package com.neurotec.commonutils.util;

import android.content.Context;
import android.content.res.AssetManager;
import android.util.Pair;
import com.neurotec.commonutils.R;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes.dex */
public class SSLUtil {
    private static final String TAG = "SSLUtil";

    private static String ReplaceCertificationAttributes(String str) {
        return str.replace("CN=", "").replace("OU=", "").replace("O=", "").replace("L=", "").replace("S=", "").replace("ST=", "").replace("C=", "");
    }

    private static String byte2HexFormatted(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (int i10 = 0; i10 < bArr.length; i10++) {
            String hexString = Integer.toHexString(bArr[i10]);
            int length = hexString.length();
            if (length == 1) {
                hexString = "0" + hexString;
            }
            if (length > 2) {
                hexString = hexString.substring(length - 2, length);
            }
            sb.append(hexString.toUpperCase());
            if (i10 < bArr.length - 1) {
                sb.append(':');
            }
        }
        return sb.toString();
    }

    public static String getCertifcateDetails(X509Certificate x509Certificate, Context context) {
        String format = DateUtil.getYMDFormat().format(x509Certificate.getNotBefore());
        String format2 = DateUtil.getYMDFormat().format(x509Certificate.getNotAfter());
        String ReplaceCertificationAttributes = ReplaceCertificationAttributes(x509Certificate.getIssuerDN().getName());
        String ReplaceCertificationAttributes2 = ReplaceCertificationAttributes(x509Certificate.getSubjectDN().getName());
        String shaFingerprint = getShaFingerprint(x509Certificate, "SHA-256");
        String shaFingerprint2 = getShaFingerprint(x509Certificate, "SHA-1");
        String str = "";
        if (format != null) {
            str = "" + context.getString(R.string.certificate_start_date) + " = " + format + StringUtils.LF;
        }
        if (format2 != null) {
            str = str + context.getString(R.string.certificate_end_date) + " = " + format2 + StringUtils.LF;
        }
        if (ReplaceCertificationAttributes != null) {
            str = str + context.getString(R.string.issued_by) + " = " + ReplaceCertificationAttributes + StringUtils.LF;
        }
        if (ReplaceCertificationAttributes2 != null) {
            str = str + context.getString(R.string.issued_to) + " = " + ReplaceCertificationAttributes2 + StringUtils.LF;
        }
        if (shaFingerprint != null) {
            str = str + "SHA-256 Fingerprint = " + shaFingerprint + StringUtils.LF;
        }
        if (shaFingerprint2 == null) {
            return str;
        }
        return str + "SHA-1 Fingerprint = " + shaFingerprint2 + StringUtils.LF;
    }

    private static KeyStore getKeyStore(Context context, String str) {
        Certificate generateCertificate;
        KeyStore keyStore;
        KeyStore keyStore2 = null;
        try {
            AssetManager assets = context.getAssets();
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            InputStream open = assets.open(str);
            try {
                generateCertificate = certificateFactory.generateCertificate(open);
                LoggerUtil.log(TAG, "ca=" + ((X509Certificate) generateCertificate).getSubjectDN());
                open.close();
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            } catch (Throwable th) {
                open.close();
                throw th;
            }
        } catch (Exception e10) {
            e = e10;
        }
        try {
            keyStore.load(null, null);
            keyStore.setCertificateEntry("ca", generateCertificate);
            return keyStore;
        } catch (Exception e11) {
            e = e11;
            keyStore2 = keyStore;
            LoggerUtil.log(TAG, "Error during getting keystore", e);
            return keyStore2;
        }
    }

    private static String getShaFingerprint(X509Certificate x509Certificate, String str) {
        String str2;
        StringBuilder sb;
        String str3;
        try {
            return byte2HexFormatted(MessageDigest.getInstance(str).digest(x509Certificate.getEncoded()));
        } catch (NoSuchAlgorithmException e10) {
            e = e10;
            str2 = TAG;
            sb = new StringBuilder();
            str3 = "NoSuchAlgorithmException on getShaFingerprint ";
            sb.append(str3);
            sb.append(str);
            LoggerUtil.log(str2, sb.toString(), e);
            return null;
        } catch (CertificateEncodingException e11) {
            e = e11;
            str2 = TAG;
            sb = new StringBuilder();
            str3 = "CertificateEncodingException on getShaFingerprint ";
            sb.append(str3);
            sb.append(str);
            LoggerUtil.log(str2, sb.toString(), e);
            return null;
        } catch (Exception e12) {
            e = e12;
            str2 = TAG;
            sb = new StringBuilder();
            str3 = "Exception on getShaFingerprint ";
            sb.append(str3);
            sb.append(str);
            LoggerUtil.log(str2, sb.toString(), e);
            return null;
        }
    }

