package com.digitalpower.app.base.security.ssl;

import android.content.Context;
import android.text.TextUtils;
import androidx.annotation.Nullable;
import com.digitalpower.app.base.bean.cert.CertBean;
import com.digitalpower.app.base.security.SecurityUtil;
import com.digitalpower.app.base.util.FileUtils;
import com.digitalpower.app.base.util.Kits;
import gj.h;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import r0.a;
import r0.b;
import r0.c;
import rj.e;

/* loaded from: classes.dex */
public class CrlUtil {
    private static final String CER_FILE_NAME = "solar_huawei_com.cer";
    public static final String CRL_PATH = "crl";
    public static final String OVERDUE_CRL_PATH = "overdueCert";
    public static final String PATH_ACCEPT_CER = "acceptCert";
    private static final String[] SAFE_CIPHER_SUITES_LIST = {"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", "TLS_PSK_WITH_AES_256_GCM_SHA384", "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_CCM", "TLS_DHE_RSA_WITH_AES_256_CCM", "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_PSK_WITH_AES_256_CCM", "TLS_DHE_PSK_WITH_AES_128_CCM", "TLS_DHE_PSK_WITH_AES_256_CCM", "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "TLS_AES_128_CCM_SHA256", "TLS_AES_128_CCM_8_SHA256", "TLS_ECDHE_ECDSA_AES128_GCM_SHA256", "TLS_ECDHE_ECDSA_CHACHA20_POLY1305"};
    public static final String SERVER_CER = "server.cer";
    public static final String SSL_PROTOCOL_ROOT_CA = "LIVE/RootCA.cer";
    public static final String SSL_PROTOCOL_ROOT_CA_V2023 = "LIVE/Huawei Digital Power ECC Equipment Root CA.cer";
    public static final String SSL_PROTOCOL_SUB_CA = "LIVE/SubCA.cer";
    public static final String SSL_PROTOCOL_SUB_CA_V2023 = "LIVE/Huawei Digital Power ECC EquipmentSubCA.cer";
    private static final String TAG = "CrlUtil";

    public static void addAcceptCert(KeyStore keyStore, String str) {
        FileInputStream fileInputStream;
        Throwable e11;
        if (keyStore == null || TextUtils.isEmpty(str)) {
            return;
        }
        File file = new File(str);
        if (file.exists() && file.isDirectory()) {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                File[] listFiles = file.listFiles();
                if (listFiles == null) {
                    return;
                }
                AtomicInteger atomicInteger = new AtomicInteger();
                FileInputStream fileInputStream2 = null;
                for (File file2 : listFiles) {
                    try {
                        fileInputStream = new FileInputStream(file2);
                        try {
                            try {
                                Iterator<? extends Certificate> it = certificateFactory.generateCertificates(fileInputStream).iterator();
                                while (it.hasNext()) {
                                    keyStore.setCertificateEntry("accept-cert" + atomicInteger.getAndIncrement(), it.next());
                                }
                                FileUtils.closeStream(fileInputStream);
                            } catch (Throwable th2) {
                                th = th2;
                                fileInputStream2 = fileInputStream;
                                FileUtils.closeStream(fileInputStream2);
                                throw th;
                            }
                        } catch (FileNotFoundException e12) {
                            e11 = e12;
                            e.m(e11.getMessage(), new Object[0]);
                            FileUtils.closeStream(fileInputStream);
                            fileInputStream2 = fileInputStream;
                        } catch (KeyStoreException e13) {
                            e11 = e13;
                            e.m(e11.getMessage(), new Object[0]);
                            FileUtils.closeStream(fileInputStream);
                            fileInputStream2 = fileInputStream;
                        } catch (CertificateException e14) {
                            e11 = e14;
                            e.m(e11.getMessage(), new Object[0]);
                            FileUtils.closeStream(fileInputStream);
                            fileInputStream2 = fileInputStream;
                        }
                    } catch (FileNotFoundException e15) {
                        e = e15;
                        fileInputStream = fileInputStream2;
                        e11 = e;
                        e.m(e11.getMessage(), new Object[0]);
                        FileUtils.closeStream(fileInputStream);
                        fileInputStream2 = fileInputStream;
                    } catch (KeyStoreException e16) {
                        e = e16;
                        fileInputStream = fileInputStream2;
                        e11 = e;
                        e.m(e11.getMessage(), new Object[0]);
                        FileUtils.closeStream(fileInputStream);
                        fileInputStream2 = fileInputStream;
                    } catch (CertificateException e17) {
                        e = e17;
                        fileInputStream = fileInputStream2;
                        e11 = e;
                        e.m(e11.getMessage(), new Object[0]);
                        FileUtils.closeStream(fileInputStream);
                        fileInputStream2 = fileInputStream;
                    } catch (Throwable th3) {
                        th = th3;
                    }
                    fileInputStream2 = fileInputStream;
                }
            } catch (CertificateException e18) {
                e.m(e18.getMessage(), new Object[0]);
            }
        }
    }

