package com.bochklaunchflow.okhttp.https;

import android.content.Context;
import android.content.res.AssetManager;
import com.bochklaunchflow.base.AppSecuityConfig;
import com.bochklaunchflow.utils.BOCLFLogUtil;
import com.bochklaunchflow.utils.BOCLFUtils;
import com.lc.commonlib.FileUtils;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/* loaded from: classes.dex */
public class TrustedKeyStoreConfig {
    private static final String TAG = "TrustedKeyStoreConfig";
    private static Set<String> localCertCNSet;
    private static HashMap<String, HashMap<String, Certificate>> localCerts;
    private static KeyStore trustedKeyStore;

    public static final Set<String> getCNFromLocalCerts() {
        return localCertCNSet;
    }

    private static final KeyStore getDefaultKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            return keyStore;
        } catch (IOException e) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e.printStackTrace();
            }
            BOCLFLogUtil.e(TAG, "Cannot generate default KeyStore");
            return null;
        } catch (KeyStoreException e2) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e2.printStackTrace();
            }
            BOCLFLogUtil.e(TAG, "Cannot generate default KeyStore");
            return null;
        } catch (NoSuchAlgorithmException e3) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e3.printStackTrace();
            }
            BOCLFLogUtil.e(TAG, "Cannot generate default KeyStore");
            return null;
        } catch (CertificateException e4) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e4.printStackTrace();
            }
            BOCLFLogUtil.e(TAG, "Cannot generate default KeyStore");
            return null;
        }
    }

    private static KeyStore getKeyStoreFromLocalCerts(Context context) {
        HashSet hashSet;
        AssetManager assets;
        String[] list;
        KeyStore keyStore;
        X509Certificate x509Certificate;
        boolean z;
        if (context != null) {
            try {
                BOCLFLogUtil.i("CertificateScan", "Reminder: please clear the project after adding any cert in cert folder");
                assets = context.getResources().getAssets();
                list = assets.list("certs");
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
            } catch (FileNotFoundException e) {
                if (AppSecuityConfig.SHOW_PRINT_STACK) {
                    e.printStackTrace();
                }
            } catch (IOException e2) {
                if (AppSecuityConfig.SHOW_PRINT_STACK) {
                    e2.printStackTrace();
                }
            } catch (KeyStoreException e3) {
                if (AppSecuityConfig.SHOW_PRINT_STACK) {
                    e3.printStackTrace();
                }
            } catch (NoSuchAlgorithmException e4) {
                if (AppSecuityConfig.SHOW_PRINT_STACK) {
                    e4.printStackTrace();
                }
            } catch (CertificateException e5) {
                if (AppSecuityConfig.SHOW_PRINT_STACK) {
                    e5.printStackTrace();
                }
            }
            if (list != null && list.length > 0) {
                localCertCNSet = new HashSet();
                localCerts = new HashMap<>();
                BOCLFLogUtil.i(TAG, "=======================start scan cert=======================");
                InputStream inputStream = null;
                for (int i = 0; i < list.length; i++) {
                    try {
                        try {
                            inputStream = assets.open("certs/" + list[i]);
                            String str = "";
                            try {
                                try {
                                    x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
                                } catch (NullPointerException unused) {
                                    BOCLFLogUtil.e(TAG, "certificate:" + list[i] + " is null");
                                }
                            } catch (CertificateException unused2) {
                                x509Certificate = null;
                            }
                            try {
                                String name = x509Certificate.getSubjectDN().getName();
                                str = name.substring(name.indexOf("CN=") + 3, name.indexOf(",", name.indexOf("CN=") + 3));
                                localCertCNSet.add(str);
                                z = true;
                            } catch (CertificateException unused3) {
                                BOCLFLogUtil.e(TAG, "certificate:" + list[i] + " cannot parse into X509 certificate");
                                z = false;
                                if (x509Certificate != null) {
                                    KeyStore.TrustedCertificateEntry trustedCertificateEntry = new KeyStore.TrustedCertificateEntry(x509Certificate);
                                    String substring = list[i].substring(0, list[i].indexOf(FileUtils.FILE_EXTENSION_SEPARATOR));
                                    HashMap<String, Certificate> hashMap = new HashMap<>();
                                    hashMap.put(substring, x509Certificate);
                                    localCerts.put(str, hashMap);
                                    keyStore.setEntry(substring, trustedCertificateEntry, null);
                                    BOCLFLogUtil.i(TAG, "added CERT:[" + list[i] + "] with ALIAS:[" + substring + "] CN:[" + str + "] successfully");
                                }
                            }
                            if (x509Certificate != null && z) {
                                KeyStore.TrustedCertificateEntry trustedCertificateEntry2 = new KeyStore.TrustedCertificateEntry(x509Certificate);
                                String substring2 = list[i].substring(0, list[i].indexOf(FileUtils.FILE_EXTENSION_SEPARATOR));
                                HashMap<String, Certificate> hashMap2 = new HashMap<>();
                                hashMap2.put(substring2, x509Certificate);
                                localCerts.put(str, hashMap2);
                                keyStore.setEntry(substring2, trustedCertificateEntry2, null);
                                BOCLFLogUtil.i(TAG, "added CERT:[" + list[i] + "] with ALIAS:[" + substring2 + "] CN:[" + str + "] successfully");
                            }
                        } catch (Exception e6) {
                            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                                e6.printStackTrace();
                            }
                        }
                    } finally {
                        BOCLFUtils.safeClose(inputStream);
                    }
                }
                BOCLFLogUtil.i(TAG, "=======================end scan cert=======================");
                return keyStore;
            }
            BOCLFLogUtil.e(TAG, "certNameList is null or empty");
            BOCLFLogUtil.e(TAG, "got exception; use the default KeyStore");
            hashSet = new HashSet();
        } else {
            BOCLFLogUtil.e(TAG, "Context of " + TAG + " is null; use the default KeyStore");
            hashSet = new HashSet();
        }
        localCertCNSet = hashSet;
        return getDefaultKeyStore();
    }

