package com.xwbank.sdk.utils;

import cfca.sadk.org.bouncycastle.jce.provider.BouncyCastleProvider;
import cfca.sadk.tls.kse.CertBean;
import cfca.sadk.tls.kse.KeystoreUtils;
import cfca.sadk.tls.sun.security.ssl.JSSEProvider;
import cfca.sadk.tls.util.Loggings;
import com.xwbank.sdk.config.ApplicationConfig;
import com.xwbank.sdk.config.HttpClientConfig;
import com.xwbank.sdk.constants.HttpClientConstant;
import com.xwbank.sdk.http.entity.ProxyInfo;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.validation.constraints.NotNull;
import org.apache.http.Header;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.ConnectionKeepAliveStrategy;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.DefaultConnectionKeepAliveStrategy;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:com/xwbank/sdk/utils/HttpClientUtil.class */
public class HttpClientUtil {
    private static final Logger logger = LoggerFactory.getLogger(HttpClientUtil.class);
    private static final List<PoolingHttpClientConnectionManager> POOLING_MANAGERS = new ArrayList();
    private static final String[] supportedCipherSuites = {"TLS_SM2PKEA_SM2DSA_WITH_SM4_CBC_SM3", "TLS_ECDHE_SM2DSA_WITH_SM4_CBC_SM3"};

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/xwbank/sdk/utils/HttpClientUtil$GMSSLLayeredConnectionSocketFactory.class */
    public static final class GMSSLLayeredConnectionSocketFactory implements LayeredConnectionSocketFactory {
        private final SSLSocketFactory socketfactory;

        public static ConnectionSocketFactory getSocketFactory(SSLContext sSLContext) {
            return new GMSSLLayeredConnectionSocketFactory(sSLContext);
        }

        public GMSSLLayeredConnectionSocketFactory(SSLContext sSLContext) {
            this(sSLContext.getSocketFactory());
        }

        public GMSSLLayeredConnectionSocketFactory(SSLSocketFactory sSLSocketFactory) {
            this.socketfactory = sSLSocketFactory;
        }

        public Socket createSocket(HttpContext httpContext) throws IOException {
            return SocketFactory.getDefault().createSocket();
        }

        public Socket connectSocket(int i, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
            Socket createSocket = socket != null ? socket : createSocket(httpContext);
            if (inetSocketAddress2 != null) {
                createSocket.bind(inetSocketAddress2);
            } else {
                createSocket.bind(new InetSocketAddress(0));
            }
            long currentTimeMillis = System.currentTimeMillis();
            try {
                createSocket.connect(inetSocketAddress, i);
                long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
                if (currentTimeMillis2 > i) {
                    Loggings.handshaker.warn("ThresholdTime={}: connectTime={}", Integer.valueOf(i), Long.valueOf(currentTimeMillis2));
                }
                if (!(createSocket instanceof SSLSocket)) {
                    return createLayeredSocket(createSocket, httpHost.getHostName(), inetSocketAddress.getPort(), httpContext);
                }
                handshake((SSLSocket) createSocket, httpContext);
                return createSocket;
            } catch (IOException e) {
                Loggings.ERROR.error("connect failed", e);
                throw e;
            }
        }

        public Socket createLayeredSocket(Socket socket, String str, int i, HttpContext httpContext) throws IOException {
            SSLSocket sSLSocket = (SSLSocket) this.socketfactory.createSocket(socket, str, i, true);
            setEnabledCipherSuites(sSLSocket);
            prepareSocket(sSLSocket, httpContext);
            handshake(sSLSocket, httpContext);
            return sSLSocket;
        }

        final void setEnabledCipherSuites(SSLSocket sSLSocket) {
            sSLSocket.setEnabledCipherSuites(HttpClientUtil.supportedCipherSuites);
            System.err.println("EnabledCipherSuites: " + Arrays.asList(HttpClientUtil.supportedCipherSuites));
        }

        final void prepareSocket(SSLSocket sSLSocket, HttpContext httpContext) throws IOException {
        }

        final SSLSession handshake(SSLSocket sSLSocket, HttpContext httpContext) throws IOException {
            long currentTimeMillis = System.currentTimeMillis();
            try {
                sSLSocket.startHandshake();
                long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
                if (currentTimeMillis2 > sSLSocket.getSoTimeout()) {
                    Loggings.handshaker.warn("ThresholdTime={}: handshakeTime={}", Integer.valueOf(sSLSocket.getSoTimeout()), Long.valueOf(currentTimeMillis2));
                }
                return sSLSocket.getSession();
            } catch (IOException e) {
                Loggings.ERROR.error("handshake failed", e);
                throw e;
            }
        }
    }

