package es.redsys.paysys.Utils;

import android.os.Build;
import android.support.annotation.RequiresApi;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;

/* loaded from: assets/plugins/gateway/gateway.dex */
public class MySSLSocketFactoryCertValidate extends SSLSocketFactory {
    public final String TAG;
    private SSLContext a;
    private X509TrustManager d;

    public MySSLSocketFactoryCertValidate(KeyStore keyStore) {
        super(keyStore);
        this.TAG = MySSLSocketFactoryCertValidate.class.getName();
        this.a = SSLContext.getInstance("TLSv1");
        initTrustedCerts(keyStore);
        try {
            this.a.init(null, new TrustManager[]{new X509TrustManager() { // from class: es.redsys.paysys.Utils.MySSLSocketFactoryCertValidate.5
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                    MySSLSocketFactoryCertValidate.this.d.checkClientTrusted(x509CertificateArr, str);
                }

                @Override // javax.net.ssl.X509TrustManager
                @RequiresApi(api = 24)
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                    MySSLSocketFactoryCertValidate.this.d.checkServerTrusted(x509CertificateArr, str);
                    String[] strArr = new String[x509CertificateArr.length];
                    String[] strArr2 = new String[x509CertificateArr.length];
                    HashSet<X509CRL> hashSet = new HashSet();
                    int i = 0;
                    loop0: while (true) {
                        int i2 = i;
                        if (i2 >= x509CertificateArr.length) {
                            if (!d.e(strArr, strArr2) && !d.d(strArr, strArr2)) {
                                throw new CertificateException("Cadena de certificados no válida 1029");
                            }
                            return;
                        }
                        strArr[i2] = x509CertificateArr[i2].getSubjectDN().toString();
                        strArr2[i2] = x509CertificateArr[i2].getIssuerDN().toString();
                        x509CertificateArr[i2].checkValidity();
                        X509Certificate x509Certificate = x509CertificateArr[i2];
                        if (Build.VERSION.SDK_INT < 26) {
                            hashSet.addAll(MySSLSocketFactoryCertValidate.d(x509Certificate));
                            for (X509CRL x509crl : hashSet) {
                                if (x509crl.getRevokedCertificate(x509Certificate.getSerialNumber()) != null || x509crl.isRevoked(x509Certificate)) {
                                    break loop0;
                                }
                            }
                        }
                        i = i2 + 1;
                    }
                    throw new CertificateException("Certificate revoked1029");
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return MySSLSocketFactoryCertValidate.this.d.getAcceptedIssuers();
                }
            }}, null);
        } catch (KeyManagementException e) {
            Log.e("KeyManagementException", e.getLocalizedMessage(), e);
        }
    }

