package com.flipdog.certificates.c;

import com.flipdog.certificates.exceptions.CertificateDoesNotMatchHostException;
import com.flipdog.certificates.exceptions.CertificateIsSelfSignedException;
import com.flipdog.certificates.exceptions.IntermediateCertificateDownloadException;
import com.flipdog.certificates.exceptions.IntermediateCertificateUrlException;
import com.flipdog.certificates.g;
import com.flipdog.commons.diagnostic.Track;
import com.flipdog.commons.utils.bu;
import com.flipdog.commons.utils.m;
import com.flipdog.pub.commons.utils.StringUtils;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javanet.staxutils.Indentation;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import net.fortuna.ical4j.model.Parameter;

/* compiled from: CryptoUtils.java */
/* loaded from: classes.dex */
public class c {
    public static com.flipdog.certificates.a.a a(X509Certificate x509Certificate) throws CertificateEncodingException {
        X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        String name = subjectX500Principal.getName("RFC2253");
        String name2 = issuerX500Principal.getName("RFC2253");
        Map<String, String> b2 = b.b(name);
        Map<String, String> b3 = b.b(name2);
        String a2 = a(x509Certificate.getSerialNumber());
        byte[] encoded = x509Certificate.getEncoded();
        String a3 = a(encoded, "SHA-1");
        String a4 = a(encoded, "SHA-256");
        com.flipdog.certificates.a.a aVar = new com.flipdog.certificates.a.a();
        aVar.a("Issued to");
        aVar.a("Common name", b2.get(Parameter.CN));
        aVar.a("Organization", b2.get("O"));
        aVar.a("Organization unit", b2.get("OU"));
        aVar.a("Serial number", a2);
        aVar.a();
        aVar.a("Issued by");
        aVar.a("Common name", b3.get(Parameter.CN));
        aVar.a("Organization", b3.get("O"));
        aVar.a("Organization unit", b3.get("OU"));
        aVar.a();
        aVar.a("Validity");
        aVar.a("Issued on", x509Certificate.getNotBefore().toString());
        aVar.a("Expires on", x509Certificate.getNotAfter().toString());
        aVar.a();
        aVar.a("Fingerprints");
        aVar.a("SHA-256 fingerprint", a4);
        aVar.a("SHA-1 fingerprint", a3);
        return aVar;
    }

    public static String a(com.flipdog.certificates.a.a aVar) {
        final StringBuilder sb = new StringBuilder();
        aVar.a(new com.flipdog.certificates.a.b() { // from class: com.flipdog.certificates.c.c.2
            @Override // com.flipdog.certificates.a.b
            public void a() {
                sb.append(Indentation.NORMAL_END_OF_LINE);
            }

            @Override // com.flipdog.certificates.a.b
            public void a(String str) {
                sb.append(bu.a("%s:\n", str.toUpperCase()));
            }

            @Override // com.flipdog.certificates.a.b
            public void a(String str, String str2) {
                if (str2 == null) {
                    str2 = "";
                }
                sb.append(bu.a("%-30s%s\n", String.valueOf(str) + ":", str2));
            }
        });
        return sb.toString();
    }

    private static String a(BigInteger bigInteger) {
        return a(bigInteger.toByteArray());
    }

    private static String a(byte[] bArr) {
        return c(bArr, ":");
    }

    private static String a(byte[] bArr, String str) {
        try {
            return a(b(bArr, str));
        } catch (NoSuchAlgorithmException e) {
            return bu.a("Can't compute %s digest. %s", str, e.getMessage());
        }
    }

    private static X509Certificate a(String str) {
        try {
            return b.a(b.a(), new File(str));
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (CertificateException e2) {
            throw new RuntimeException(e2);
        }
    }

    private static X509Certificate a(CertificateFactory certificateFactory, String str) throws MalformedURLException, IOException, CertificateException {
        InputStream openStream = new URL(str).openStream();
        try {
            return (X509Certificate) certificateFactory.generateCertificate(openStream);
        } finally {
            openStream.close();
        }
    }

    private static X509Certificate a(List<X509Certificate> list, X509Certificate x509Certificate) {
        Principal issuerDN = x509Certificate.getIssuerDN();
        if (issuerDN == null) {
            throw new RuntimeException();
        }
        String name = issuerDN.getName();
        if (name == null) {
            throw new RuntimeException();
        }
        for (X509Certificate x509Certificate2 : list) {
            if (StringUtils.equals(x509Certificate2.getSubjectDN().getName(), name)) {
                return x509Certificate2;
            }
        }
        return null;
    }

