams);
            } catch (Exception e2) {
                aj.a(f1340a, "error msg:" + e2.getMessage());
            }
        }
        return defaultHttpClient;
    }

    public static synchronized DefaultHttpClient a(Context context, AuthInfoProvider authInfoProvider) {
        String str;
        synchronized (g.class) {
            try {
                if (b == null) {
                    String str2 = f1340a;
                    if (authInfoProvider != null) {
                        str = "username：" + authInfoProvider.getUserName() + "，pwd：" + authInfoProvider.getPassword();
                    } else {
                        str = "authProvider is null";
                    }
                    aj.c(str2, str);
                    if (authInfoProvider != null && !TextUtils.isEmpty(authInfoProvider.getPassword())) {
                        BasicHttpParams basicHttpParams = new BasicHttpParams();
                        a(basicHttpParams);
                        b = new DefaultHttpClient(new ThreadSafeClientConnManager(basicHttpParams, a(context, true, authInfoProvider)), basicHttpParams);
                    }
                    return null;
                }
            } catch (Exception e2) {
                aj.a(f1340a, "getHttpClientThroughProxy errpr:" + e2.getMessage());
            }
            return b;
        }
    }

    public static synchronized DefaultHttpClient a(Context context, AuthInfoProvider authInfoProvider, boolean z, TrustManager[] trustManagerArr) {
        synchronized (g.class) {
            try {
                if (f == null || d != z || e != trustManagerArr) {
                    aj.b(f1340a, "username: " + authInfoProvider.getUserName() + "，pwd: " + authInfoProvider.getPassword() + ", insecure: " + z);
                    if (authInfoProvider != null && !TextUtils.isEmpty(authInfoProvider.getPassword())) {
                        SchemeRegistry schemeRegistry = new SchemeRegistry();
                        c();
                        TrustManager[] a2 = trustManagerArr == null ? a(context, z) : trustManagerArr;
                        schemeRegistry.register(new Scheme(UriUtil.HTTPS_SCHEME, NSAGaSDK.getInstance(context).getNSCSSLSocketFactory(authInfoProvider, null, a2, null), IGeneral.DEFAULT_SSL_PORT));
                        schemeRegistry.register(new Scheme("http", NSAGaSDK.getInstance(context).getNSCSocketFactory(authInfoProvider, null, a2, null), 80));
                        BasicHttpParams basicHttpParams = new BasicHttpParams();
                        a(basicHttpParams);
                        f = new DefaultHttpClient(new ThreadSafeClientConnManager(basicHttpParams, schemeRegistry), basicHttpParams);
                        d = z;
                        e = trustManagerArr;
                    }
                    return null;
                }
            } catch (Exception e2) {
                aj.a(f1340a, "getHttpClientThroughProxy errpr:" + e2.getMessage());
            }
            return f;
        }
    }

    public static void a() {
        c = null;
        b();
    }

    private static void a(HttpParams httpParams) {
        HttpProtocolParams.setVersion(httpParams, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(httpParams, "ISO-8859-1");
        HttpProtocolParams.setUseExpectContinue(httpParams, true);
        ConnManagerParams.setTimeout(httpParams, AbstractComponentTracker.LINGERING_TIMEOUT);
        ConnManagerParams.setMaxTotalConnections(httpParams, 40);
        ConnManagerParams.setMaxConnectionsPerRoute(httpParams, new ConnPerRouteBean(10));
        HttpConnectionParams.setConnectionTimeout(httpParams, 30000);
        HttpConnectionParams.setSoTimeout(httpParams, 60000);
    }

    public static TrustManager[] a(Context context, boolean z) throws KeyStoreException, NoSuchAlgorithmException {
        aj.b(f1340a, "getTrustManager() insecure ----" + z);
        return z ? g : a(b(context));
    }

    private static TrustManager[] a(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException {
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore may not be null");
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    public static KeyStore b(Context context) {
        KeyStore keyStore = c;
        if (keyStore != null) {
            return keyStore;
        }
        try {
            String str = context.getApplicationInfo().sourceDir;
            aj.a(f1340a, "sourceDir :" + str);
            InputStream a2 = ap.a(context, str);
            if (a2 == null) {
                aj.a(f1340a, "zip cert is null,read file from assets");
                a2 = context.getAssets().open("nsky.bks");
            }
            KeyStore keyStore2 = KeyStore.getInstance("BKS");
            try {
                keyStore2.load(a2, "nq2012".toCharArray());
                a2.close();
                aj.a(f1340a, "trustStore :" + keyStore2);
                c = keyStore2;
                return keyStore2;
            } catch (Throwable th) {
                a2.close();
                throw th;
            }
        } catch (Exception e2) {
            aj.a(f1340a, "getKeyStore error:" + e2.toString());
            e2.printStackTrace();
            return null;
        }
    }

    public static synchronized void b() {
        synchronized (g.class) {
            aj.a(f1340a, "****resetHttpClient*******");
            b = null;
        }
    }

    private static SchemeRegistry c() {
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        try {
            schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
            schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 9080));
        } catch (Exception e2) {
            aj.a(f1340a, "error msg " + e2.getMessage());
        }
        return schemeRegistry;
    }

    private static TrustManager[] c(Context context) throws KeyStoreException, NoSuchAlgorithmException {
        aj.b(f1340a, "getTrustManager() BuildConfig.CHECK_SSL----true");
        return a(b(context));
    }

    private static SSLSocketFactory d(Context context) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException, CertificateException {
        aj.b(f1340a, "getSSLSocketFactory() BuildConfig.CHECK_SSL----true");
        return new SSLSocketFactory(b(context));
    }
}