    public static boolean addAcceptCerts(CertBean certBean, String str) {
        List<String> serialNumberList;
        if (certBean == null || (serialNumberList = certBean.getSerialNumberList()) == null || serialNumberList.isEmpty()) {
            return false;
        }
        StringBuilder sb2 = new StringBuilder();
        Iterator<String> it = serialNumberList.iterator();
        while (it.hasNext()) {
            sb2.append(it.next());
        }
        if (sb2.length() == 0) {
            sb2.append(UUID.randomUUID().toString());
        } else if (sb2.length() > 32) {
            sb2.setLength(32);
        } else {
            e.m(TAG, "ignore");
        }
        File file = new File(str, sb2.toString());
        FileUtils.createFile(file);
        for (String str2 : certBean.getCertList()) {
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(file, true);
                try {
                    byte[] bytes = ("-----BEGIN CERTIFICATE-----" + System.lineSeparator() + str2 + "-----END CERTIFICATE-----" + System.lineSeparator()).getBytes(Charset.defaultCharset());
                    fileOutputStream.write(bytes, 0, bytes.length);
                    fileOutputStream.flush();
                    fileOutputStream.close();
                } catch (Throwable th2) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th3) {
                        th2.addSuppressed(th3);
                    }
                    throw th2;
                    break;
                }
            } catch (IOException e11) {
                e.m(TAG, c.a(e11, new StringBuilder("addAcceptCerts :")));
            }
        }
        return true;
    }

    public static boolean checkCaRevoked(X509Certificate[] x509CertificateArr, String str) {
        List<X509CRL> defaultCrl = getDefaultCrl(str);
        if (defaultCrl != null && !defaultCrl.isEmpty()) {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                Iterator<X509CRL> it = defaultCrl.iterator();
                if (it.hasNext()) {
                    X509CRL next = it.next();
                    if (!checkIsCrlValid(next)) {
                        e.m(TAG, "checkCaRevoked crl is not valid");
                    }
                    return checkCertificateIsRevoked(next, x509Certificate);
                }
            }
        }
        return false;
    }

    private static boolean checkCertificateIsRevoked(X509CRL x509crl, Certificate certificate) {
        return (x509crl == null || x509crl.getRevokedCertificates().isEmpty() || certificate == null || !(certificate instanceof X509Certificate) || x509crl.getRevokedCertificate((X509Certificate) certificate) == null) ? false : true;
    }

    private static boolean checkIsCrlValid(X509CRL x509crl) {
        if (x509crl == null) {
            return false;
        }
        long time = x509crl.getThisUpdate().getTime();
        long time2 = x509crl.getNextUpdate().getTime();
        long time3 = new Date().getTime();
        return time3 > time && time3 < time2;
    }

    public static String getAcceptDir() {
        return getExternalPath(PATH_ACCEPT_CER);
    }

    @Nullable
    public static String getCanonicalPath(File file) {
        if (file == null) {
            e.m(TAG, "the file given was null");
            return null;
        }
        try {
            return file.getCanonicalPath();
        } catch (IOException e11) {
            e.m(TAG, a.a("get absolute path failed:", e11));
            return null;
        }
    }

    public static X509Certificate getCertificate(Context context) {
        InputStream inputStream;
        InputStream fileInputStream;
        InputStream inputStream2 = null;
        try {
            File file = new File(context.getFilesDir(), "solar_huawei_com.cer");
            e.m(TAG, "getCertificate,target file is exists:" + file.exists());
            fileInputStream = file.exists() ? new FileInputStream(file) : context.getResources().getAssets().open("solar_huawei_com.cer");
        } catch (IOException e11) {
            e = e11;
            inputStream = null;
            try {
                e.u(TAG, "getCertificate,create certificate failed:" + e.getMessage());
                FileUtils.closeStream(inputStream);
                return null;
            } catch (Throwable th2) {
                th = th2;
                inputStream2 = inputStream;
                FileUtils.closeStream(inputStream2);
                throw th;
            }
        } catch (CertificateException e12) {
            e = e12;
            inputStream = null;
            e.u(TAG, "getCertificate,create certificate failed:" + e.getMessage());
            FileUtils.closeStream(inputStream);
            return null;
        } catch (Throwable th3) {
            th = th3;
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
            FileUtils.closeStream(fileInputStream);
            return x509Certificate;
        } catch (IOException e13) {
            e = e13;
            Throwable th4 = e;
            inputStream = fileInputStream;
            e = th4;
            e.u(TAG, "getCertificate,create certificate failed:" + e.getMessage());
            FileUtils.closeStream(inputStream);
            return null;
        } catch (CertificateException e14) {
            e = e14;
            Throwable th42 = e;
            inputStream = fileInputStream;
            e = th42;
            e.u(TAG, "getCertificate,create certificate failed:" + e.getMessage());
            FileUtils.closeStream(inputStream);
            return null;
        } catch (Throwable th5) {
            inputStream2 = fileInputStream;
            th = th5;
            FileUtils.closeStream(inputStream2);
            throw th;
        }
    }

