package org.ta.easy.utils.net;

import android.util.Log;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.ConnectionSpec;
import okhttp3.OkHttpClient;
import okio.Buffer;
import org.ta.easy.instances.Customer;
import org.ta.easy.instances.TaxiService;
import org.ta.easy.queries.api.utils.Options;

/* loaded from: classes2.dex */
class CertUtils {
    private static final X509TrustManager trustAll = new X509TrustManager() { // from class: org.ta.easy.utils.net.CertUtils.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    };

    public static void applySslSettings(OkHttpClient.Builder builder, SSLSettings sSLSettings) {
        TrustManager[] certToTrustManager;
        try {
            if (!sSLSettings.validateSSL) {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                X509TrustManager x509TrustManager = trustAll;
                sSLContext.init(new KeyManager[0], new TrustManager[]{x509TrustManager}, new SecureRandom());
                builder.sslSocketFactory(sSLContext.getSocketFactory(), x509TrustManager);
                builder.hostnameVerifier(new HostnameVerifier() { // from class: org.ta.easy.utils.net.CertUtils.2
                    @Override // javax.net.ssl.HostnameVerifier
                    public boolean verify(String str, SSLSession sSLSession) {
                        String valueOf = String.valueOf(new Options(TaxiService.getInstance(), Customer.getInstance(), null).getService().getServiceUri());
                        String substring = valueOf.substring(valueOf.indexOf("//") + 2);
                        String substring2 = substring.substring(0, substring.indexOf("/"));
                        if (substring2.indexOf(":") != -1) {
                            substring2 = substring2.substring(0, substring2.indexOf(":"));
                        }
                        TaxiService.getInstance().setIp2(substring2);
                        return str.equals("my.taxiadmin.org") || str.equals("taxiadmin.org") || str.equals("taxiadmin.ddns.mksat.net") || str.equals("maps.googleapis.com") || TaxiService.getInstance().getIp().equals(str) || TaxiService.getInstance().getIp2().equals(str) || str.equals("nominatim.openstreetmap.org") || str.equals("dulcy.openstreetmap.org") || str.equals("nominatim.openmaps.org") || str.equals("nominatim.openstreetmap.net") || str.equals("nominatim.openstreetmap.com") || str.equals("nominatim.openstreetmaps.org") || str.equals("nominatim.osm.org");
                    }
                });
                return;
            }
            if (sSLSettings.cert == null || (certToTrustManager = certToTrustManager(sSLSettings.cert)) == null || certToTrustManager.length <= 0) {
                return;
            }
            SSLContext sSLContext2 = SSLContext.getInstance("TLS");
            sSLContext2.init(new KeyManager[0], certToTrustManager, new SecureRandom());
            builder.sslSocketFactory(sSLContext2.getSocketFactory(), (X509TrustManager) certToTrustManager[0]);
        } catch (Exception e) {
            Log.e("TEST", "Failed to apply SSL settings", e);
        }
    }

    public static void applySslSettings2(OkHttpClient.Builder builder, SSLSettings sSLSettings) {
        TrustManager[] certToTrustManager;
        try {
            if (!sSLSettings.validateSSL) {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                X509TrustManager x509TrustManager = trustAll;
                sSLContext.init(new KeyManager[0], new TrustManager[]{x509TrustManager}, new SecureRandom());
                builder.sslSocketFactory(sSLContext.getSocketFactory(), x509TrustManager);
                builder.hostnameVerifier(new HostnameVerifier() { // from class: org.ta.easy.utils.net.CertUtils.3
                    @Override // javax.net.ssl.HostnameVerifier
                    public boolean verify(String str, SSLSession sSLSession) {
                        String valueOf = String.valueOf(new Options(TaxiService.getInstance(), Customer.getInstance(), null).getService().getServiceUri());
                        String substring = valueOf.substring(valueOf.indexOf("//") + 2);
                        TaxiService.getInstance().setIp2(substring.substring(0, substring.indexOf("/")));
                        return str.equals("my.taxiadmin.org") || str.equals("taxiadmin.org") || str.equals("maps.googleapis.com") || TaxiService.getInstance().getIp().equals(str) || TaxiService.getInstance().getIp2().equals(str) || str.equals("nominatim.openstreetmap.org") || str.equals("dulcy.openstreetmap.org") || str.equals("nominatim.openmaps.org") || str.equals("nominatim.openstreetmap.net") || str.equals("nominatim.openstreetmap.com") || str.equals("nominatim.openstreetmaps.org") || str.equals("nominatim.osm.org");
                    }
                });
                return;
            }
            if (sSLSettings.cert == null || (certToTrustManager = certToTrustManager(sSLSettings.cert)) == null || certToTrustManager.length <= 0) {
                return;
            }
            SSLContext sSLContext2 = SSLContext.getInstance("TLS");
            sSLContext2.init(new KeyManager[0], certToTrustManager, new SecureRandom());
            builder.sslSocketFactory(sSLContext2.getSocketFactory(), (X509TrustManager) certToTrustManager[0]);
        } catch (Exception e) {
            Log.e("TEST", "Failed to apply SSL settings", e);
        }
    }

    private static TrustManager[] certToTrustManager(String str) throws GeneralSecurityException {
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(stringToInputStream(str));
        if (generateCertificates.isEmpty()) {
            throw new IllegalArgumentException("expected non-empty set of trusted certificates");
        }
        KeyStore newEmptyKeyStore = newEmptyKeyStore();
        Iterator<? extends Certificate> it2 = generateCertificates.iterator();
        int i = 0;
        while (it2.hasNext()) {
            newEmptyKeyStore.setCertificateEntry(String.format("ca%s", Integer.valueOf(i)), it2.next());
            i++;
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(newEmptyKeyStore);
        return trustManagerFactory.getTrustManagers();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static OkHttpClient.Builder getUnsafeClient() {
        try {
            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            applySslSettings(builder, new SSLSettings(false, null));
            builder.connectionSpecs(Arrays.asList(ConnectionSpec.COMPATIBLE_TLS, ConnectionSpec.MODERN_TLS, ConnectionSpec.RESTRICTED_TLS, ConnectionSpec.CLEARTEXT));
            return builder;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static KeyStore newEmptyKeyStore() throws GeneralSecurityException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            return keyStore;
        } catch (IOException e) {
            throw new AssertionError(e);
        }
    }

    private static InputStream stringToInputStream(String str) {
        if (str == null) {
            return null;
        }
        return new Buffer().writeUtf8(str).inputStream();
    }
}
