package com.taobao.android.ssologinwrapper.remote.httpscer;

import android.content.Context;
import android.util.Log;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import pnf.p000this.object.does.not.Exist;

/* loaded from: classes2.dex */
public class TaoX509TrustManager implements X509TrustManager {
    private Context appContext;
    private static Certificate m_verisignCert = null;
    private static X509TrustManager m_defaultMgr = null;

    public TaoX509TrustManager(Context context) throws Exception {
        this.appContext = context;
        InputStream inputStream = null;
        try {
            try {
                if (m_verisignCert == null) {
                    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                    inputStream = this.appContext.getAssets().open("verisign.cer");
                    m_verisignCert = certificateFactory.generateCertificate(inputStream);
                }
                if (inputStream != null) {
                    inputStream.close();
                }
            } catch (Throwable th) {
                if (inputStream != null) {
                    inputStream.close();
                }
                throw th;
            }
        } catch (Exception e) {
            e.printStackTrace();
            m_verisignCert = null;
            Log.v("usertrack_data", "1,verisign.cer load fail");
            if (inputStream != null) {
                inputStream.close();
            }
        }
        try {
            if (m_defaultMgr == null) {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init((KeyStore) null);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                for (int i = 0; i < trustManagers.length; i++) {
                    if (trustManagers[i] instanceof X509TrustManager) {
                        m_defaultMgr = (X509TrustManager) trustManagers[i];
                        return;
                    }
                }
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            m_defaultMgr = null;
            Log.v("usertrack_data", "6,got default trust fail");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        Exist.b(Exist.a() ? 1 : 0);
        Log.d("https", "checkClientTrusted");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        Log.d("https", "https verify begin");
        if (m_verisignCert == null) {
            return;
        }
        boolean z = false;
        if (x509CertificateArr.length > 0) {
            try {
                String name = x509CertificateArr[0].getSubjectX500Principal().getName();
                Log.d("https", name);
                z = name.contains(".taobao.com");
                if (!z) {
                    z = name.contains(".alipay.com");
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        if (z) {
            String str2 = "";
            for (X509Certificate x509Certificate : x509CertificateArr) {
                try {
                    x509Certificate.checkValidity();
                } catch (CertificateExpiredException e2) {
                    new SimpleDateFormat("yyyy-MM-dd").format(new Date());
                    throw e2;
                } catch (CertificateNotYetValidException e3) {
                    Log.v("https", "cert checkValidity CertificateNotYetValidException:" + x509Certificate.getSubjectDN().toString() + " t:" + new SimpleDateFormat("yyyy-MM-dd").format(new Date()));
                    throw e3;
                } catch (Exception e4) {
                }
                boolean z2 = false;
                try {
                    x509Certificate.verify(m_verisignCert.getPublicKey());
                } catch (InvalidKeyException e5) {
                    str2 = e5.getMessage();
                    z2 = true;
                } catch (NoSuchAlgorithmException e6) {
                    str2 = e6.getMessage();
                    z2 = true;
                } catch (NoSuchProviderException e7) {
                    str2 = e7.getMessage();
                    z2 = true;
                } catch (SignatureException e8) {
                    str2 = e8.getMessage();
                    z2 = true;
                } catch (Exception e9) {
                    e9.printStackTrace();
                    z2 = true;
                }
                if (!z2) {
                    Log.v("https", "--- verify success:" + x509Certificate.getSubjectDN());
                    return;
                }
            }
            Log.d("https", " customize https verify failed:" + str2);
        }
        if (m_defaultMgr != null) {
            try {
                m_defaultMgr.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e10) {
                if (x509CertificateArr.length > 0) {
                    x509CertificateArr[0].getSubjectDN().toString();
                }
                throw e10;
            } catch (Exception e11) {
                e11.printStackTrace();
                if (x509CertificateArr.length > 0) {
                    x509CertificateArr[0].getSubjectDN().toString();
                }
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        Exist.b(Exist.a() ? 1 : 0);
        return null;
    }
}