    public static HashMap<String, HashMap<String, Certificate>> getLocalCerts() {
        HashMap<String, HashMap<String, Certificate>> hashMap = localCerts;
        if (hashMap != null) {
            return hashMap;
        }
        return null;
    }

    public static final KeyStore getTrustedKeyStore() {
        KeyStore keyStore = trustedKeyStore;
        return keyStore == null ? getDefaultKeyStore() : keyStore;
    }

    public static final boolean insert(Context context, Map<String, X509Certificate> map) {
        String str;
        StringBuilder sb;
        String message;
        if (map == null || map.size() == 0) {
            BOCLFLogUtil.w(TAG, "===[insert: certNameToList is empty; the original TrustedKeyStore remains unchanged]===");
            return true;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            Enumeration<String> aliases = trustedKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate x509Certificate = (X509Certificate) trustedKeyStore.getCertificate(nextElement);
                keyStore.setEntry(nextElement, new KeyStore.TrustedCertificateEntry(x509Certificate), null);
                String name = x509Certificate.getSubjectDN().getName();
                String substring = name.substring(name.indexOf("CN=") + 3, name.indexOf(",", name.indexOf("CN=") + 3));
                BOCLFLogUtil.i(TAG, "insert: copying cert with ALIAS:[" + nextElement + "] CN:[" + substring + "] successfully");
            }
            BOCLFLogUtil.i(TAG, "insert: copying cert end -------------------------------------");
            for (String str2 : map.keySet()) {
                if (str2 != null && map.get(str2) != null) {
                    keyStore.setEntry(str2, new KeyStore.TrustedCertificateEntry(map.get(str2)), null);
                    String str3 = "";
                    try {
                        String name2 = map.get(str2).getSubjectDN().getName();
                        str3 = name2.substring(name2.indexOf("CN=") + 3, name2.indexOf(",", name2.indexOf("CN=") + 3));
                    } catch (Exception unused) {
                        BOCLFLogUtil.w(TAG, "insert: cannot get cert with ALIAS:[" + str2 + "]'s CN name");
                    }
                    BOCLFLogUtil.i(TAG, "inserted cert with ALIAS:[" + str2 + "] CN:[" + str3 + "] successfully");
                }
            }
            trustedKeyStore = keyStore;
            BOCLFLogUtil.i(TAG, "===[inserted " + map.size() + " certs into TrustedKeyStore successfully]===");
            BOCLFLogUtil.i(TAG, "===[They are " + trustedKeyStore.size() + " certs in total at present.]===");
            return true;
        } catch (IOException e) {
            str = TAG;
            sb = new StringBuilder();
            sb.append("insert process terminated; ; #4 got exception: ");
            message = e.getMessage();
            sb.append(message);
            BOCLFLogUtil.e(str, sb.toString());
            return false;
        } catch (KeyStoreException e2) {
            str = TAG;
            sb = new StringBuilder();
            sb.append("insert process terminated; ; #1 got exception: ");
            message = e2.getMessage();
            sb.append(message);
            BOCLFLogUtil.e(str, sb.toString());
            return false;
        } catch (NoSuchAlgorithmException e3) {
            str = TAG;
            sb = new StringBuilder();
            sb.append("insert process terminated; ; #2 got exception: ");
            message = e3.getMessage();
            sb.append(message);
            BOCLFLogUtil.e(str, sb.toString());
            return false;
        } catch (CertificateException e4) {
            str = TAG;
            sb = new StringBuilder();
            sb.append("insert process terminated; ; #3 got exception: ");
            message = e4.getMessage();
            sb.append(message);
            BOCLFLogUtil.e(str, sb.toString());
            return false;
        }
    }

    public static void setup(Context context) {
        trustedKeyStore = getKeyStoreFromLocalCerts(context);
    }
}
