package cn.hyperchain.sdk.common.utils;

import cn.hyperchain.sdk.crypto.cert.CertUtils;
import cn.hyperchain.sdk.crypto.cert.SM2Priv;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.log4j.Logger;
import org.bouncycastle.openssl.PEMKeyPair;

/* loaded from: input_file:cn/hyperchain/sdk/common/utils/HttpsUtils.class */
public class HttpsUtils {
    private static Logger logger = Logger.getLogger(HttpsUtils.class);
    public static final String DEFAULT_PASSWORD = "";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:cn/hyperchain/sdk/common/utils/HttpsUtils$MyTrustManager.class */
    public static class MyTrustManager implements X509TrustManager {
        private X509TrustManager defaultTrustManager;
        private X509TrustManager localTrustManager;

        public MyTrustManager(X509TrustManager x509TrustManager) throws NoSuchAlgorithmException, KeyStoreException {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            this.defaultTrustManager = HttpsUtils.chooseTrustManager(trustManagerFactory.getTrustManagers());
            this.localTrustManager = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                this.localTrustManager.checkServerTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                this.localTrustManager.checkServerTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* loaded from: input_file:cn/hyperchain/sdk/common/utils/HttpsUtils$SSLParams.class */
    public static class SSLParams {
        private SSLSocketFactory sSLSocketFactory;
        private X509TrustManager trustManager;

        public SSLSocketFactory getsSLSocketFactory() {
            return this.sSLSocketFactory;
        }

        public X509TrustManager getTrustManager() {
            return this.trustManager;
        }
    }

    public static SSLParams getSslSocketFactory(InputStream inputStream, InputStream inputStream2, InputStream inputStream3, String str) {
        SSLParams sSLParams = new SSLParams();
        try {
            TrustManager[] prepareTrustManager = prepareTrustManager(inputStream);
            KeyManager[] prepareKeyManager = prepareKeyManager(inputStream2, inputStream3, str);
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            MyTrustManager myTrustManager = new MyTrustManager(chooseTrustManager(prepareTrustManager));
            sSLContext.init(prepareKeyManager, new TrustManager[]{myTrustManager}, null);
            sSLParams.sSLSocketFactory = sSLContext.getSocketFactory();
            sSLParams.trustManager = myTrustManager;
            return sSLParams;
        } catch (Exception e) {
            throw new AssertionError(e);
        }
    }

    public static HostnameVerifier hyperchainVerifier() {
        return new HostnameVerifier() { // from class: cn.hyperchain.sdk.common.utils.HttpsUtils.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                try {
                    return sSLSession.getPeerCertificateChain()[0].getIssuerDN().getCommonName().equals("hyperchain.cn");
                } catch (Exception e) {
                    HttpsUtils.logger.error(e);
                    return false;
                }
            }
        };
    }

    private static TrustManager[] prepareTrustManager(InputStream... inputStreamArr) {
        if (inputStreamArr == null || inputStreamArr.length <= 0) {
            return null;
        }
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            int i = 0;
            for (InputStream inputStream : inputStreamArr) {
                int i2 = i;
                i++;
                keyStore.setCertificateEntry(Integer.toString(i2), certificateFactory.generateCertificate(inputStream));
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        logger.error(e);
                    }
                }
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e2) {
            logger.error(e2);
            return null;
        }
    }

    private static KeyManager[] prepareKeyManager(InputStream inputStream, InputStream inputStream2, String str) {
        try {
            KeyStore createKeyStore = createKeyStore(inputStream, inputStream2, str);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(createKeyStore, str.toCharArray());
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            logger.error(e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static X509TrustManager chooseTrustManager(TrustManager[] trustManagerArr) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    public static KeyStore createKeyStore(InputStream inputStream, InputStream inputStream2, String str) throws Exception {
        X509Certificate[] createCertificates = createCertificates(inputStream);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null);
        PEMKeyPair pem = CertUtils.getPEM(inputStream2);
        keyStore.setKeyEntry("tlsCertPriv", CertUtils.getPrivateKeyFromPEM(pem, pem.getPrivateKeyInfo().getPrivateKeyAlgorithm().getParameters().toString().equals(SM2Priv.SM2OID)), str.toCharArray(), createCertificates);
        return keyStore;
    }

    private static X509Certificate[] createCertificates(InputStream inputStream) throws Exception {
        ArrayList arrayList = new ArrayList();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        try {
            String readLine = bufferedReader.readLine();
            if (readLine == null || !readLine.contains("BEGIN CERTIFICATE")) {
                bufferedReader.close();
                throw new IllegalArgumentException("No CERTIFICATE found");
            }
            StringBuilder sb = new StringBuilder();
            while (readLine != null) {
                if (readLine.contains("END CERTIFICATE")) {
                    arrayList.add(generateCertificateFromPEM(Base64.getDecoder().decode(sb.toString())));
                    sb = new StringBuilder();
                } else if (!readLine.startsWith("----")) {
                    sb.append(readLine);
                }
                readLine = bufferedReader.readLine();
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        } finally {
            if (bufferedReader != null) {
                bufferedReader.close();
            }
        }
    }

    private static X509Certificate generateCertificateFromPEM(byte[] bArr) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }
}
