package com.huawei.mw.plugin.cloud.remote;

import android.content.Context;
import com.huawei.app.common.lib.log.LogUtil;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.AllowAllHostnameVerifier;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;

/* loaded from: classes.dex */
public class SecureSSLSocketFactory extends SSLSocketFactory {
    public static final X509HostnameVerifier ALLOW_ALL_HOSTNAME_VERIFIER = new AllowAllHostnameVerifier();
    private static final String TAG = "MySSLSocketFactory";
    protected ArrayList<X509TrustManager> m509TrustManager;
    SSLContext sslContext;

    public SecureSSLSocketFactory(KeyStore keyStore, Context context) throws Exception {
        super(keyStore);
        InputStream open;
        this.m509TrustManager = new ArrayList<>();
        this.sslContext = SSLContext.getInstance("TLS");
        InputStream inputStream = null;
        try {
            try {
                try {
                    open = context.getAssets().open("hicloudroot.cer");
                    Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(open);
                    keyStore.load(null, null);
                    keyStore.setCertificateEntry("trust", generateCertificate);
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                    for (int i = 0; i < trustManagers.length; i++) {
                        if (trustManagers[i] instanceof X509TrustManager) {
                            this.m509TrustManager.add((X509TrustManager) trustManagers[i]);
                        }
                    }
                } catch (Throwable th) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (IOException e) {
                            LogUtil.i(TAG, e.toString());
                        }
                    }
                    throw th;
                }
            } catch (IOException e2) {
                LogUtil.e("AccountX509TrustManager", "IOException / " + e2.toString());
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (IOException e3) {
                        LogUtil.i(TAG, e3.toString());
                    }
                }
            } catch (KeyStoreException e4) {
                LogUtil.e("AccountX509TrustManager", "KeyStoreException / " + e4.toString());
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (IOException e5) {
                        LogUtil.i(TAG, e5.toString());
                    }
                }
            }
        } catch (NoSuchAlgorithmException e6) {
            LogUtil.e("AccountX509TrustManager", "NoSuchAlgorithmException / " + e6.toString());
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e7) {
                    LogUtil.i(TAG, e7.toString());
                }
            }
        } catch (CertificateException e8) {
            LogUtil.e("AccountX509TrustManager", "CertificateException / " + e8.toString());
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e9) {
                    LogUtil.i(TAG, e9.toString());
                }
            }
        }
        if (this.m509TrustManager.isEmpty()) {
            throw new RuntimeException("Couldn't find a X509TrustManager!");
        }
        LogUtil.v("AccountX509TrustManager", "new AccountX509TrustManager end");
        if (open != null) {
            try {
                open.close();
            } catch (IOException e10) {
                LogUtil.i(TAG, e10.toString());
            }
        }
        this.sslContext.init(null, new X509TrustManager[]{new X509TrustManager() { // from class: com.huawei.mw.plugin.cloud.remote.SecureSSLSocketFactory.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                LogUtil.i(SecureSSLSocketFactory.TAG, "checkServerTrusted");
                SecureSSLSocketFactory.this.m509TrustManager.get(0).checkServerTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }}, new SecureRandom());
    }

    public static void setEnableSafeCipherSuites(SSLSocket sSLSocket) {
        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
        ArrayList arrayList = new ArrayList();
        for (String str : enabledCipherSuites) {
            if (str.contains("AES")) {
                arrayList.add(str);
            }
        }
        sSLSocket.setEnabledCipherSuites((String[]) arrayList.toArray(new String[arrayList.size()]));
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() throws IOException {
        LogUtil.d(TAG, "----createSocket------two---");
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket();
        setEnableSafeCipherSuites(sSLSocket);
        return sSLSocket;
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        LogUtil.d(TAG, "----createSocket------one---");
        SSLSocket sSLSocket = (SSLSocket) this.sslContext.getSocketFactory().createSocket(socket, str, i, z);
        setEnableSafeCipherSuites(sSLSocket);
        return sSLSocket;
    }
}
