package com.xone.sslpinning;

import android.content.Context;
import android.text.TextUtils;
import com.xone.android.utils.Utils;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Proxy;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.BasicHttpParams;

/* loaded from: classes.dex */
public class PinningTools {
    protected static final char[] hexArray = "0123456789ABCDEF".toCharArray();

    public static String bytesToHex(byte[] bArr) {
        char[] cArr = new char[bArr.length * 2];
        for (int i = 0; i < bArr.length; i++) {
            int i2 = bArr[i] & 255;
            cArr[i * 2] = hexArray[i2 >>> 4];
            cArr[(i * 2) + 1] = hexArray[i2 & 15];
        }
        return new String(cArr);
    }

    public static int getKeyStoreFromCerFile(File file, KeyStore keyStore) throws Exception {
        FileInputStream fileInputStream = new FileInputStream(file);
        BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        int i = 0;
        while (bufferedInputStream.available() > 0) {
            keyStore.setCertificateEntry(String.valueOf(i), certificateFactory.generateCertificate(bufferedInputStream));
            i++;
        }
        fileInputStream.close();
        return i;
    }

    public static String getPinFromCertificate(Certificate certificate) throws NoSuchAlgorithmException {
        return bytesToHex(MessageDigest.getInstance("SHA1").digest(certificate.getPublicKey().getEncoded()));
    }

    public static HttpClient getPinnedHttpClient(Context context, String[] strArr) {
        try {
            SchemeRegistry schemeRegistry = new SchemeRegistry();
            schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
            schemeRegistry.register(new Scheme("https", new PinningSSLSocketFactory(context, strArr, 0L), 443));
            BasicHttpParams basicHttpParams = new BasicHttpParams();
            return new DefaultHttpClient(new ThreadSafeClientConnManager(basicHttpParams, schemeRegistry), basicHttpParams);
        } catch (KeyManagementException e) {
            throw new AssertionError(e);
        } catch (KeyStoreException e2) {
            throw new AssertionError(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new AssertionError(e3);
        } catch (UnrecoverableKeyException e4) {
            throw new AssertionError(e4);
        }
    }

    public static HttpsURLConnection getPinnedHttpsURLConnection(Context context, String[] strArr, URL url, Proxy proxy) throws IOException {
        try {
            if (!url.getProtocol().equals("https")) {
                throw new IllegalArgumentException("Attempt to construct pinned non-https connection!");
            }
            TrustManager[] trustManagerArr = {new PinningTrustManager(SystemKeyStore.getInstance(context), strArr, 0L)};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, null);
            HttpsURLConnection httpsURLConnection = proxy != null ? (HttpsURLConnection) url.openConnection(proxy) : (HttpsURLConnection) url.openConnection();
            httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
            return httpsURLConnection;
        } catch (KeyManagementException e) {
            throw new AssertionError(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new AssertionError(e2);
        }
    }

    public static String[] getPinsFromCertificateFile(File file) throws Exception {
        if (file == null) {
            throw new SecurityException("Error, local certificate path for certificate pinning is empty. Aborting connection.");
        }
        if (!file.exists() || !file.isFile()) {
            throw new SecurityException("Error, local certificate for certificate pinning does not exist. Aborting connection.");
        }
        if (!file.getAbsolutePath().toLowerCase().endsWith(".cer")) {
            throw new SecurityException("Error, local certificate for certificate pinning must be a .cer file. Aborting connection.");
        }
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        int keyStoreFromCerFile = getKeyStoreFromCerFile(file, keyStore);
        String[] strArr = new String[keyStoreFromCerFile];
        for (int i = 0; i < keyStoreFromCerFile; i++) {
            strArr[i] = getPinFromCertificate(keyStore.getCertificate(String.valueOf(i)));
        }
        return strArr;
    }

    public static String[] getPinsFromCertificateFile(String str) throws Exception {
        if (TextUtils.isEmpty(str)) {
            throw new SecurityException("Error, local cert path for certificate pinning is empty. Aborting connection.");
        }
        return getPinsFromCertificateFile(new File(str));
    }

    public static ArrayList<String> getPinsFromCertificates(Certificate... certificateArr) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
        ArrayList<String> arrayList = new ArrayList<>();
        for (Certificate certificate : certificateArr) {
            arrayList.add(bytesToHex(messageDigest.digest(certificate.getPublicKey().getEncoded())));
        }
        return arrayList;
    }

    public static void trustCertificate(HttpsURLConnection httpsURLConnection, File file) throws Exception {
        if (httpsURLConnection == null) {
            throw new NullPointerException("mHttpsURLConnection == null");
        }
        if (file == null) {
            throw new NullPointerException("fCertificate == null");
        }
        if (!file.exists()) {
            throw new NullPointerException("fCertificate does not exist");
        }
        if (!file.isFile()) {
            throw new NullPointerException("fCertificate is not a file");
        }
        FileInputStream fileInputStream = null;
        BufferedInputStream bufferedInputStream = null;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            FileInputStream fileInputStream2 = new FileInputStream(file);
            try {
                BufferedInputStream bufferedInputStream2 = new BufferedInputStream(fileInputStream2);
                try {
                    Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream2);
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(null, null);
                    keyStore.setCertificateEntry("ca", generateCertificate);
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                    httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
                } catch (Exception e) {
                    e = e;
                    bufferedInputStream = bufferedInputStream2;
                    fileInputStream = fileInputStream2;
                    e.printStackTrace();
                    Utils.closeSafely(fileInputStream, bufferedInputStream);
                    throw e;
                }
            } catch (Exception e2) {
                e = e2;
                fileInputStream = fileInputStream2;
            }
        } catch (Exception e3) {
            e = e3;
        }
    }

    public static void trustCertificate(HttpsURLConnection httpsURLConnection, String str) throws Exception {
        trustCertificate(httpsURLConnection, new File(str));
    }
}