    public static List<PoolingHttpClientConnectionManager> getPoolingManagers() {
        return POOLING_MANAGERS;
    }

    public static CloseableHttpClient doHttpClient(HttpClientConfig httpClientConfig, ApplicationConfig applicationConfig) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        Security.addProvider(JSSEProvider.INSTANCE);
        if (!applicationConfig.getPublicUrl().startsWith(HttpClientConstant.HTTP_PROTOCOL_HEADER_HTTP) && (!StringUtils.isNull(applicationConfig.getKeyStorePath()) || applicationConfig.getKeyStoreStream() != null)) {
            return !StringUtils.isNull(applicationConfig.getKeyStorePath()) ? createHttpsClient(httpClientConfig, applicationConfig.getTrustFilePath(), applicationConfig.getKeyStorePath(), applicationConfig.getKeyPwd()) : createHttpsClient(httpClientConfig, applicationConfig.getTrustFileStream(), applicationConfig.getKeyStoreStream(), applicationConfig.getKeyPwd());
        }
        logger.info("证书信息为空，HttpClient创建http或https绕过双向认证请求");
        return createHttpClient(httpClientConfig);
    }

    public static PoolingHttpClientConnectionManager createPoolingHttpClientConnectionManager(Registry<ConnectionSocketFactory> registry, int i, int i2) {
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(registry);
        poolingHttpClientConnectionManager.setMaxTotal(i);
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(i2);
        POOLING_MANAGERS.add(poolingHttpClientConnectionManager);
        return poolingHttpClientConnectionManager;
    }

    public static ConnectionKeepAliveStrategy createKeepAliveStrategy(@NotNull final long j) {
        return new DefaultConnectionKeepAliveStrategy() { // from class: com.xwbank.sdk.utils.HttpClientUtil.1
            @Override // org.apache.http.impl.client.DefaultConnectionKeepAliveStrategy, org.apache.http.conn.ConnectionKeepAliveStrategy
            public long getKeepAliveDuration(HttpResponse httpResponse, HttpContext httpContext) {
                long keepAliveDuration = super.getKeepAliveDuration(httpResponse, httpContext);
                if (keepAliveDuration == -1) {
                    keepAliveDuration = j;
                }
                return keepAliveDuration;
            }
        };
    }

    public static SSLConnectionSocketFactory createConnectionSocketFactory() {
        SSLConnectionSocketFactory socketFactory;
        try {
            socketFactory = new SSLConnectionSocketFactory(createIgnoreVerifySSL(), NoopHostnameVerifier.INSTANCE);
        } catch (Exception e) {
            logger.warn("实例化单向认证协议失败,使用默认连接 ==> ", e);
            socketFactory = SSLConnectionSocketFactory.getSocketFactory();
        }
        return socketFactory;
    }

    public static CloseableHttpClient createHttpClient(HttpClientConfig httpClientConfig) {
        HashMap hashMap = new HashMap(2);
        hashMap.put(HttpClientConstant.HTTP_PROTOCOL_TYPE_HTTP, PlainConnectionSocketFactory.INSTANCE);
        hashMap.put(HttpClientConstant.HTTP_PROTOCOL_TYPE_HTTPS, createConnectionSocketFactory());
        PoolingHttpClientConnectionManager createPoolingHttpClientConnectionManager = createPoolingHttpClientConnectionManager(createConnectionSocketFactory(hashMap), httpClientConfig.getMaxTotal(), httpClientConfig.getMaxPreRoute());
        HttpClientBuilder custom = HttpClients.custom();
        ProxyInfo.proxyManage(custom);
        return custom.setConnectionManager(createPoolingHttpClientConnectionManager).setKeepAliveStrategy(createKeepAliveStrategy(httpClientConfig.getConnectionKeepAlive())).build();
    }

    public static KeyStore createKeySore(String str, String str2, String str3) throws Exception {
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(str2);
                KeyStore createKeySore = createKeySore(fileInputStream, str3);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        logger.error("文件流关闭异常：", e);
                    }
                }
                return createKeySore;
            } catch (Exception e2) {
                logger.error("证书初始化异常：", e2);
                throw e2;
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                    logger.error("文件流关闭异常：", e3);
                }
            }
            throw th;
        }
    }

    public static KeyStore createKeySore(InputStream inputStream, String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(HttpClientConstant.HTTP_KEYSTORE_TYPE);
        keyStore.load(inputStream, str.toCharArray());
        return keyStore;
    }

    public static CloseableHttpClient createHttpsClient(@NotNull HttpClientConfig httpClientConfig, @NotNull String str, @NotNull String str2, @NotNull String str3) throws Exception {
        return createHttpsClient(httpClientConfig, createCertSSL(str, str2, str3));
    }