    public static List<X509Certificate> a(String str, String str2) {
        List<X509Certificate> c = bu.c();
        Iterator<File> it = b(str, str2).iterator();
        while (it.hasNext()) {
            c.add(a(it.next().getPath()));
        }
        return c;
    }

    private static List<X509Certificate> a(CertificateFactory certificateFactory, List<X509Certificate> list, X509Certificate x509Certificate) throws MalformedURLException, CertificateException, IOException {
        List<X509Certificate> c = bu.c();
        while (true) {
            X509Certificate a2 = a(list, x509Certificate);
            if (a2 != null) {
                break;
            }
            String a3 = d.a(x509Certificate);
            if (a3 != null) {
                a2 = a(certificateFactory, a3);
            }
            if (a2 == null) {
                break;
            }
            c.add(a2);
            x509Certificate = a2;
        }
        return c;
    }

    private static void a(String str, Object... objArr) {
        if (Track.isDisabled(Track.C)) {
            return;
        }
        Track.me(Track.C, "CryptoUtils, %s", String.format(str, objArr));
    }

    private static void a(List<File> list) {
        Collections.sort(list, new Comparator<File>() { // from class: com.flipdog.certificates.c.c.1
            @Override // java.util.Comparator
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public int compare(File file, File file2) {
                return m.a(file.getName(), file2.getName());
            }
        });
    }

    public static void a(List<X509Certificate> list, String str) throws CertificateDoesNotMatchHostException, CertificateIsSelfSignedException, CertificateException, IntermediateCertificateUrlException, IntermediateCertificateDownloadException {
        a("check, %s, %s", str, Integer.valueOf(bu.d((Collection<?>) list)));
        X509TrustManager b2 = g.b();
        X509TrustManager c = g.c();
        if (list.size() == 0) {
            a("check, ERROR (zero size)", new Object[0]);
            throw new RuntimeException();
        }
        List a2 = bu.a((Collection) list);
        X509Certificate[] x509CertificateArr = (X509Certificate[]) bu.a(a2, (Class<?>) X509Certificate.class);
        try {
            a("check, check using local trust manager", new Object[0]);
            c.checkServerTrusted(x509CertificateArr, "RSA");
            a("check, OK (accepted by user)", new Object[0]);
        } catch (CertificateException e) {
            a("check, local check failed: %s", e.getMessage());
            Track.it(e, Track.C);
            a("check, check using default trust manager", new Object[0]);
            b2.checkServerTrusted(x509CertificateArr, "RSA");
            X509Certificate x509Certificate = (X509Certificate) bu.d((List) list);
            a("check, check subject name", new Object[0]);
            if (!a(x509Certificate, str)) {
                a("check, ERROR (certificate does NOT match the host)", new Object[0]);
                throw new CertificateDoesNotMatchHostException("Certificate does NOT match the host.");
            }
            a("check, check date", new Object[0]);
            Iterator it = a2.iterator();
            while (it.hasNext()) {
                ((X509Certificate) it.next()).checkValidity();
            }
            a("check, OK", new Object[0]);
        }
    }

    private static boolean a(X509Certificate x509Certificate, String str) {
        X509CertSelector x509CertSelector = new X509CertSelector();
        try {
            x509CertSelector.addSubjectAlternativeName(2, str);
            if (x509CertSelector.match(x509Certificate)) {
                return true;
            }
            String str2 = b.b(x509Certificate.getSubjectX500Principal().getName("RFC2253")).get(Parameter.CN);
            if (str2 == null) {
                return false;
            }
            return StringUtils.endsWith(str2.toLowerCase(), b(str).toLowerCase());
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private static String b(String str) {
        String[] split = StringUtils.split(str, ".");
        return split.length <= 2 ? str : String.format("%s.%s", split[split.length - 2], split[split.length - 1]);
    }

    private static List<File> b(String str, String str2) {
        List<File> a2 = bu.a(new File(str, str2));
        a(a2);
        return a2;
    }

    private static byte[] b(byte[] bArr, String str) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance(str);
        messageDigest.update(bArr);
        return messageDigest.digest();
    }

    private static String c(byte[] bArr, String str) {
        StringBuilder sb = new StringBuilder();
        for (byte b2 : bArr) {
            if (sb.length() != 0) {
                sb.append(str);
            }
            sb.append(String.format("%02X", Byte.valueOf(b2)));
        }
        return sb.toString();
    }
}
