package com.heytap.instant.upgrade.util;

import android.text.TextUtils;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:classes.jar:com/heytap/instant/upgrade/util/CustomTrustManager.class */
public class CustomTrustManager implements X509TrustManager {
    private static final String TAG = "upgrade_trmng";
    protected X509TrustManager trustManager;
    KeyStore mKeyStore;
    private final boolean needCheckHttpsCert = true;
    Map<String, String> mMemoryCache = new ConcurrentHashMap();
    Map<X509Certificate, String> sysCerts = new HashMap();
    List<X509Certificate> userCerts = new ArrayList();
    AtomicBoolean localCertsLoaded = new AtomicBoolean(false);
    Object mLock = new Object();
    ExecutorService executorService = Executors.newSingleThreadExecutor();

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [java.security.KeyStore] */
    /* JADX WARN: Type inference failed for: r0v8, types: [com.heytap.instant.upgrade.util.CustomTrustManager] */
    /* JADX WARN: Type inference failed for: r0v9, types: [java.lang.Throwable] */
    public CustomTrustManager(X509TrustManager x509TrustManager) {
        ?? r0 = this;
        r0.trustManager = x509TrustManager;
        try {
            this.mKeyStore = KeyStore.getInstance("AndroidCAStore");
            r0 = this.mKeyStore;
            r0.load(null, null);
        } catch (Throwable unused) {
            r0.printStackTrace();
        }
        getCertsFromKeyStore();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        if (this.trustManager != null) {
            this.trustManager.checkClientTrusted(x509CertificateArr, str);
        }
    }

    /* JADX WARN: Not initialized variable reg: 0, insn: 0x0038: THROW (r0 I:java.lang.Throwable), block:B:12:0x0038 */
    @Override // javax.net.ssl.X509TrustManager
    public synchronized void checkServerTrusted(final X509Certificate[] x509CertificateArr, String str) {
        Throwable th;
        try {
            if (this.trustManager != null) {
                this.trustManager.checkServerTrusted(x509CertificateArr, str);
                if (!isTrusted(x509CertificateArr)) {
                    throw new CertificateException("Proxy Certificate");
                }
                this.executorService.submit(new Runnable() { // from class: com.heytap.instant.upgrade.util.CustomTrustManager.1
                    @Override // java.lang.Runnable
                    public void run() {
                        CustomTrustManager.this.cacheCerts(x509CertificateArr);
                    }
                });
            }
        } catch (CertificateException unused) {
            throw th;
        } catch (Throwable th2) {
            throw new CertificateException(th2);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.trustManager != null ? this.trustManager.getAcceptedIssuers() : new X509Certificate[0];
    }

    private boolean isTrusted(X509Certificate[] x509CertificateArr) {
        if (this.localCertsLoaded.get()) {
            return !isUserCerts(x509CertificateArr);
        }
        if (isTrustedUsingCache(x509CertificateArr)) {
            return true;
        }
        if (!isTrustedUsingKeyStroe(x509CertificateArr)) {
            return false;
        }
        removeCache(x509CertificateArr);
        return true;
    }

    private boolean isTrustedUsingCache(X509Certificate[] x509CertificateArr) {
        String[] split;
        String hostFromCert = CertificateUtil.getHostFromCert(x509CertificateArr[0]);
        ArrayList arrayList = new ArrayList();
        if (!TextUtils.isEmpty(hostFromCert)) {
            String str = this.mMemoryCache.containsKey(hostFromCert) ? this.mMemoryCache.get(hostFromCert) : null;
            String str2 = str;
            if (!TextUtils.isEmpty(str) && (split = str2.split(";")) != null) {
                for (String str3 : split) {
                    if (!TextUtils.isEmpty(str3) && !arrayList.contains(str3)) {
                        arrayList.add(str3);
                    }
                }
            }
        }
        return isAllSysCerts(x509CertificateArr, arrayList);
    }

    private boolean isTrustedUsingKeyStroe(X509Certificate[] x509CertificateArr) {
        waitUntileLocalCertsLoaded();
        return !isUserCerts(x509CertificateArr);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.security.cert.X509Certificate[]] */
    /* JADX WARN: Type inference failed for: r0v19 */
    /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v23, types: [java.security.cert.X509Certificate] */
    private boolean isAllSysCerts(X509Certificate[] x509CertificateArr, List<String> list) {
        ?? certsFromAlias = CertificateUtil.getCertsFromAlias(list, this.mKeyStore);
        if (certsFromAlias == 0) {
            return false;
        }
        try {
            boolean z = false;
            for (X509Certificate x509Certificate : x509CertificateArr) {
                String lowerCase = x509Certificate.getIssuerDN().getName().toLowerCase();
                int length = certsFromAlias.length;
                certsFromAlias = 0;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (lowerCase.equals(certsFromAlias[i].getSubjectDN().getName().toLowerCase())) {
                        z = true;
                        break;
                    }
                    i++;
                }
                if (z) {
                    break;
                }
            }
            return z;
        } catch (Throwable unused) {
            certsFromAlias.printStackTrace();
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cacheCerts(X509Certificate[] x509CertificateArr) {
        String hostFromCert = CertificateUtil.getHostFromCert(x509CertificateArr[0]);
        if (TextUtils.isEmpty(hostFromCert) || !this.localCertsLoaded.get() || this.mMemoryCache.containsKey(hostFromCert)) {
            return;
        }
        StringBuilder sb = new StringBuilder();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            String lowerCase = x509Certificate.getIssuerDN().getName().toLowerCase();
            Iterator<X509Certificate> it = this.sysCerts.keySet().iterator();
            while (true) {
                if (it.hasNext()) {
                    X509Certificate next = it.next();
                    if (lowerCase.equals(next.getSubjectDN().getName().toLowerCase())) {
                        sb.append(this.sysCerts.get(next));
                        sb.append(";");
                        break;
                    }
                }
            }
        }
        String sb2 = sb.toString();
        if (TextUtils.isEmpty(sb2)) {
            return;
        }
        this.mMemoryCache.put(hostFromCert, sb2);
    }