    public static CloseableHttpClient createHttpsClient(@NotNull HttpClientConfig httpClientConfig, @NotNull InputStream inputStream, @NotNull InputStream inputStream2, @NotNull String str) throws Exception {
        return createHttpsClient(httpClientConfig, createCertSSL(inputStream, inputStream2, str));
    }

    public static CloseableHttpClient createHttpsClient(@NotNull HttpClientConfig httpClientConfig, @NotNull SSLContext sSLContext) {
        HashMap hashMap = new HashMap(2);
        hashMap.put(HttpClientConstant.HTTP_PROTOCOL_TYPE_HTTP, PlainConnectionSocketFactory.INSTANCE);
        hashMap.put(HttpClientConstant.HTTP_PROTOCOL_TYPE_HTTPS, GMSSLLayeredConnectionSocketFactory.getSocketFactory(sSLContext));
        PoolingHttpClientConnectionManager createPoolingHttpClientConnectionManager = createPoolingHttpClientConnectionManager(createConnectionSocketFactory(hashMap), httpClientConfig.getMaxTotal(), httpClientConfig.getMaxPreRoute());
        HttpClientBuilder custom = HttpClients.custom();
        ProxyInfo.proxyManage(custom);
        return custom.setConnectionManager(createPoolingHttpClientConnectionManager).setKeepAliveStrategy(createKeepAliveStrategy(httpClientConfig.getConnectionKeepAlive())).build();
    }

    public static Registry<ConnectionSocketFactory> createConnectionSocketFactory(@NotNull Map<String, ConnectionSocketFactory> map) {
        RegistryBuilder create = RegistryBuilder.create();
        for (String str : map.keySet()) {
            create.register(str, map.get(str));
        }
        return create.build();
    }

    public static Registry<ConnectionSocketFactory> createConnectionSocketFactory(@NotNull String str, @NotNull ConnectionSocketFactory connectionSocketFactory) {
        return RegistryBuilder.create().register(str, connectionSocketFactory).build();
    }

    public static SSLContext createIgnoreVerifySSL() throws Exception {
        SSLContext sSLContext = SSLContext.getInstance(HttpClientConstant.HTTP_REQUEST_SSL);
        sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: com.xwbank.sdk.utils.HttpClientUtil.2
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }
        }}, null);
        return sSLContext;
    }

    public static SSLContext createCertSSL(String str, String str2, String str3) throws Exception {
        return KeystoreUtils.INSTANCE.buildSSLContext(new CertBean(str, str2, str3, str2, str3));
    }

    public static SSLContext createCertSSL(InputStream inputStream, InputStream inputStream2, String str) throws Exception {
        return null;
    }

    public static RequestConfig getRequestConfig(int i, int i2, int i3) {
        return RequestConfig.custom().setConnectionRequestTimeout(i).setSocketTimeout(i2).setConnectTimeout(i3).build();
    }

    public static void setHeader(HttpRequestBase httpRequestBase, Map<String, String> map) {
        if (map == null || map.size() == 0) {
            return;
        }
        for (String str : map.keySet()) {
            httpRequestBase.setHeader(str, map.get(str));
        }
    }

    public static void close(CloseableHttpResponse closeableHttpResponse) {
        if (closeableHttpResponse != null) {
            try {
                closeableHttpResponse.close();
            } catch (IOException e) {
                logger.error("【响应流关闭异常】 ==> ", e);
            }
        }
    }

    public static String entityToString(HttpResponse httpResponse) {
        if (httpResponse == null) {
            return "";
        }
        String str = null;
        try {
            str = EntityUtils.toString(httpResponse.getEntity(), HttpClientConstant.HTTP_CHARSET_UTF8);
            EntityUtils.consume(httpResponse.getEntity());
        } catch (IOException e) {
            logger.error("响应对象获取异常: ", e);
        }
        return str;
    }

    public static String entityToBase64(HttpResponse httpResponse) {
        if (httpResponse == null) {
            return "";
        }
        byte[] bArr = null;
        try {
            bArr = EntityUtils.toByteArray(httpResponse.getEntity());
            EntityUtils.consume(httpResponse.getEntity());
        } catch (IOException e) {
            logger.error("响应对象获取异常: ", e);
        }
        return new BASE64Encoder().encode(bArr);
    }

    public static Map<String, String> getAllHeaders(HttpResponse httpResponse) {
        HashMap hashMap = new HashMap();
        if (httpResponse == null) {
            return hashMap;
        }
        for (Header header : httpResponse.getAllHeaders()) {
            hashMap.put(header.getName(), header.getValue());
        }
        return hashMap;
    }

    public static void poolingShutdown() {
        getPoolingManagers().forEach((v0) -> {
            v0.shutdown();
        });
    }
}