    public static Pair<SSLSocketFactory, X509TrustManager> getSslContextForCertificateFile(Context context, String str) {
        try {
            KeyStore keyStore = getKeyStore(context, str);
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            sSLContext.init(null, trustManagers, new SecureRandom());
            return new Pair<>(sSLContext.getSocketFactory(), (X509TrustManager) trustManagers[0]);
        } catch (Exception e10) {
            LoggerUtil.log(TAG, "Error during creating SslContext for certificate from assets", e10);
            throw new RuntimeException("Error during creating SslContext for certificate from assets");
        }
    }

    public static Pair<SSLSocketFactory, X509TrustManager> getSslContextForCertificateFile(byte[] bArr) {
        KeyStore keyStore;
        Certificate generateCertificate;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
                LoggerUtil.log(TAG, "ca=" + ((X509Certificate) generateCertificate).getSubjectDN());
                byteArrayInputStream.close();
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            } finally {
            }
        } catch (Exception e10) {
            e = e10;
            keyStore = null;
        }
        try {
            try {
                keyStore.load(null, null);
                keyStore.setCertificateEntry("ca", generateCertificate);
            } catch (Exception e11) {
                e = e11;
                LoggerUtil.log(TAG, "Error during getting keystore", e);
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                sSLContext.init(null, trustManagers, new SecureRandom());
                return new Pair<>(sSLContext.getSocketFactory(), (X509TrustManager) trustManagers[0]);
            }
            SSLContext sSLContext2 = SSLContext.getInstance("SSL");
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory2.init(keyStore);
            TrustManager[] trustManagers2 = trustManagerFactory2.getTrustManagers();
            sSLContext2.init(null, trustManagers2, new SecureRandom());
            return new Pair<>(sSLContext2.getSocketFactory(), (X509TrustManager) trustManagers2[0]);
        } catch (Exception e12) {
            LoggerUtil.log(TAG, "Error during creating SslContext for certificate from assets", e12);
            throw new RuntimeException("Error during creating SslContext for certificate from assets");
        }
    }

    public static Pair<SSLSocketFactory, X509TrustManager> getSslForTrustedSites(final boolean z10, final PublicKey publicKey) {
        try {
            X509TrustManager x509TrustManager = new X509TrustManager() { // from class: com.neurotec.commonutils.util.SSLUtil.1
                final X509Certificate[] certificates = new X509Certificate[0];

                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                    if (z10) {
                        return;
                    }
                    if (x509CertificateArr == null || x509CertificateArr.length == 0 || str == null || str.isEmpty()) {
                        LoggerUtil.log(SSLUtil.TAG, "Invalid xcs or authType");
                        throw new IllegalArgumentException("Invalid parameters");
                    }
                    PublicKey publicKey2 = publicKey;
                    if (publicKey2 == null) {
                        LoggerUtil.log(SSLUtil.TAG, "URL not trusted!");
                        throw new CertificateException("URL not trusted");
                    }
                    try {
                        x509CertificateArr[0].verify(publicKey2);
                        LoggerUtil.log(SSLUtil.TAG, "Self Signed Certificate Public key verified");
                    } catch (Exception e10) {
                        LoggerUtil.log(SSLUtil.TAG, "Exception on getSslForTrustedSites checkServerTrusted ", e10);
                        throw new CertificateException("Certificate not trusted", e10);
                    }
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return this.certificates;
                }
            };
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
            SSLContext.setDefault(sSLContext);
            return new Pair<>(sSLContext.getSocketFactory(), x509TrustManager);
        } catch (Exception e10) {
            LoggerUtil.log(TAG, "Error during creating SslContext for certificate from assets", e10);
            throw new RuntimeException("Error during creating SslContext for certificate from assets");
        }
    }
}
