package com.instwall.net;

import ashy.earl.common.util.L;
import com.instwall.data.TimeSyncInfo;
import com.instwall.net.NetCore;
import com.instwall.util.Utils;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.TypeCastException;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;
import okhttp3.internal.tls.OkHostnameVerifier;

/* compiled from: NetCore.kt */
/* loaded from: classes.dex */
public final class NetCore$mTrustAll$1 implements HostnameVerifier, X509TrustManager {
    private boolean mAcceptAll;
    private final OkHostnameVerifier mDefaultNv;
    final /* synthetic */ NetCore this$0;
    private final long MAX_SYNC_DIFF = 7200000;
    private final X509TrustManager mDefaultTm = defaultTm();

    /* JADX INFO: Access modifiers changed from: package-private */
    public NetCore$mTrustAll$1(NetCore netCore) {
        this.this$0 = netCore;
        OkHostnameVerifier okHostnameVerifier = OkHostnameVerifier.INSTANCE;
        if (okHostnameVerifier == null) {
            Intrinsics.throwNpe();
        }
        this.mDefaultNv = okHostnameVerifier;
    }

    private final X509TrustManager defaultTm() {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        Intrinsics.checkExpressionValueIsNotNull(trustManagerFactory, "trustManagerFactory");
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
            TrustManager trustManager = trustManagers[0];
            if (trustManager != null) {
                return (X509TrustManager) trustManager;
            }
            throw new TypeCastException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
        }
        throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
    }

    private final void throwIfTimeNotSync() {
        try {
            TimeSyncInfo fetchTimeSyncInfo$default = NetCore.fetchTimeSyncInfo$default(this.this$0, 0L, 1, null);
            long currentTimeMillis = System.currentTimeMillis();
            if (Math.abs(fetchTimeSyncInfo$default.now() - currentTimeMillis) <= this.MAX_SYNC_DIFF) {
                if (NetCore.Companion.checkTimeSynced(currentTimeMillis)) {
                    return;
                }
                throw new NetCore.TimeNotSyncException("Time not sync by hard check: " + Utils.INSTANCE.timeToString(currentTimeMillis));
            }
            throw new NetCore.TimeNotSyncException("real[" + Utils.INSTANCE.timeToString(fetchTimeSyncInfo$default.now()) + "] vs now[" + Utils.INSTANCE.timeToString(currentTimeMillis) + "] diff too big(>2hour)");
        } catch (Throwable th) {
            throw new NetCore.TimeNotSyncException(th);
        }
    }

    public final void acceptAll(boolean z) {
        this.mAcceptAll = z;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        Intrinsics.checkParameterIsNotNull(chain, "chain");
        Intrinsics.checkParameterIsNotNull(authType, "authType");
        if (!this.mAcceptAll) {
            throwIfTimeNotSync();
            this.mDefaultTm.checkClientTrusted(chain, authType);
        } else {
            Throwable th = (Throwable) null;
            if (L.loggable("netcore", 5)) {
                L.w("netcore", th, "NetCore~ checkClientTrusted - accept all");
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        Intrinsics.checkParameterIsNotNull(chain, "chain");
        Intrinsics.checkParameterIsNotNull(authType, "authType");
        if (!this.mAcceptAll) {
            throwIfTimeNotSync();
            this.mDefaultTm.checkServerTrusted(chain, authType);
        } else {
            Throwable th = (Throwable) null;
            if (L.loggable("netcore", 5)) {
                L.w("netcore", th, "NetCore~ checkServerTrusted - accept all");
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.mAcceptAll ? new X509Certificate[0] : this.mDefaultTm.getAcceptedIssuers();
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String hostname, SSLSession session) {
        Intrinsics.checkParameterIsNotNull(hostname, "hostname");
        Intrinsics.checkParameterIsNotNull(session, "session");
        if (StringsKt.contains$default(hostname, "lookup", false, 2, null)) {
            return true;
        }
        if (!this.mAcceptAll) {
            throwIfTimeNotSync();
            return this.mDefaultNv.verify(hostname, session);
        }
        String str = "NetCore~ verify - accept all: " + hostname;
        Throwable th = (Throwable) null;
        if (!L.loggable("netcore", 5)) {
            return true;
        }
        L.w("netcore", th, str);
        return true;
    }
}
