package atws.shared.app;

import android.net.http.X509TrustManagerExtensions;
import atws.activity.fxconversion.BaseCloseCurrencyBottomSheetFragment;
import atws.shared.app.Analytics;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.regex.Pattern;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class HostnameVerifier {

    /* renamed from: a, reason: collision with root package name */
    public static boolean f7487a = false;

    /* loaded from: classes2.dex */
    public static class HostnameVerificationException extends CertificateException {

        /* renamed from: a, reason: collision with root package name */
        public final X509Certificate f7488a;

        /* renamed from: b, reason: collision with root package name */
        public final List<String> f7489b;

        public HostnameVerificationException(X509Certificate x509Certificate, List<String> list) {
            this.f7488a = x509Certificate;
            this.f7489b = list;
        }

        public X509Certificate a() {
            return this.f7488a;
        }

        @Override // java.lang.Throwable
        public String getMessage() {
            ArrayList<String> arrayList = new ArrayList(this.f7489b);
            StringBuilder sb2 = new StringBuilder();
            int i10 = 0;
            for (String str : arrayList) {
                if (sb2.length() > 0) {
                    sb2.append("\n");
                }
                if (arrayList.size() > 1) {
                    i10++;
                    sb2.append(i10);
                    sb2.append(". ");
                }
                sb2.append(str);
            }
            return sb2.toString();
        }
    }

    /* loaded from: classes2.dex */
    public class a implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ String f7490a;

        public a(String str) {
            this.f7490a = str;
        }

        public void a(String str, X509Certificate x509Certificate, List<String> list) {
            if (!k1.b(str, x509Certificate)) {
                throw new HostnameVerificationException(x509Certificate, list);
            }
            utils.c1.Z("Bad certificate, but accepted by user for hostName=" + str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            boolean equals = this.f7490a.equals("10.0.2.2");
            ArrayList arrayList = new ArrayList();
            if (!equals) {
                try {
                    HostnameVerifier.e(x509CertificateArr, str, this.f7490a);
                } catch (CertificateException e10) {
                    utils.c1.M(e10);
                    arrayList.add(e10.getMessage());
                }
            }
            X509Certificate x509Certificate = x509CertificateArr[0];
            if (!HostnameVerifier.i(x509Certificate, this.f7490a)) {
                utils.c1.Z("certificate does not match hostname=" + this.f7490a);
                arrayList.add(c7.b.f(m5.l.K8));
            }
            if (!arrayList.isEmpty()) {
                a(this.f7490a, x509Certificate, arrayList);
                return;
            }
            if (HostnameVerifier.f7487a) {
                a(this.f7490a, x509Certificate, arrayList);
                return;
            }
            utils.c1.Z("got valid certificate for hostname=" + this.f7490a);
            k1.d(this.f7490a);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    /* loaded from: classes2.dex */
    public class b {

        /* renamed from: a, reason: collision with root package name */
        public StringBuilder f7491a = new StringBuilder();

        /* renamed from: b, reason: collision with root package name */
        public boolean f7492b = false;

        public void a(char c10) {
            if (!this.f7492b) {
                this.f7491a.append("\\Q");
                this.f7492b = true;
            }
            this.f7491a.append(c10);
        }

        public void b(String str) {
            if (this.f7492b) {
                this.f7491a.append("\\E");
                this.f7492b = false;
            }
            this.f7491a.append(str);
        }

        public String toString() {
            String sb2 = this.f7491a.toString();
            if (!this.f7492b) {
                return sb2;
            }
            return sb2 + "\\E";
        }
    }

    public static void c(Collection<String> collection, X509Certificate x509Certificate) {
        String name;
        X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
        if (subjectX500Principal == null || (name = subjectX500Principal.getName()) == null) {
            return;
        }
        k(collection, name);
    }

    public static void d(Collection<String> collection, X509Certificate x509Certificate) {
        int intValue;
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null) {
                for (List<?> list : subjectAlternativeNames) {
                    if (list.size() >= 2) {
                        Object obj = list.get(0);
                        Object obj2 = list.get(1);
                        if ((obj instanceof Integer) && (obj2 instanceof String) && ((intValue = ((Integer) obj).intValue()) == 2 || intValue == 7)) {
                            collection.add(obj2.toString());
                        }
                    }
                }
            }
        } catch (CertificateParsingException e10) {
            utils.c1.O("Certificate has an invalid SAN", e10);
        }
    }

