package com.abl.netspay.host;

import android.content.Context;
import android.os.Build;
import android.util.Log;
import cb.c;
import com.abl.netspay.api.NetspayService;
import com.nets.nofsdk.o.h0;
import com.nets.nofsdk.o.o1;
import com.nets.nofsdk.o.w;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.LinkedList;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.ConnectionSpec;
import okhttp3.OkHttpClient;
import okhttp3.TlsVersion;
import retrofit.RestAdapter;

/* loaded from: classes.dex */
public class HostAdaptor {
    public static final int CONNECTION_TIMEOUT = 90;
    public static final String HTTPS_IP_REGEX = "^https:\\/\\/(?:(?:2[0-4]\\d|25[0-5]|1\\d{2}|[1-9]?\\d)\\.){3}(?:2[0-4]\\d|25[0-5]|1\\d{2}|[1-9]?\\d)(?:\\:(?:\\d|[1-9]\\d{1,3}|[1-5]\\d{4}|6[0-4]\\d{3}|65[0-4]\\d{2}|655[0-2]\\d|6553[0-5]))?.*$";
    public static final String LOGTAG = "com.abl.netspay.host.HostAdaptor";
    public static final int READ_TIMEOUT = 90;
    public static final int WRITE_TIMEOUT = 90;
    private static Context context;
    private static String hostURL;
    private static KeyStore keyStore;
    private static RestAdapter restAdapter;
    private static HostService service;

    /* loaded from: classes.dex */
    public class a implements RestAdapter.Log {
        @Override // retrofit.RestAdapter.Log
        public final void log(String str) {
            h0.a(HostAdaptor.LOGTAG, str);
        }
    }

    /* loaded from: classes.dex */
    public class b implements HostnameVerifier {
        @Override // javax.net.ssl.HostnameVerifier
        public final boolean verify(String str, SSLSession sSLSession) {
            LinkedList linkedList = new LinkedList();
            for (int i2 = 0; i2 < sSLSession.getPeerCertificates().length; i2++) {
                try {
                    h0.a(HostAdaptor.LOGTAG, "****************** " + i2);
                    Collection<List<?>> subjectAlternativeNames = ((X509Certificate) sSLSession.getPeerCertificates()[i2]).getSubjectAlternativeNames();
                    if (subjectAlternativeNames != null) {
                        for (List<?> list : subjectAlternativeNames) {
                            ((Integer) list.get(0)).intValue();
                            linkedList.add((String) list.get(1));
                        }
                    }
                } catch (CertificateParsingException | SSLPeerUnverifiedException unused) {
                }
            }
            String str2 = HostAdaptor.LOGTAG;
            StringBuilder a10 = o1.a("SubjectAlternativeNames: ");
            a10.append(linkedList.toString());
            h0.a(str2, a10.toString());
            h0.a(str2, "Verifying hostname: " + str);
            if (linkedList.size() <= 0 || !linkedList.contains(str)) {
                h0.a(str2, "Verified KO!");
                return false;
            }
            h0.a(str2, "Verified OK!");
            return true;
        }
    }

    public static void clear() {
        restAdapter = null;
        service = null;
    }

    public static String getHostURL() {
        return hostURL;
    }

    private static KeyStore getKeyStore() {
        if (keyStore == null) {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                InputStream openRawResource = w.f7091g.f7095e.getResources().openRawResource(NetspayService.getCAResource());
                Certificate generateCertificate = certificateFactory.generateCertificate(openRawResource);
                KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore = keyStore2;
                keyStore2.load(null, null);
                keyStore.setCertificateEntry("ca", generateCertificate);
                openRawResource.close();
            } catch (Exception unused) {
            }
        }
        return keyStore;
    }

    public static HostService getService() {
        if (!getHostURL().startsWith("https")) {
            return getServiceNonSecured(context);
        }
        Pattern compile = Pattern.compile(HTTPS_IP_REGEX);
        String str = LOGTAG;
        StringBuilder a10 = o1.a("trying to match ");
        a10.append(getHostURL());
        h0.a(str, a10.toString());
        if (!compile.matcher(getHostURL()).matches()) {
            return getServiceSecured(context);
        }
        h0.a(str, "Match!");
        return getServiceSecured(context);
    }

