package com.bochklaunchflow.okhttp.https;

import android.content.Context;
import android.content.res.AssetManager;
import com.bochklaunchflow.base.AppSecuityConfig;
import com.bochklaunchflow.utils.BOCLFLogUtil;
import com.bochklaunchflow.utils.BOCLFUtils;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/* loaded from: classes.dex */
public class TrustedKeyStoreConfig {
    private static final String TAG = "TrustedKeyStoreConfig";
    private static Set<String> localCertCNSet;
    private static KeyStore trustedKeyStore;

    public static final Set<String> getCNFromLocalCerts() {
        return localCertCNSet;
    }

    private static final KeyStore getDefaultKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            return keyStore;
        } catch (IOException e10) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e10.printStackTrace();
            }
            BOCLFLogUtil.e(TAG, "Cannot generate default KeyStore");
            return null;
        } catch (KeyStoreException e11) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e11.printStackTrace();
            }
            BOCLFLogUtil.e(TAG, "Cannot generate default KeyStore");
            return null;
        } catch (NoSuchAlgorithmException e12) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e12.printStackTrace();
            }
            BOCLFLogUtil.e(TAG, "Cannot generate default KeyStore");
            return null;
        } catch (CertificateException e13) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e13.printStackTrace();
            }
            BOCLFLogUtil.e(TAG, "Cannot generate default KeyStore");
            return null;
        }
    }

    private static KeyStore getKeyStoreFromLocalCerts(Context context) {
        AssetManager assets;
        String[] list;
        KeyStore keyStore;
        X509Certificate x509Certificate;
        boolean z9;
        if (context == null) {
            String str = TAG;
            BOCLFLogUtil.e(str, "Context of " + str + " is null; use the default KeyStore");
            localCertCNSet = new HashSet();
            return getDefaultKeyStore();
        }
        try {
            BOCLFLogUtil.i("CertificateScan", "Reminder: please clear the project after adding any cert in cert folder");
            assets = context.getResources().getAssets();
            list = assets.list("certs");
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
        } catch (FileNotFoundException e10) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e10.printStackTrace();
            }
        } catch (IOException e11) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e11.printStackTrace();
            }
        } catch (KeyStoreException e12) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e12.printStackTrace();
            }
        } catch (NoSuchAlgorithmException e13) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e13.printStackTrace();
            }
        } catch (CertificateException e14) {
            if (AppSecuityConfig.SHOW_PRINT_STACK) {
                e14.printStackTrace();
            }
        }
        if (list == null || list.length <= 0) {
            BOCLFLogUtil.e(TAG, "certNameList is null or empty");
            BOCLFLogUtil.e(TAG, "got exception; use the default KeyStore");
            localCertCNSet = new HashSet();
            return getDefaultKeyStore();
        }
        localCertCNSet = new HashSet();
        BOCLFLogUtil.i(TAG, "=======================start scan cert=======================");
        InputStream inputStream = null;
        for (int i10 = 0; i10 < list.length; i10++) {
            try {
                try {
                    inputStream = assets.open("certs/" + list[i10]);
                    String str2 = "";
                    try {
                        try {
                            x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
                            try {
                                String name = x509Certificate.getSubjectDN().getName();
                                str2 = name.substring(name.indexOf("CN=") + 3, name.indexOf(",", name.indexOf("CN=") + 3));
                                localCertCNSet.add(str2);
                                z9 = true;
                            } catch (CertificateException unused) {
                                BOCLFLogUtil.e(TAG, "certificate:" + list[i10] + " cannot parse into X509 certificate");
                                z9 = false;
                                if (x509Certificate != null) {
                                    KeyStore.TrustedCertificateEntry trustedCertificateEntry = new KeyStore.TrustedCertificateEntry(x509Certificate);
                                    String substring = list[i10].substring(0, list[i10].indexOf("."));
                                    keyStore.setEntry(substring, trustedCertificateEntry, null);
                                    BOCLFLogUtil.i(TAG, "added CERT:[" + list[i10] + "] with ALIAS:[" + substring + "] CN:[" + str2 + "] successfully");
                                }
                            }
                        } catch (CertificateException unused2) {
                            x509Certificate = null;
                        }
                        if (x509Certificate != null && z9) {
                            KeyStore.TrustedCertificateEntry trustedCertificateEntry2 = new KeyStore.TrustedCertificateEntry(x509Certificate);
                            String substring2 = list[i10].substring(0, list[i10].indexOf("."));
                            keyStore.setEntry(substring2, trustedCertificateEntry2, null);
                            BOCLFLogUtil.i(TAG, "added CERT:[" + list[i10] + "] with ALIAS:[" + substring2 + "] CN:[" + str2 + "] successfully");
                        }
                    } catch (NullPointerException unused3) {
                        BOCLFLogUtil.e(TAG, "certificate:" + list[i10] + " is null");
                    }
                } finally {
                    BOCLFUtils.safeClose(inputStream);
                }
            } catch (Exception e15) {
                if (AppSecuityConfig.SHOW_PRINT_STACK) {
                    e15.printStackTrace();
                }
            }
        }
        BOCLFLogUtil.i(TAG, "=======================end scan cert=======================");
        return keyStore;
    }

