package com.tencent.iot.hub.device.java.core.util;

import com.tencent.iot.hub.device.java.core.device.CA;
import com.tencent.iot.hub.device.java.utils.Loggor;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Random;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.cert.d;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.e;
import org.eclipse.paho.client.mqttv3.internal.security.SSLSocketFactoryFactory;
import org.slf4j.b;
import org.slf4j.c;

/* loaded from: classes2.dex */
public class SymcSslUtils {
    private static String PASSWORD = null;
    public static final String TAG = "com.tencent.iot.hub.device.java.core.util.SymcSslUtils";
    private static final b logger;

    static {
        b i = c.i(SymcSslUtils.class);
        logger = i;
        Loggor.setLogger(i);
        PASSWORD = String.valueOf(new Random(System.currentTimeMillis()).nextInt());
    }

    public static SSLSocketFactory getSocketFactory(String str) {
        CertificateFactory certificateFactory;
        Security.addProvider(new BouncyCastleProvider());
        try {
            certificateFactory = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e2) {
            Loggor.error(TAG, "getSocketFactory failed, create CertificateFactory error. " + e2);
            certificateFactory = null;
        }
        e eVar = new e(new InputStreamReader(new ByteArrayInputStream(CA.caCrt.getBytes())));
        try {
            Object readObject = eVar.readObject();
            if (!(readObject instanceof d)) {
                Loggor.error(TAG, "CA file not X509CertificateHolder.");
                return null;
            }
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(((d) readObject).a());
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                byteArrayInputStream.close();
                eVar.close();
                try {
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(null, null);
                    keyStore.setCertificateEntry("ca-certificate", x509Certificate);
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(str.getBytes());
                    KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore2.load(byteArrayInputStream2, null);
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(keyStore2, PASSWORD.toCharArray());
                    SSLContext sSLContext = SSLContext.getInstance(SSLSocketFactoryFactory.DEFAULT_PROTOCOL);
                    sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                    return sSLContext.getSocketFactory();
                } catch (Exception e3) {
                    Loggor.error(TAG, "construct SSLSocketFactory failed. " + e3);
                    return null;
                }
            } catch (Exception e4) {
                Loggor.error(TAG, "generate CA certtificate failed. " + e4);
                return null;
            }
        } catch (IOException e5) {
            Loggor.error(TAG, "parse CA failed." + e5);
            return null;
        }
    }
}