    public static HostService getService(Context context2) {
        if (!getHostURL().startsWith("https")) {
            return getServiceNonSecured(context2);
        }
        Pattern compile = Pattern.compile(HTTPS_IP_REGEX);
        String str = LOGTAG;
        StringBuilder a10 = o1.a("trying to match ");
        a10.append(getHostURL());
        h0.a(str, a10.toString());
        if (!compile.matcher(getHostURL()).matches()) {
            return getServiceSecured(context2);
        }
        h0.a(str, "Match!");
        return getServiceSecured(context2);
    }

    public static HostService getServiceNonSecured(Context context2) {
        if (service == null && restAdapter == null) {
            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            TimeUnit timeUnit = TimeUnit.SECONDS;
            RestAdapter build = new RestAdapter.Builder().setEndpoint(getHostURL()).setLogLevel(RestAdapter.LogLevel.NONE).setClient(new c(builder.connectTimeout(90L, timeUnit).writeTimeout(90L, timeUnit).readTimeout(90L, timeUnit).build())).build();
            restAdapter = build;
            service = (HostService) build.create(HostService.class);
        }
        return service;
    }

    private static HostService getServiceSecured(Context context2) {
        OkHttpClient okHttpClient;
        try {
            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            TimeUnit timeUnit = TimeUnit.SECONDS;
            OkHttpClient.Builder readTimeout = builder.connectTimeout(90L, timeUnit).writeTimeout(90L, timeUnit).readTimeout(90L, timeUnit);
            readTimeout.hostnameVerifier(new b());
            okHttpClient = readTimeout.build();
        } catch (Exception e10) {
            String str = LOGTAG;
            h0.b(str, "Error while setting TLS 1.2");
            h0.a(str, e10);
            okHttpClient = null;
        }
        if (service == null && restAdapter == null) {
            RestAdapter build = new RestAdapter.Builder().setEndpoint(getHostURL()).setLogLevel(RestAdapter.LogLevel.NONE).setClient(new c(okHttpClient)).build();
            restAdapter = build;
            service = (HostService) build.create(HostService.class);
        }
        return service;
    }

    private static HostService getServiceSecuredTrustedAndroid(Context context2) {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        TimeUnit timeUnit = TimeUnit.SECONDS;
        OkHttpClient.Builder readTimeout = builder.connectTimeout(90L, timeUnit).writeTimeout(90L, timeUnit).readTimeout(90L, timeUnit);
        if (Build.VERSION.SDK_INT < 22) {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init((KeyStore) null);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
                    throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
                }
                X509TrustManager x509TrustManager = (X509TrustManager) trustManagers[0];
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
                readTimeout.sslSocketFactory(new Tls2SocketFactory(sSLContext.getSocketFactory()), x509TrustManager);
                ConnectionSpec build = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).tlsVersions(TlsVersion.TLS_1_2, TlsVersion.TLS_1_1).build();
                ArrayList arrayList = new ArrayList();
                arrayList.add(build);
                arrayList.add(ConnectionSpec.COMPATIBLE_TLS);
                arrayList.add(ConnectionSpec.CLEARTEXT);
                readTimeout.connectionSpecs(arrayList);
            } catch (Exception e10) {
                Log.e("OkHttpTLSCompat", "Error while setting TLS 1.2", e10);
            }
        }
        OkHttpClient build2 = readTimeout.build();
        if (service == null && restAdapter == null) {
            RestAdapter build3 = new RestAdapter.Builder().setEndpoint(getHostURL()).setLogLevel(RestAdapter.LogLevel.NONE).setClient(new c(build2)).setLog(new a()).build();
            restAdapter = build3;
            service = (HostService) build3.create(HostService.class);
        }
        return service;
    }

    public static void init(String str, Context context2) {
        context = context2;
        hostURL = str;
    }

    public static void setHostURL(String str) {
        hostURL = str;
    }
}
