package com.xunxintech.ruyue.coach.client.lib_net.helper.https;

import com.xunxintech.ruyue.coach.client.lib_log.RyLog;
import com.xunxintech.ruyue.coach.client.lib_net.INetConfig;
import com.xunxintech.ruyue.coach.client.lib_net.https.ISslTrustParam;
import com.xunxintech.ruyue.coach.client.lib_net.https.SelfTrustManager;
import com.xunxintech.ruyue.coach.client.lib_net.https.SelfTrustRigorManager;
import com.xunxintech.ruyue.coach.client.lib_net.https.UnSafeTrustManager;
import com.xunxintech.ruyue.coach.client.lib_net.https.bean.EnumSslType;
import com.xunxintech.ruyue.coach.client.lib_utils.other.NullPointUtils;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;

/* loaded from: classes2.dex */
public class HttpsUtil {

    /* renamed from: com.xunxintech.ruyue.coach.client.lib_net.helper.https.HttpsUtil$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass1 {
        public static final /* synthetic */ int[] $SwitchMap$com$xunxintech$ruyue$coach$client$lib_net$https$bean$EnumSslType;

        static {
            int[] iArr = new int[EnumSslType.values().length];
            $SwitchMap$com$xunxintech$ruyue$coach$client$lib_net$https$bean$EnumSslType = iArr;
            try {
                iArr[EnumSslType.ALL.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$xunxintech$ruyue$coach$client$lib_net$https$bean$EnumSslType[EnumSslType.ONE_WAY_AUTH.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$xunxintech$ruyue$coach$client$lib_net$https$bean$EnumSslType[EnumSslType.ONE_WAY_AUTH_RIGOR.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    public static OkHttpClient.Builder appendHttpsSupport(OkHttpClient.Builder builder, INetConfig iNetConfig) {
        try {
            if (iNetConfig.getSslTrust() != null && !NullPointUtils.isEmpty(iNetConfig.getSslTrust().getParam())) {
                ISslTrustParam param = iNetConfig.getSslTrust().getParam();
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                int i2 = AnonymousClass1.$SwitchMap$com$xunxintech$ruyue$coach$client$lib_net$https$bean$EnumSslType[param.getType().ordinal()];
                X509TrustManager selfTrustRigorManager = i2 != 1 ? i2 != 2 ? i2 != 3 ? null : new SelfTrustRigorManager(SelfTrustRigorManager.chooseTrustManager(trustManagerForCertificates(param.getCertificate()))) : new SelfTrustManager(SelfTrustRigorManager.chooseTrustManager(trustManagerForCertificates(param.getCertificate()))) : new UnSafeTrustManager();
                sSLContext.init(keyManagerForCertificates(param.getBksFile(), param.getPassword()), new TrustManager[]{selfTrustRigorManager}, null);
                builder.sslSocketFactory(sSLContext.getSocketFactory(), selfTrustRigorManager);
            }
        } catch (Exception e2) {
            RyLog.e("get Default OkHttpClient fail.", e2);
        }
        return builder;
    }

    public static KeyManager[] keyManagerForCertificates(InputStream inputStream, String str) {
        try {
            if (NullPointUtils.isEmpty(inputStream, str)) {
                return null;
            }
            KeyStore keyStore = KeyStore.getInstance("BKS");
            keyStore.load(inputStream, str.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, str.toCharArray());
            if (inputStream != null) {
                inputStream.close();
            }
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e2) {
            RyLog.e("get keyManagerForCertificates fail.", e2);
            return null;
        }
    }

    public static TrustManager[] trustManagerForCertificates(InputStream inputStream) {
        try {
            Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(inputStream);
            if (generateCertificates.isEmpty()) {
                throw new IllegalArgumentException("expected non-empty set of trusted certificates");
            }
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            int i2 = 0;
            Iterator<? extends Certificate> it = generateCertificates.iterator();
            while (it.hasNext()) {
                keyStore.setCertificateEntry(Integer.toString(i2), it.next());
                i2++;
            }
            if (inputStream != null) {
                inputStream.close();
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e2) {
            RyLog.e("get trustManagerForCertificates fail.", e2);
            return null;
        }
    }
}