    public static final KeyStore getTrustedKeyStore() {
        KeyStore keyStore = trustedKeyStore;
        return keyStore == null ? getDefaultKeyStore() : keyStore;
    }

    public static final boolean insert(Context context, Map<String, X509Certificate> map) {
        if (map == null || map.size() == 0) {
            BOCLFLogUtil.w(TAG, "===[insert: certNameToList is empty; the original TrustedKeyStore remains unchanged]===");
            return true;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            Enumeration<String> aliases = trustedKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate x509Certificate = (X509Certificate) trustedKeyStore.getCertificate(nextElement);
                keyStore.setEntry(nextElement, new KeyStore.TrustedCertificateEntry(x509Certificate), null);
                String name = x509Certificate.getSubjectDN().getName();
                String substring = name.substring(name.indexOf("CN=") + 3, name.indexOf(",", name.indexOf("CN=") + 3));
                BOCLFLogUtil.i(TAG, "insert: copying cert with ALIAS:[" + nextElement + "] CN:[" + substring + "] successfully");
            }
            BOCLFLogUtil.i(TAG, "insert: copying cert end -------------------------------------");
            for (String str : map.keySet()) {
                if (str != null && map.get(str) != null) {
                    keyStore.setEntry(str, new KeyStore.TrustedCertificateEntry(map.get(str)), null);
                    String str2 = "";
                    try {
                        String name2 = map.get(str).getSubjectDN().getName();
                        str2 = name2.substring(name2.indexOf("CN=") + 3, name2.indexOf(",", name2.indexOf("CN=") + 3));
                    } catch (Exception unused) {
                        BOCLFLogUtil.w(TAG, "insert: cannot get cert with ALIAS:[" + str + "]'s CN name");
                    }
                    BOCLFLogUtil.i(TAG, "inserted cert with ALIAS:[" + str + "] CN:[" + str2 + "] successfully");
                }
            }
            trustedKeyStore = keyStore;
            String str3 = TAG;
            BOCLFLogUtil.i(str3, "===[inserted " + map.size() + " certs into TrustedKeyStore successfully]===");
            BOCLFLogUtil.i(str3, "===[They are " + trustedKeyStore.size() + " certs in total at present.]===");
            return true;
        } catch (IOException e10) {
            BOCLFLogUtil.e(TAG, "insert process terminated; ; #4 got exception: " + e10.getMessage());
            return false;
        } catch (KeyStoreException e11) {
            BOCLFLogUtil.e(TAG, "insert process terminated; ; #1 got exception: " + e11.getMessage());
            return false;
        } catch (NoSuchAlgorithmException e12) {
            BOCLFLogUtil.e(TAG, "insert process terminated; ; #2 got exception: " + e12.getMessage());
            return false;
        } catch (CertificateException e13) {
            BOCLFLogUtil.e(TAG, "insert process terminated; ; #3 got exception: " + e13.getMessage());
            return false;
        }
    }

    public static void setup(Context context) {
        trustedKeyStore = getKeyStoreFromLocalCerts(context);
    }
}
