package com.tencent.luggage.launch;

import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes4.dex */
public class cyo implements X509TrustManager {
    private KeyStore j;
    private final boolean k;
    private X509Certificate[] n;
    private List<String> l = null;
    private KeyStore m = null;
    private LinkedList<X509TrustManager> h = new LinkedList<>();
    private LinkedList<X509TrustManager> i = new LinkedList<>();

    public cyo(boolean z) {
        this.k = z;
        try {
            this.j = KeyStore.getInstance(KeyStore.getDefaultType());
            this.j.load(null, null);
        } catch (Exception e) {
            eje.h("MicroMsg.AppBrandX509TrustManager", e, "Exception: Local KeyStore init failed", new Object[0]);
        }
    }

    private void i() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int i = 0;
            while (trustManagers != null) {
                if (i >= trustManagers.length) {
                    return;
                }
                this.h.add((X509TrustManager) trustManagers[i]);
                i++;
            }
        } catch (Exception e) {
            eje.h("MicroMsg.AppBrandX509TrustManager", e, "Exception: init SystemTrustManager", new Object[0]);
        }
    }

    private void j() {
        if (this.j == null) {
            return;
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(this.j);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int i = 0;
            while (trustManagers != null) {
                if (i >= trustManagers.length) {
                    return;
                }
                this.i.add((X509TrustManager) trustManagers[i]);
                i++;
            }
        } catch (Exception e) {
            eje.h("MicroMsg.AppBrandX509TrustManager", e, "Exception: init LocalTrustManager", new Object[0]);
        }
    }

