package com.xone.sslpinning;

import com.xone.android.utils.ExceptionUtils;
import com.xone.android.utils.Utils;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Proxy;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;

/* loaded from: classes3.dex */
public class PinningTools {
    private static final char[] HEX_CHARACTERS = "0123456789ABCDEF".toCharArray();

    public static String bytesToHex(byte[] bArr) {
        char[] cArr = new char[bArr.length * 2];
        for (int i = 0; i < bArr.length; i++) {
            int i2 = bArr[i] & 255;
            int i3 = i * 2;
            char[] cArr2 = HEX_CHARACTERS;
            cArr[i3] = cArr2[i2 >>> 4];
            cArr[i3 + 1] = cArr2[i2 & 15];
        }
        return new String(cArr);
    }

    public static int getKeyStoreFromCertificateFile(File file, KeyStore keyStore) throws IOException, CertificateException, KeyStoreException {
        FileInputStream fileInputStream;
        BufferedInputStream bufferedInputStream = null;
        try {
            fileInputStream = new FileInputStream(file);
            try {
                BufferedInputStream bufferedInputStream2 = new BufferedInputStream(fileInputStream);
                try {
                    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                    int i = 0;
                    while (bufferedInputStream2.available() > 0) {
                        keyStore.setCertificateEntry(String.valueOf(i), certificateFactory.generateCertificate(bufferedInputStream2));
                        i++;
                    }
                    Utils.closeSafely(bufferedInputStream2, fileInputStream);
                    return i;
                } catch (Throwable th) {
                    th = th;
                    bufferedInputStream = bufferedInputStream2;
                    Utils.closeSafely(bufferedInputStream, fileInputStream);
                    throw th;
                }
            } catch (Throwable th2) {
                th = th2;
            }
        } catch (Throwable th3) {
            th = th3;
            fileInputStream = null;
        }
    }

    public static String getPinFromCertificate(Certificate certificate) throws NoSuchAlgorithmException {
        return bytesToHex(MessageDigest.getInstance("SHA1").digest(certificate.getPublicKey().getEncoded()));
    }

    public static HttpsURLConnection getPinnedHttpsURLConnection(String[] strArr, URL url, Proxy proxy) throws IOException {
        try {
            if (!url.getProtocol().equals("https")) {
                throw new IllegalArgumentException("Attempt to construct pinned non-https connection!");
            }
            PinningTrustManager[] pinningTrustManagerArr = {new PinningTrustManager(strArr, 0L)};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, pinningTrustManagerArr, null);
            HttpsURLConnection httpsURLConnection = proxy != null ? (HttpsURLConnection) url.openConnection(proxy) : (HttpsURLConnection) url.openConnection();
            httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
            return httpsURLConnection;
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw ExceptionUtils.throwUnchecked(e);
        }
    }

    public static String[] getPinsFromCertificateFile(File file) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        if (file == null) {
            throw new SecurityException("Error, local certificate path for certificate pinning is empty. Aborting connection.");
        }
        if (!file.exists() || !file.isFile()) {
            throw new SecurityException("Error, local certificate for certificate pinning does not exist. Aborting connection.");
        }
        String fileExtension = Utils.getFileExtension(file);
        fileExtension.hashCode();
        char c = 65535;
        switch (fileExtension.hashCode()) {
            case 98384:
                if (fileExtension.equals("cer")) {
                    c = 0;
                    break;
                }
                break;
            case 98789:
                if (fileExtension.equals("crt")) {
                    c = 1;
                    break;
                }
                break;
            case 99345:
                if (fileExtension.equals("der")) {
                    c = 2;
                    break;
                }
                break;
            case 110872:
                if (fileExtension.equals("pem")) {
                    c = 3;
                    break;
                }
                break;
        }
        switch (c) {
            case 0:
            case 1:
            case 2:
            case 3:
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null);
                int keyStoreFromCertificateFile = getKeyStoreFromCertificateFile(file, keyStore);
                String[] strArr = new String[keyStoreFromCertificateFile];
                for (int i = 0; i < keyStoreFromCertificateFile; i++) {
                    strArr[i] = getPinFromCertificate(keyStore.getCertificate(String.valueOf(i)));
                }
                return strArr;
            default:
                throw new SecurityException("Certificate file is not of a recognized type");
        }
    }
}
