package com.qihoo.frame.network.c;

import java.io.ByteArrayInputStream;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.TypeCastException;
import kotlin.jvm.internal.s;
import okhttp3.OkHttpClient;

/* loaded from: classes.dex */
public final class b {

    /* renamed from: a, reason: collision with root package name */
    public static final b f1633a = new b();
    private static final ArrayList<X509Certificate> b = new ArrayList<>();

    /* loaded from: classes.dex */
    private static final class a implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        private boolean f1634a;
        private final X509TrustManager b;

        public a(X509TrustManager x509TrustManager) {
            this.b = x509TrustManager;
        }

        public final void a() {
            this.f1634a = true;
        }

        public final void b() {
            this.f1634a = false;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            s.b(x509CertificateArr, "chain");
            s.b(str, "authType");
            X509TrustManager x509TrustManager = this.b;
            if (x509TrustManager != null) {
                x509TrustManager.checkClientTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            s.b(str, "authType");
            X509TrustManager x509TrustManager = this.b;
            if (x509TrustManager != null) {
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
            }
            if (x509CertificateArr != null) {
                boolean z = true;
                if (!(x509CertificateArr.length == 0)) {
                    for (X509Certificate x509Certificate : x509CertificateArr) {
                        x509Certificate.checkValidity();
                    }
                    X509Certificate x509Certificate2 = x509CertificateArr[0];
                    ArrayList a2 = b.a(b.f1633a);
                    if (!(a2 instanceof Collection) || !a2.isEmpty()) {
                        Iterator it = a2.iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            if (s.a(x509Certificate2.getPublicKey(), ((X509Certificate) it.next()).getPublicKey())) {
                                z = false;
                                break;
                            }
                        }
                    }
                    if (z) {
                        throw new CertificateException("Invalid cert.");
                    }
                    return;
                }
            }
            throw new CertificateException("No cert found.");
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            X509TrustManager x509TrustManager;
            if (this.f1634a || (x509TrustManager = this.b) == null) {
                return new X509Certificate[0];
            }
            X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
            s.a((Object) acceptedIssuers, "mTrustManager.acceptedIssuers");
            return acceptedIssuers;
        }
    }

    private b() {
    }

    public static final /* synthetic */ ArrayList a(b bVar) {
        return b;
    }

    private final X509TrustManager a() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            s.a((Object) trustManagerFactory, "trustManagerFactory");
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
        } catch (Throwable th) {
            th.printStackTrace();
        }
        return null;
    }

    private final X509Certificate b(String str) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            Charset charset = kotlin.text.d.f3844a;
            if (str == null) {
                throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = str.getBytes(charset);
            s.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
            Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(bytes));
            if (generateCertificate != null) {
                return (X509Certificate) generateCertificate;
            }
            throw new TypeCastException("null cannot be cast to non-null type java.security.cert.X509Certificate");
        } catch (Exception unused) {
            return null;
        }
    }

    public final void a(String str) {
        s.b(str, "key");
        X509Certificate b2 = b(str);
        if (b2 != null) {
            b.add(b2);
        }
    }

    public final void a(OkHttpClient.Builder builder) {
        s.b(builder, "builder");
        a aVar = new a(a());
        aVar.a();
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{aVar}, new SecureRandom());
            s.a((Object) sSLContext, "ssl");
            builder.sslSocketFactory(sSLContext.getSocketFactory(), aVar);
        } catch (Throwable th) {
            th.printStackTrace();
        }
        aVar.b();
    }
}