    private void k() {
        ArrayList arrayList = new ArrayList();
        long currentTimeMillis = System.currentTimeMillis();
        Iterator<X509TrustManager> it = this.h.iterator();
        while (it.hasNext()) {
            X509Certificate[] acceptedIssuers = it.next().getAcceptedIssuers();
            if (acceptedIssuers != null) {
                arrayList.addAll(Arrays.asList(acceptedIssuers));
            }
        }
        long currentTimeMillis2 = System.currentTimeMillis();
        Iterator<X509TrustManager> it2 = this.i.iterator();
        while (it2.hasNext()) {
            X509Certificate[] acceptedIssuers2 = it2.next().getAcceptedIssuers();
            if (acceptedIssuers2 != null) {
                arrayList.addAll(Arrays.asList(acceptedIssuers2));
            }
        }
        long currentTimeMillis3 = System.currentTimeMillis();
        this.n = new X509Certificate[arrayList.size()];
        this.n = (X509Certificate[]) arrayList.toArray(this.n);
        eje.k("MicroMsg.AppBrandX509TrustManager", "initAcceptedIssuers: %d, %d, %d", Long.valueOf(currentTimeMillis2 - currentTimeMillis), Long.valueOf(currentTimeMillis3 - currentTimeMillis2), Long.valueOf(System.currentTimeMillis() - currentTimeMillis3));
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        throw new CertificateException("Client Certification not supported");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        boolean z;
        boolean z2;
        boolean z3 = false;
        ((dgw) sp.i(dgw.class)).h(1011L, 0L, 1L, false);
        eje.k("MicroMsg.AppBrandX509TrustManager", "trust manager size:" + this.h.size());
        Iterator<X509TrustManager> it = this.h.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            X509TrustManager next = it.next();
            try {
                eje.k("MicroMsg.AppBrandX509TrustManager", "try system trust:" + next.toString());
                next.checkServerTrusted(x509CertificateArr, str);
                eje.k("MicroMsg.AppBrandX509TrustManager", "system trust:" + next.toString());
                z3 = true;
                break;
            } catch (CertificateException e) {
                eje.h("MicroMsg.AppBrandX509TrustManager", e, "CertificateException: SystemTrustManagers checkServerTrusted", new Object[0]);
                z3 = false;
            }
        }
        if (z3) {
            eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted systemTrusted true");
            ((dgw) sp.i(dgw.class)).h(1011L, 1L, 1L, false);
            return;
        }
        eje.k("MicroMsg.AppBrandX509TrustManager", "try local trust size:%d", Integer.valueOf(this.i.size()));
        boolean z4 = false;
        Iterator<X509TrustManager> it2 = this.i.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            X509TrustManager next2 = it2.next();
            try {
                next2.checkServerTrusted(x509CertificateArr, str);
                eje.k("MicroMsg.AppBrandX509TrustManager", "local trust:" + next2.toString());
                z4 = true;
                break;
            } catch (CertificateException e2) {
                eje.h("MicroMsg.AppBrandX509TrustManager", e2, "CertificateException: LocalTrustManagers checkServerTrusted", new Object[0]);
                z4 = false;
            }
        }
        if (z4) {
            eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted localTrusted true");
            ((dgw) sp.i(dgw.class)).h(1011L, 2L, 1L, false);
            return;
        }
        if (this.k) {
            eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted debug type");
            boolean z5 = false;
            try {
                try {
                    if (this.m == null) {
                        this.m = KeyStore.getInstance("AndroidCAStore");
                        this.m.load(null, null);
                    }
                    if (this.l == null) {
                        this.l = new ArrayList();
                        Enumeration<String> aliases = this.m.aliases();
                        while (aliases.hasMoreElements()) {
                            String nextElement = aliases.nextElement();
                            if (nextElement != null && nextElement.startsWith("user:")) {
                                this.l.add(nextElement);
                            }
                        }
                    }
                    if (this.l.size() > 0) {
                        Iterator<String> it3 = this.l.iterator();
                        z = false;
                        while (it3.hasNext()) {
                            try {
                                try {
                                    X509Certificate x509Certificate = (X509Certificate) this.m.getCertificate(it3.next());
                                    int length = x509CertificateArr.length;
                                    int i = 0;
                                    while (true) {
                                        if (i >= length) {
                                            z2 = z;
                                            break;
                                        }
                                        try {
                                            x509CertificateArr[i].verify(x509Certificate.getPublicKey());
                                            z2 = true;
                                            break;
                                        } catch (Exception e3) {
                                            eje.h("MicroMsg.AppBrandX509TrustManager", e3, "Exception: check user verify certificate", new Object[0]);
                                            i++;
                                        }
                                    }
                                    z = z2;
                                } catch (Exception e4) {
                                    e = e4;
                                    z5 = z;
                                    eje.h("MicroMsg.AppBrandX509TrustManager", e, "Exception: check user certificate", new Object[0]);
                                    ((dgw) sp.i(dgw.class)).h(1011L, 8L, 1L, false);
                                    if (z5) {
                                        eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check success");
                                        ((dgw) sp.i(dgw.class)).h(1011L, 3L, 1L, false);
                                        return;
                                    } else {
                                        eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check fail");
                                        ((dgw) sp.i(dgw.class)).h(1011L, 10L, 1L, false);
                                        throw new CertificateException("Server Certificate not trusted");
                                    }
                                }
                            } catch (IOException e5) {
                                e = e5;
                                z5 = z;
                                eje.h("MicroMsg.AppBrandX509TrustManager", e, "IOException: check user certificate", new Object[0]);
                                ((dgw) sp.i(dgw.class)).h(1011L, 7L, 1L, false);
                                if (z5) {
                                    eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check success");
                                    ((dgw) sp.i(dgw.class)).h(1011L, 3L, 1L, false);
                                    return;
                                } else {
                                    eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check fail");
                                    ((dgw) sp.i(dgw.class)).h(1011L, 10L, 1L, false);
                                    throw new CertificateException("Server Certificate not trusted");
                                }
                            } catch (KeyStoreException e6) {
                                e = e6;
                                z5 = z;
                                eje.h("MicroMsg.AppBrandX509TrustManager", e, "KeyStoreException: check user certificate", new Object[0]);
                                ((dgw) sp.i(dgw.class)).h(1011L, 5L, 1L, false);
                                if (z5) {
                                    eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check success");
                                    ((dgw) sp.i(dgw.class)).h(1011L, 3L, 1L, false);
                                    return;
                                } else {
                                    eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check fail");
                                    ((dgw) sp.i(dgw.class)).h(1011L, 10L, 1L, false);
                                    throw new CertificateException("Server Certificate not trusted");
                                }
                            } catch (NoSuchAlgorithmException e7) {
                                e = e7;
                                z5 = z;
                                eje.h("MicroMsg.AppBrandX509TrustManager", e, "NoSuchAlgorithmException: check user certificate", new Object[0]);
                                ((dgw) sp.i(dgw.class)).h(1011L, 6L, 1L, false);
                                if (z5) {
                                    eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check success");
                                    ((dgw) sp.i(dgw.class)).h(1011L, 3L, 1L, false);
                                    return;
                                } else {
                                    eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check fail");
                                    ((dgw) sp.i(dgw.class)).h(1011L, 10L, 1L, false);
                                    throw new CertificateException("Server Certificate not trusted");
                                }
                            } catch (Throwable th) {
                                th = th;
                                z5 = z;
                                if (z5) {
                                    eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check success");
                                    ((dgw) sp.i(dgw.class)).h(1011L, 3L, 1L, false);
                                    return;
                                } else {
                                    eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check fail");
                                    ((dgw) sp.i(dgw.class)).h(1011L, 10L, 1L, false);
                                    throw th;
                                }
                            }
                        }
                    } else {
                        eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check aliasList null");
                        ((dgw) sp.i(dgw.class)).h(1011L, 9L, 1L, false);
                        z = false;
                    }
                    if (z) {
                        eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check success");
                        ((dgw) sp.i(dgw.class)).h(1011L, 3L, 1L, false);
                        return;
                    } else {
                        eje.k("MicroMsg.AppBrandX509TrustManager", "checkServerTrusted self check fail");
                        ((dgw) sp.i(dgw.class)).h(1011L, 10L, 1L, false);
                    }
                } catch (Throwable th2) {
                    th = th2;
                }
            } catch (IOException e8) {
                e = e8;
            } catch (KeyStoreException e9) {
                e = e9;
            } catch (NoSuchAlgorithmException e10) {
                e = e10;
            } catch (Exception e11) {
                e = e11;
            }
        } else {
            ((dgw) sp.i(dgw.class)).h(1011L, 4L, 1L, false);
        }
        throw new CertificateException("Server Certificate not trusted");
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.n;
    }

    public void h() {
        long k = ejv.k();
        i();
        j();
        k();
        eje.l("MicroMsg.AppBrandX509TrustManager", "init() cost[%dms]", Long.valueOf(ejv.k() - k));
    }

    public void h(InputStream inputStream) {
        if (this.j == null) {
            eje.i("MicroMsg.AppBrandX509TrustManager", "local keystore is null");
            return;
        }
        try {
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
                inputStream.close();
                this.j.setCertificateEntry(((X509Certificate) generateCertificate).getSubjectDN() + "", generateCertificate);
            } catch (Throwable th) {
                inputStream.close();
                throw th;
            }
        } catch (Exception e) {
            eje.h("MicroMsg.AppBrandX509TrustManager", e, "Exception: initLocalSelfSignedCertificate", new Object[0]);
        }
    }
}
