package com.huawei.common.net.retrofit.safe;

import com.fmxos.platform.sdk.xiaoyaos.ka.c;
import com.fmxos.platform.sdk.xiaoyaos.ka.e;
import com.fmxos.platform.sdk.xiaoyaos.ta.z;
import com.huawei.audioutils.LogUtils;
import com.huawei.common.net.NetConfig;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class SSLSocketFactoryHelper {
    public static final Object LOCK = new Object();
    public static final String TAG = "SSLSocketFactoryHelper";
    public static final String TLS_PROTOCOL = "TLSv1.2";
    public static volatile X509TrustManager sX509TrustManager;

    /* loaded from: classes2.dex */
    public static class TempSslSocketFactoryEx extends LogSslSocketFactory {
        public TempSslSocketFactoryEx(KeyStore keyStore, String str) {
            super(keyStore, str, "TLSv1.2");
        }

        public TempSslSocketFactoryEx(KeyStore keyStore, List<InputStream> list, String str) {
            super(keyStore, list, str);
            LogUtils.d(SSLSocketFactoryHelper.TAG, "TempSslSocketFactoryEx--");
        }

        @Override // com.huawei.common.net.retrofit.safe.LogSslSocketFactory, javax.net.SocketFactory
        public Socket createSocket() {
            Socket createSocket = getSslContext().getSocketFactory().createSocket();
            if (!(createSocket instanceof SSLSocket)) {
                return createSocket;
            }
            SSLSocket sSLSocket = (SSLSocket) createSocket;
            sSLSocket.setEnabledProtocols(new String[]{"TLSv1.2"});
            LogSslSocketFactory.setEnableSafeCipherSuites(sSLSocket);
            return sSLSocket;
        }

        @Override // com.huawei.common.net.retrofit.safe.LogSslSocketFactory, javax.net.ssl.SSLSocketFactory
        public Socket createSocket(Socket socket, String str, int i, boolean z) {
            Socket createSocket = getSslContext().getSocketFactory().createSocket(socket, str, i, z);
            if (!(createSocket instanceof SSLSocket)) {
                return createSocket;
            }
            SSLSocket sSLSocket = (SSLSocket) createSocket;
            sSLSocket.setEnabledProtocols(new String[]{"TLSv1.2"});
            LogSslSocketFactory.setEnableSafeCipherSuites(sSLSocket);
            return sSLSocket;
        }
    }

    public static List<InputStream> getCertificates() {
        LogUtils.d(TAG, "NetConfig-getCertificates");
        ArrayList arrayList = new ArrayList();
        List<byte[]> list = NetConfig.CERTIFICATES_DATA;
        if (list != null && !list.isEmpty()) {
            Iterator<byte[]> it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(new ByteArrayInputStream(it.next()));
            }
        }
        return arrayList;
    }

    public static HostnameVerifier getHostnameVerifier() {
        return c.a;
    }

    public static SSLSocketFactory getSslSocketFactory(List<InputStream> list) {
        TempSslSocketFactoryEx tempSslSocketFactoryEx;
        LogUtils.d(TAG, "getSslSocketFactory-----");
        if (list == null || list.isEmpty()) {
            return null;
        }
        try {
            tempSslSocketFactoryEx = new TempSslSocketFactoryEx(KeyStore.getInstance(KeyStore.getDefaultType()), list, "TLSv1.2");
        } catch (KeyManagementException unused) {
            tempSslSocketFactoryEx = null;
        } catch (KeyStoreException unused2) {
            tempSslSocketFactoryEx = null;
        } catch (NoSuchAlgorithmException unused3) {
            tempSslSocketFactoryEx = null;
        }
        try {
            LogUtils.d(TAG, "getSslSocketFactory(certificateFiles) is active");
        } catch (KeyManagementException unused4) {
            LogUtils.e(TAG, "key management get fail");
            return tempSslSocketFactoryEx;
        } catch (KeyStoreException unused5) {
            LogUtils.e(TAG, "key store fail");
            return tempSslSocketFactoryEx;
        } catch (NoSuchAlgorithmException unused6) {
            LogUtils.e(TAG, "no such algorithm exception");
            return tempSslSocketFactoryEx;
        }
        return tempSslSocketFactoryEx;
    }

    public static X509TrustManager getX509TrustManager() {
        if (sX509TrustManager == null) {
            synchronized (LOCK) {
                if (sX509TrustManager == null) {
                    sX509TrustManager = initAegisTrustManager();
                }
            }
        }
        return sX509TrustManager;
    }

    public static X509TrustManager initAegisTrustManager() {
        e eVar;
        try {
            eVar = new e(z.c());
        } catch (IOException unused) {
            eVar = null;
        } catch (KeyStoreException unused2) {
            eVar = null;
        } catch (NoSuchAlgorithmException unused3) {
            eVar = null;
        } catch (CertificateException unused4) {
            eVar = null;
        }
        try {
            LogUtils.d(TAG, "initAegisX509TrustManager is active");
        } catch (IOException unused5) {
            LogUtils.e(TAG, "init aegisTrustManager IO exception");
            return eVar;
        } catch (KeyStoreException unused6) {
            LogUtils.e(TAG, "key store fail");
            return eVar;
        } catch (NoSuchAlgorithmException unused7) {
            LogUtils.e(TAG, "no such algorithm");
            return eVar;
        } catch (CertificateException unused8) {
            LogUtils.e(TAG, "certificate init fail");
            return eVar;
        }
        return eVar;
    }
}