    public static void e(X509Certificate[] x509CertificateArr, String str, String str2) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            CertificateException certificateException = null;
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers == null) {
                throw new CertificateException("Missing trust manager");
            }
            for (TrustManager trustManager : trustManagers) {
                if (trustManager instanceof X509TrustManager) {
                    X509TrustManager x509TrustManager = (X509TrustManager) trustManager;
                    try {
                        f(x509CertificateArr, x509TrustManager, str);
                    } catch (CertificateException e10) {
                        utils.c1.N("checkServerTrusted error: " + e10);
                        l(e10, null);
                        certificateException = e10;
                    }
                    if (certificateException != null) {
                        try {
                            g(x509CertificateArr, x509TrustManager, str, str2);
                            return;
                        } catch (CertificateException e11) {
                            utils.c1.N("checkServerTrustedWithHost error: " + e11);
                            l(e11, "fallback");
                            Throwable cause = e11.getCause();
                            StringBuilder sb2 = new StringBuilder();
                            sb2.append("Invalid certificate:");
                            sb2.append(cause != null ? cause.getMessage() : e11.getMessage());
                            throw new CertificateException(sb2.toString(), e11);
                        }
                    }
                    return;
                }
            }
        } catch (KeyStoreException e12) {
            throw new CertificateException("SSL KeyStore invalid", e12);
        } catch (NoSuchAlgorithmException e13) {
            throw new CertificateException("SSL server trust problem", e13);
        }
    }

    public static void f(X509Certificate[] x509CertificateArr, X509TrustManager x509TrustManager, String str) {
        x509TrustManager.checkServerTrusted(x509CertificateArr, str);
    }

    public static void g(X509Certificate[] x509CertificateArr, X509TrustManager x509TrustManager, String str, String str2) {
        new X509TrustManagerExtensions(x509TrustManager).checkServerTrusted(x509CertificateArr, str, str2);
    }

    public static Pattern h(String str) {
        b bVar = new b();
        for (char c10 : str.toCharArray()) {
            if (c10 == '*') {
                bVar.b("[^.]*(\\.[^.]*)?");
            } else if (c10 == '.') {
                bVar.b("\\.");
            } else if (c10 != '?') {
                bVar.a(c10);
            } else {
                bVar.b("[^.]");
            }
        }
        return Pattern.compile(bVar.toString(), 2);
    }

    public static boolean i(Certificate certificate, String str) {
        for (String str2 : j(certificate)) {
            utils.c1.Z("Checking " + str + " against " + str2);
            if (n(str2, str)) {
                return true;
            }
        }
        return false;
    }

    public static String[] j(Certificate certificate) {
        HashSet hashSet = new HashSet();
        if (certificate instanceof X509Certificate) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            d(hashSet, x509Certificate);
            c(hashSet, x509Certificate);
            utils.c1.Z("getCertficateHostnameList: " + hashSet);
        }
        return (String[]) hashSet.toArray(new String[hashSet.size()]);
    }

    public static void k(Collection<String> collection, String str) {
        int indexOf;
        int indexOf2;
        int i10 = 0;
        while (i10 != -1 && (indexOf = str.indexOf("CN=", i10)) != -1) {
            int i11 = indexOf;
            while (true) {
                indexOf2 = str.indexOf(BaseCloseCurrencyBottomSheetFragment.SYMBOLS_SEPARATOR, i11);
                if (indexOf2 == -1 || str.charAt(indexOf2 - 1) != '\\') {
                    break;
                } else {
                    i11 = indexOf2 + 1;
                }
            }
            String[] split = str.substring(indexOf + 3, indexOf2 == -1 ? str.length() : indexOf2).trim().replace("\\,", BaseCloseCurrencyBottomSheetFragment.SYMBOLS_SEPARATOR).split(BaseCloseCurrencyBottomSheetFragment.SYMBOLS_SEPARATOR);
            for (int i12 = 0; i12 < split.length; i12++) {
                split[i12] = split[i12].trim();
            }
            collection.addAll(Arrays.asList(split));
            i10 = indexOf2;
        }
    }

    public static void l(Exception exc, String str) {
        String str2;
        if (n8.d.z(exc.getMessage()).toLowerCase().contains("checkServerTrusted".toLowerCase())) {
            HashMap hashMap = new HashMap();
            hashMap.put(Analytics.Param.METHOD.id(), Analytics.c(atws.shared.persistent.g.f8974d.u7()));
            String id = Analytics.Param.ERROR.id();
            Object[] objArr = new Object[2];
            if (n8.d.o(str)) {
                str2 = "(" + str + ")";
            } else {
                str2 = "";
            }
            objArr[0] = str2;
            objArr[1] = exc;
            hashMap.put(id, String.format("SSL certificate%s: %s", objArr));
            Analytics.g(Analytics.Event.CRASH, exc, hashMap);
        }
    }

    public static SocketFactory m(String str) {
        try {
            a aVar = new a(str);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{aVar}, null);
            return sSLContext.getSocketFactory();
        } catch (Exception e10) {
            throw new IOException("Unable to initialize SSL Factory: " + e10);
        }
    }

    public static boolean n(String str, String str2) {
        return n8.d.o(str) && h(str).matcher(str2).matches();
    }
}
