package ctrip.android.network.sslpinning.pinning;

import android.text.TextUtils;
import androidx.annotation.NonNull;
import androidx.annotation.RequiresApi;
import com.tencent.matrix.trace.core.AppMethodBeat;
import ctrip.android.basebusiness.env.Env;
import ctrip.android.login.CtripLoginManager;
import ctrip.android.network.sslpinning.configuration.PublicKeyPin;
import ctrip.android.service.mobileconfig.CtripMobileConfigManager;
import ctrip.foundation.storage.CTKVStorage;
import ctrip.foundation.util.LogUtil;
import ctrip.foundation.util.StringUtil;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Interceptor;
import org.jivesoftware.smack.sm.packet.StreamManagement;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: classes5.dex */
public class OkHttp3Helper {
    private static final String KVDomain = "SSLPinKVConfig";
    private static HashSet<String> balckList;
    private static HashSet<String> blackUrlList;
    private static boolean enableSSLPinning;
    private static Set<PublicKeyPin> publicKeyPins;
    private static X509TrustManager trustManager;

    static {
        AppMethodBeat.i(145200);
        enableSSLPinning = true;
        balckList = new HashSet<>();
        blackUrlList = new HashSet<>(Arrays.asList("18088/GetAppConfig.json"));
        trustManager = new OkHttpRootTrustManager();
        publicKeyPins = new HashSet(Arrays.asList(new PublicKeyPin("2P5DNxKj470aMBycYc8iJI7l5cireUAkhhutWDAVD50="), new PublicKeyPin("MIKoeatlSqVA3aCIrE0/JYoP9vF4XSCTPHy+c9vAsKk="), new PublicKeyPin("r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="), new PublicKeyPin("yGXit7PiC9Rd09CnzD6sZen8QtAZXZuTwCThuvpRke8="), new PublicKeyPin("cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="), new PublicKeyPin("hETpgVvaLC0bvcGG3t0cuqiHvr4XyP2MTwCiqhgRWwU=")));
        AppMethodBeat.o(145200);
    }

    private static boolean disableSSLPinningFromConfig() {
        AppMethodBeat.i(145193);
        boolean z = CTKVStorage.getInstance().getBoolean(KVDomain, "disable_ssl_pinning", false);
        AppMethodBeat.o(145193);
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Set<PublicKeyPin> getDefaultPublicKeyPins() {
        AppMethodBeat.i(145163);
        if (publicKeyPins == null) {
            publicKeyPins = new HashSet(Arrays.asList(new PublicKeyPin("2P5DNxKj470aMBycYc8iJI7l5cireUAkhhutWDAVD50="), new PublicKeyPin("MIKoeatlSqVA3aCIrE0/JYoP9vF4XSCTPHy+c9vAsKk="), new PublicKeyPin("r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="), new PublicKeyPin("yGXit7PiC9Rd09CnzD6sZen8QtAZXZuTwCThuvpRke8="), new PublicKeyPin("cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="), new PublicKeyPin("hETpgVvaLC0bvcGG3t0cuqiHvr4XyP2MTwCiqhgRWwU=")));
        }
        Set<PublicKeyPin> set = publicKeyPins;
        AppMethodBeat.o(145163);
        return set;
    }

    @NonNull
    @RequiresApi(api = 17)
    public static Interceptor getPinningInterceptor() {
        AppMethodBeat.i(145150);
        OkHttp3PinningInterceptor okHttp3PinningInterceptor = new OkHttp3PinningInterceptor((OkHttpRootTrustManager) trustManager);
        AppMethodBeat.o(145150);
        return okHttp3PinningInterceptor;
    }

    @NonNull
    public static SSLSocketFactory getSSLSocketFactory() {
        AppMethodBeat.i(145145);
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new X509TrustManager[]{trustManager}, null);
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            AppMethodBeat.o(145145);
            return socketFactory;
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            e.printStackTrace();
            IllegalStateException illegalStateException = new IllegalStateException("SSLSocketFactory creation failed");
            AppMethodBeat.o(145145);
            throw illegalStateException;
        }
    }

    @NonNull
    public static X509TrustManager getTrustManager() {
        return trustManager;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isEnableSSLPinning() {
        AppMethodBeat.i(145179);
        boolean z = false;
        try {
            CtripMobileConfigManager.CtripMobileConfigModel mobileConfigModelByCategory = CtripMobileConfigManager.getMobileConfigModelByCategory("SSLPinningConfig");
            if (mobileConfigModelByCategory != null && mobileConfigModelByCategory.configJSON() != null) {
                JSONObject configJSON = mobileConfigModelByCategory.configJSON();
                enableSSLPinning = configJSON.optBoolean(StreamManagement.Enable.ELEMENT, true);
                JSONArray optJSONArray = configJSON.optJSONArray("blackList");
                JSONArray optJSONArray2 = configJSON.optJSONArray("androidBlackUrlList");
                if (optJSONArray != null) {
                    for (int i2 = 0; i2 < optJSONArray.length(); i2++) {
                        String optString = optJSONArray.optString(i2);
                        if (StringUtil.isNotEmpty(optString)) {
                            balckList.add(optString);
                        }
                    }
                }
                if (optJSONArray2 != null && optJSONArray2.length() > 0) {
                    for (int i3 = 0; i3 < optJSONArray2.length(); i3++) {
                        String optString2 = optJSONArray2.optString(i3);
                        if (optString2 != null && StringUtil.isNotEmpty(optString2.trim())) {
                            blackUrlList.add(optString2.trim());
                        }
                    }
                }
            }
        } catch (Exception e) {
            LogUtil.e("OkHttp3Helper", "isEnableSSLPinning exception", e);
        }
        if (enableSSLPinning && Env.isProductEnv() && !disableSSLPinningFromConfig()) {
            z = true;
        }
        AppMethodBeat.o(145179);
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isInBlackList(String str) {
        AppMethodBeat.i(145174);
        if (TextUtils.isEmpty(str) || balckList.isEmpty()) {
            AppMethodBeat.o(145174);
            return false;
        }
        boolean contains = balckList.contains(str);
        AppMethodBeat.o(145174);
        return contains;
    }

    public static boolean isInBlackUrlList(String str) {
        AppMethodBeat.i(145187);
        if (TextUtils.isEmpty(str) || blackUrlList.isEmpty()) {
            AppMethodBeat.o(145187);
            return false;
        }
        try {
            Iterator<String> it = blackUrlList.iterator();
            while (it.hasNext()) {
                String next = it.next();
                if (!TextUtils.isEmpty(next) && str.contains(next)) {
                    AppMethodBeat.o(145187);
                    return true;
                }
            }
        } catch (Exception unused) {
        }
        AppMethodBeat.o(145187);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean needCertificateCheck(@NonNull String str) {
        AppMethodBeat.i(145169);
        boolean z = str.endsWith(CtripLoginManager.PRO_COOKIE_DOMAIN) || str.endsWith(".ctrip.cn") || str.endsWith(CtripLoginManager.FAT_COOKIE_DOMAIN) || str.endsWith(".tieyou.com") || str.endsWith(".hhtravel.com") || str.endsWith(".c-ctrip.com") || str.endsWith(".ctripbuy.hk") || str.endsWith(".trip.com") || str.endsWith(".ctrip.net") || str.endsWith(".suanya.com") || str.endsWith(".suanya.cn");
        AppMethodBeat.o(145169);
        return z;
    }
}