    private Socket a(Socket socket) {
        if (socket instanceof SSLSocket) {
            ((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2"});
        }
        return socket;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Removed duplicated region for block: B:41:0x00b8  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.util.List<java.security.cert.X509CRL> d(java.security.cert.X509Certificate r13) {
        /*
            r3 = 0
            java.lang.String r0 = "X509"
            java.security.cert.CertificateFactory r5 = java.security.cert.CertificateFactory.getInstance(r0)
            java.util.LinkedList r6 = new java.util.LinkedList
            r6.<init>()
            java.lang.String r0 = "2.5.29.31"
            byte[] r0 = r13.getExtensionValue(r0)
            if (r0 == 0) goto Lcc
            org.bouncycastle.asn1.ASN1InputStream r1 = new org.bouncycastle.asn1.ASN1InputStream
            java.io.ByteArrayInputStream r2 = new java.io.ByteArrayInputStream
            r2.<init>(r0)
            r1.<init>(r2)
            org.bouncycastle.asn1.DERObject r0 = r1.readObject()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.DEROctetString r0 = (org.bouncycastle.asn1.DEROctetString) r0     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            byte[] r0 = r0.getOctets()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.ASN1InputStream r1 = new org.bouncycastle.asn1.ASN1InputStream     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            java.io.ByteArrayInputStream r2 = new java.io.ByteArrayInputStream     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            r2.<init>(r0)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            r1.<init>(r2)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.DERObject r0 = r1.readObject()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.x509.CRLDistPoint r0 = org.bouncycastle.asn1.x509.CRLDistPoint.getInstance(r0)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.x509.DistributionPoint[] r7 = r0.getDistributionPoints()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            int r8 = r7.length     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            r4 = r3
        L40:
            if (r4 >= r8) goto Lcc
            r0 = r7[r4]     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.x509.DistributionPointName r0 = r0.getDistributionPoint()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            if (r0 == 0) goto Lc7
            int r1 = r0.getType()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            if (r1 != 0) goto Lc7
            org.bouncycastle.asn1.ASN1Encodable r0 = r0.getName()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.x509.GeneralNames r0 = org.bouncycastle.asn1.x509.GeneralNames.getInstance(r0)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.x509.GeneralName[] r9 = r0.getNames()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            int r10 = r9.length     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            r2 = r3
        L5e:
            if (r2 >= r10) goto Lc7
            r0 = r9[r2]     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            int r1 = r0.getTagNo()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            r11 = 6
            if (r1 != r11) goto L98
            org.bouncycastle.asn1.DEREncodable r0 = r0.getName()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            org.bouncycastle.asn1.DERIA5String r0 = org.bouncycastle.asn1.DERIA5String.getInstance(r0)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            java.lang.String r0 = r0.getString()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            java.net.URL r1 = new java.net.URL     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            r1.<init>(r0)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            java.net.URLConnection r0 = r1.openConnection()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            java.io.DataInputStream r11 = new java.io.DataInputStream     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            java.io.InputStream r0 = r0.getInputStream()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            r11.<init>(r0)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            r1 = 0
            java.security.cert.CRL r0 = r5.generateCRL(r11)     // Catch: java.lang.Throwable -> Lb0 java.lang.Throwable -> Lcd
            java.security.cert.X509CRL r0 = (java.security.cert.X509CRL) r0     // Catch: java.lang.Throwable -> Lb0 java.lang.Throwable -> Lcd
            r6.add(r0)     // Catch: java.lang.Throwable -> Lb0 java.lang.Throwable -> Lcd
            if (r11 == 0) goto L98
            if (r1 == 0) goto Laa
            r11.close()     // Catch: java.lang.Throwable -> L9c java.io.IOException -> La1 java.security.cert.CRLException -> Lae
        L98:
            int r0 = r2 + 1
            r2 = r0
            goto L5e
        L9c:
            r0 = move-exception
            r1.addSuppressed(r0)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            goto L98
        La1:
            r0 = move-exception
        La2:
            java.security.cert.CertificateException r1 = new java.security.cert.CertificateException
            java.lang.String r2 = "Certificate CRL exception 1029"
            r1.<init>(r2, r0)
            throw r1
        Laa:
            r11.close()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            goto L98
        Lae:
            r0 = move-exception
            goto La2
        Lb0:
            r0 = move-exception
            throw r0     // Catch: java.lang.Throwable -> Lb2
        Lb2:
            r1 = move-exception
            r12 = r1
            r1 = r0
            r0 = r12
        Lb6:
            if (r11 == 0) goto Lbd
            if (r1 == 0) goto Lc3
            r11.close()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae java.lang.Throwable -> Lbe
        Lbd:
            throw r0     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
        Lbe:
            r2 = move-exception
            r1.addSuppressed(r2)     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            goto Lbd
        Lc3:
            r11.close()     // Catch: java.io.IOException -> La1 java.security.cert.CRLException -> Lae
            goto Lbd
        Lc7:
            int r0 = r4 + 1
            r4 = r0
            goto L40
        Lcc:
            return r6
        Lcd:
            r0 = move-exception
            goto Lb6
        */
        throw new UnsupportedOperationException("Method not decompiled: es.redsys.paysys.Utils.MySSLSocketFactoryCertValidate.d(java.security.cert.X509Certificate):java.util.List");
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.SocketFactory
    public Socket createSocket() {
        return a(this.a.getSocketFactory().createSocket());
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.scheme.LayeredSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) {
        return a(this.a.getSocketFactory().createSocket(socket, str, i, z));
    }

    public void initTrustedCerts(KeyStore keyStore) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            this.d = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
        } catch (KeyStoreException e) {
            throw new KeyManagementException(e.getMessage());
        }
    }
}