    private void removeCache(X509Certificate[] x509CertificateArr) {
        String hostFromCert = CertificateUtil.getHostFromCert(x509CertificateArr[0]);
        if (!TextUtils.isEmpty(hostFromCert) && this.localCertsLoaded.get() && this.mMemoryCache.containsKey(hostFromCert)) {
            this.mMemoryCache.remove(hostFromCert);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x0055, code lost:
    
        r6 = r6 + 1;
     */
    /* JADX WARN: Type inference failed for: r0v16, types: [java.lang.Throwable, boolean] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private boolean isUserCerts(java.security.cert.X509Certificate[] r4) {
        /*
            r3 = this;
            r0 = r4
            int r0 = r0.length     // Catch: java.lang.Throwable -> L5e
            r5 = r0
            r0 = 0
            r6 = r0
        L5:
            r0 = r6
            r1 = r5
            if (r0 >= r1) goto L5b
            r0 = r4
            r1 = r6
            r0 = r0[r1]     // Catch: java.lang.Throwable -> L5e
            java.security.Principal r0 = r0.getIssuerDN()     // Catch: java.lang.Throwable -> L5e
            java.lang.String r0 = r0.getName()     // Catch: java.lang.Throwable -> L5e
            java.lang.String r0 = r0.toLowerCase()     // Catch: java.lang.Throwable -> L5e
            r7 = r0
            r0 = r3
            java.util.List<java.security.cert.X509Certificate> r0 = r0.userCerts     // Catch: java.lang.Throwable -> L5e
            java.util.Iterator r0 = r0.iterator()     // Catch: java.lang.Throwable -> L5e
            r8 = r0
        L25:
            r0 = r8
            boolean r0 = r0.hasNext()     // Catch: java.lang.Throwable -> L5e
            if (r0 == 0) goto L55
            r0 = r8
            java.lang.Object r0 = r0.next()     // Catch: java.lang.Throwable -> L5e
            java.security.cert.X509Certificate r0 = (java.security.cert.X509Certificate) r0     // Catch: java.lang.Throwable -> L5e
            java.security.Principal r0 = r0.getSubjectDN()     // Catch: java.lang.Throwable -> L5e
            java.lang.String r0 = r0.getName()     // Catch: java.lang.Throwable -> L5e
            java.lang.String r0 = r0.toLowerCase()     // Catch: java.lang.Throwable -> L5e
            r9 = r0
            r0 = r7
            r1 = r9
            boolean r0 = r0.equals(r1)     // Catch: java.lang.Throwable -> L5e
            if (r0 == 0) goto L52
            r0 = 1
            return r0
        L52:
            goto L25
        L55:
            int r6 = r6 + 1
            goto L5
        L5b:
            goto L61
        L5e:
            r0.printStackTrace()
        L61:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.heytap.instant.upgrade.util.CustomTrustManager.isUserCerts(java.security.cert.X509Certificate[]):boolean");
    }

    private void getCertsFromKeyStore() {
        new Thread(new Runnable() { // from class: com.heytap.instant.upgrade.util.CustomTrustManager.2
            @Override // java.lang.Runnable
            public void run() {
                System.currentTimeMillis();
                synchronized (CustomTrustManager.this.mLock) {
                    CertificateUtil.getCertsFromKeyStore(CustomTrustManager.this.mKeyStore, CustomTrustManager.this.userCerts, CustomTrustManager.this.sysCerts);
                    CustomTrustManager.this.localCertsLoaded.set(true);
                    CustomTrustManager.this.mLock.notifyAll();
                }
            }
        }).start();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v9, types: [boolean] */
    private void waitUntileLocalCertsLoaded() {
        if (this.localCertsLoaded.get()) {
            return;
        }
        synchronized (this.mLock) {
            InterruptedException interruptedException = this.localCertsLoaded.get();
            if (interruptedException == 0) {
                try {
                    interruptedException = this.mLock;
                    interruptedException.wait();
                } catch (InterruptedException unused) {
                    interruptedException.printStackTrace();
                }
            }
        }
    }
}