    public static String getCrlDir() {
        return getExternalPath("crl");
    }

    @Nullable
    private static List<X509CRL> getDefaultCrl(String str) {
        File[] listFiles;
        X509CRL readCrlFromFile;
        File file = new File(str);
        if (!file.exists() || (listFiles = file.listFiles()) == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (File file2 : listFiles) {
            if (file2.isFile()) {
                String canonicalPath = getCanonicalPath(file2);
                if (!TextUtils.isEmpty(canonicalPath) && (readCrlFromFile = readCrlFromFile(canonicalPath)) != null) {
                    arrayList.add(readCrlFromFile);
                }
            }
        }
        return arrayList;
    }

    public static String getExternalPath(String str) {
        File specifyExternalFile = getSpecifyExternalFile(str);
        if (specifyExternalFile == null) {
            return "";
        }
        try {
            return specifyExternalFile.getCanonicalPath();
        } catch (IOException unused) {
            e.m(TAG, "getExternalPath IOException");
            return "";
        }
    }

    public static String getOverdueDir() {
        return getExternalPath(OVERDUE_CRL_PATH);
    }

    public static SSLContext getSSLContext(Certificate certificate) {
        SSLContext sSLContext = null;
        if (certificate == null) {
            e.u(TAG, "getSSLContext , get SSLContext failed,cause by certificate is null");
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("trust0", certificate);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, null);
            CustomX509TrustManager customX509TrustManager = new CustomX509TrustManager(keyStore);
            sSLContext = SSLContext.getInstance(h.f47359i);
            sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{customX509TrustManager}, SecurityUtil.drbg());
            return sSLContext;
        } catch (IOException e11) {
            e11.printStackTrace();
            return sSLContext;
        } catch (KeyManagementException e12) {
            e = e12;
            e.u(TAG, b.a(e, new StringBuilder("getCertificate,create SSLContext failed :")));
            return sSLContext;
        } catch (KeyStoreException e13) {
            e = e13;
            e.u(TAG, b.a(e, new StringBuilder("getCertificate,create SSLContext failed :")));
            return sSLContext;
        } catch (NoSuchAlgorithmException e14) {
            e = e14;
            e.u(TAG, b.a(e, new StringBuilder("getCertificate,create SSLContext failed :")));
            return sSLContext;
        } catch (UnrecoverableKeyException e15) {
            e = e15;
            e.u(TAG, b.a(e, new StringBuilder("getCertificate,create SSLContext failed :")));
            return sSLContext;
        } catch (CertificateException e16) {
            e = e16;
            e.u(TAG, b.a(e, new StringBuilder("getCertificate,create SSLContext failed :")));
            return sSLContext;
        }
    }

    public static String[] getSafeSuitesList() {
        return (String[]) SAFE_CIPHER_SUITES_LIST.clone();
    }

    public static File getSpecifyExternalFile(String str) {
        File dataFilesDir = Kits.getDataFilesDir(str);
        e.h(TAG, "getSepcifyExternalFile " + Kits.getCanonicalPath(dataFilesDir));
        if (dataFilesDir == null) {
            return null;
        }
        if (dataFilesDir.exists() || dataFilesDir.mkdirs()) {
            return dataFilesDir;
        }
        return null;
    }

    @Nullable
    public static X509CRL readCrlFromFile(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        File file = new File(str);
        if (file.exists() && file.isFile()) {
            try {
                FileInputStream fileInputStream = new FileInputStream(file);
                try {
                    CRL generateCRL = CertificateFactory.getInstance("X.509").generateCRL(fileInputStream);
                    if (generateCRL instanceof X509CRL) {
                        X509CRL x509crl = (X509CRL) generateCRL;
                        fileInputStream.close();
                        return x509crl;
                    }
                    fileInputStream.close();
                } catch (Throwable th2) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th3) {
                        th2.addSuppressed(th3);
                    }
                    throw th2;
                }
            } catch (FileNotFoundException e11) {
                e = e11;
                e.m(TAG, "readCrlFromFile NetecoCertException ex:".concat(e.getClass().getName()));
            } catch (IOException e12) {
                e.m(TAG, c.a(e12, new StringBuilder("readCrlFromFile IOException exception:")));
            } catch (CRLException e13) {
                e = e13;
                e.m(TAG, "readCrlFromFile NetecoCertException ex:".concat(e.getClass().getName()));
            } catch (CertificateException e14) {
                e = e14;
                e.m(TAG, "readCrlFromFile NetecoCertException ex:".concat(e.getClass().getName()));
            }
        }
        return null;
    }
}
