package com.ijinshan.safe;

import android.os.Bundle;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertStore;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Observable;
import java.util.Observer;
import java.util.Set;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: X509CertificateStrictValidator.java */
/* loaded from: classes.dex */
public class w extends Observable implements X509TrustManager {

    /* renamed from: a, reason: collision with root package name */
    private final X509TrustManager f4499a;

    public w() {
        TrustManagerFactory trustManagerFactory;
        try {
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            try {
                trustManagerFactory2.init((KeyStore) null);
                trustManagerFactory = trustManagerFactory2;
            } catch (Exception e) {
                trustManagerFactory = trustManagerFactory2;
            }
        } catch (Exception e2) {
            trustManagerFactory = null;
        }
        this.f4499a = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
    }

    private Set a() {
        X509Certificate[] acceptedIssuers = this.f4499a.getAcceptedIssuers();
        HashSet hashSet = new HashSet();
        for (X509Certificate x509Certificate : acceptedIssuers) {
            hashSet.add(new TrustAnchor(x509Certificate, null));
        }
        return hashSet;
    }

    private boolean a(Set set, X509Certificate[] x509CertificateArr) {
        System.setProperty("com.sun.net.ssl.checkRevocation", "true");
        System.setProperty("com.sun.security.enableCRLDP", "true");
        Security.setProperty("ocsp.enable", "true");
        try {
            X509CertSelector x509CertSelector = new X509CertSelector();
            x509CertSelector.setSubject(x509CertificateArr[0].getSubjectX500Principal());
            PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters((Set<TrustAnchor>) set, x509CertSelector);
            pKIXBuilderParameters.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(Arrays.asList(x509CertificateArr))));
            pKIXBuilderParameters.setRevocationEnabled(true);
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public void a(String str, Observer observer) {
        SSLContext sSLContext;
        addObserver(observer);
        try {
            sSLContext = SSLContext.getInstance("SSL");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            sSLContext = null;
        }
        try {
            sSLContext.init(null, new TrustManager[]{this}, new SecureRandom());
        } catch (KeyManagementException e2) {
        }
        try {
            ((SSLSocket) sSLContext.getSocketFactory().createSocket(str, 443)).startHandshake();
        } catch (IOException e3) {
        }
        notifyObservers();
        deleteObservers();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        Bundle bundle = new Bundle();
        if (this.f4499a != null) {
            bundle.putBoolean("cert_validated", a(a(), x509CertificateArr));
        }
        notifyObservers(bundle);
        deleteObservers();
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}
