package es.inteco.conanmobile.communication.controllers;

import es.inteco.conanmobile.utils.HashUtils;
import java.io.BufferedInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class InternalTrustManager implements X509TrustManager {
    private final transient CertificateFactory certFactory;
    private final transient List<String> pins = new ArrayList();
    private final transient PKIXParameters pkixParameters;
    private transient KeyStore trustStore;
    private transient CertPathValidator validator;

    public InternalTrustManager(List<String> list, List<String> list2) throws CertificateException {
        this.pins.addAll(list);
        this.pins.addAll(list2);
        this.trustStore = getTrustStore();
        this.certFactory = CertificateFactory.getInstance("X509");
        try {
            this.validator = CertPathValidator.getInstance("PKIX");
            this.pkixParameters = getPKIXParameters();
        } catch (NoSuchAlgorithmException e) {
            throw new CertificateException("Error nsae: " + e.getLocalizedMessage());
        }
    }

    public static String byteArrayToString(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (byte b : bArr) {
            stringBuffer.append(Integer.toString((b & 255) + 256, 16).substring(1));
        }
        return stringBuffer.toString();
    }

    private X509Certificate getAnchor(X509Certificate[] x509CertificateArr) throws CertificateException {
        try {
            PKIXCertPathValidatorResult pKIXCertPathValidatorResult = (PKIXCertPathValidatorResult) this.validator.validate(this.certFactory.generateCertPath(Arrays.asList(x509CertificateArr)), this.pkixParameters);
            if (pKIXCertPathValidatorResult == null) {
                return null;
            }
            return pKIXCertPathValidatorResult.getTrustAnchor().getTrustedCert();
        } catch (InvalidAlgorithmParameterException e) {
            throw new CertificateException(e);
        } catch (CertPathValidatorException unused) {
            return null;
        }
    }

    private PKIXParameters getPKIXParameters() {
        try {
            HashSet hashSet = new HashSet();
            Enumeration<String> aliases = this.trustStore.aliases();
            while (aliases.hasMoreElements()) {
                X509Certificate x509Certificate = (X509Certificate) this.trustStore.getCertificate(aliases.nextElement());
                if (x509Certificate != null) {
                    hashSet.add(new TrustAnchor(x509Certificate, null));
                }
            }
            PKIXParameters pKIXParameters = new PKIXParameters(hashSet);
            pKIXParameters.setRevocationEnabled(false);
            return pKIXParameters;
        } catch (InvalidAlgorithmParameterException e) {
            throw new AssertionError(e);
        } catch (KeyStoreException e2) {
            throw new AssertionError(e2);
        }
    }

    private String getPin(X509Certificate x509Certificate, String str) throws NoSuchAlgorithmException {
        return byteArrayToString(MessageDigest.getInstance(str).digest(x509Certificate.getPublicKey().getEncoded()));
    }

    private KeyStore getTrustStore() {
        BufferedInputStream bufferedInputStream;
        BufferedInputStream bufferedInputStream2 = null;
        try {
            try {
                this.trustStore = KeyStore.getInstance("BKS");
                bufferedInputStream = new BufferedInputStream(getClass().getResourceAsStream("/assets/app"));
            } catch (Throwable th) {
                th = th;
            }
        } catch (FileNotFoundException e) {
            e = e;
        } catch (IOException e2) {
            e = e2;
        } catch (KeyStoreException e3) {
            e = e3;
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
        } catch (CertificateException e5) {
            e = e5;
        }
        try {
            this.trustStore.load(bufferedInputStream, "passclaves".toCharArray());
            bufferedInputStream.close();
            KeyStore keyStore = this.trustStore;
            try {
                bufferedInputStream.close();
                return keyStore;
            } catch (IOException e6) {
                throw new AssertionError(e6);
            }
        } catch (FileNotFoundException e7) {
            e = e7;
            throw new AssertionError(e);
        } catch (IOException e8) {
            e = e8;
            throw new AssertionError(e);
        } catch (KeyStoreException e9) {
            e = e9;
            throw new AssertionError(e);
        } catch (NoSuchAlgorithmException e10) {
            e = e10;
            throw new AssertionError(e);
        } catch (CertificateException e11) {
            e = e11;
            throw new AssertionError(e);
        } catch (Throwable th2) {
            th = th2;
            bufferedInputStream2 = bufferedInputStream;
            if (bufferedInputStream2 != null) {
                try {
                    bufferedInputStream2.close();
                } catch (IOException e12) {
                    throw new AssertionError(e12);
                }
            }
            throw th;
        }
    }

    private static List<String> hinderCert1(String str) {
        String sb = new StringBuilder(HashUtils.stringtoSHA1(str.getBytes())).reverse().toString();
        ArrayList arrayList = new ArrayList();
        String str2 = "";
        for (int i = 0; i < sb.length(); i++) {
            if (i % 2 != 0) {
                arrayList.add(str2 + sb.charAt(i));
                str2 = "";
            } else {
                str2 = str2 + sb.charAt(i);
            }
        }
        return arrayList;
    }

    private static List<String> hinderCert256(String str) {
        String sb = new StringBuilder(HashUtils.stringtoSHA256(str.getBytes())).reverse().toString();
        ArrayList arrayList = new ArrayList();
        String str2 = "";
        for (int i = 0; i < sb.length(); i++) {
            if (i % 2 != 0) {
                arrayList.add(str2 + sb.charAt(i));
                str2 = "";
            } else {
                str2 = str2 + sb.charAt(i);
            }
        }
        return arrayList;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        throw new CertificateException();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            if (getAnchor(x509CertificateArr) == null) {
                throw new CertificateException("No anchor found");
            }
            if (!hinderCert1(getPin(x509CertificateArr[0], "SHA1")).equals(CommunicationController.PINS_1) || !hinderCert256(getPin(x509CertificateArr[0], "SHA-256")).equals(CommunicationController.PINS_256)) {
                throw new CertificateException("No se ha encontrado una CA confiable en la cadena");
            }
        } catch (NoSuchAlgorithmException e) {
            throw new CertificateException("No se puede acceder a SHA1" + e.getLocalizedMessage());
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
}
