package com.integra.fi.h;

import android.content.Context;
import android.net.http.X509TrustManagerExtensions;
import android.util.Base64;
import com.otp.otp_library.utilis.Constants;
import java.io.BufferedInputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: SSLPinning.java */
/* loaded from: classes.dex */
final class i {
    private static List<X509Certificate> a(X509TrustManagerExtensions x509TrustManagerExtensions, HttpsURLConnection httpsURLConnection) throws SSLException {
        Certificate[] serverCertificates = httpsURLConnection.getServerCertificates();
        try {
            return x509TrustManagerExtensions.checkServerTrusted((X509Certificate[]) Arrays.copyOf(serverCertificates, serverCertificates.length, X509Certificate[].class), "RSA", httpsURLConnection.getURL().getHost());
        } catch (CertificateException e) {
            com.integra.fi.security.b.b(e);
            throw new SSLException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void a(Context context, HttpsURLConnection httpsURLConnection, String str) throws Exception {
        X509TrustManager x509TrustManager;
        CertificateFactory certificateFactory = CertificateFactory.getInstance(Constants.CERTIFICATE_TYPE);
        BufferedInputStream bufferedInputStream = new BufferedInputStream(context.getResources().openRawResource(context.getResources().getIdentifier(str, "raw", context.getPackageName())));
        try {
            try {
                Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
                bufferedInputStream.close();
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
                keyStore.setCertificateEntry(Constants.CERTIFICATE_CONTENT, generateCertificate);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                int length = trustManagers.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        x509TrustManager = null;
                        break;
                    }
                    TrustManager trustManager = trustManagers[i];
                    if (trustManager instanceof X509TrustManager) {
                        x509TrustManager = (X509TrustManager) trustManager;
                        break;
                    }
                    i++;
                }
                X509TrustManagerExtensions x509TrustManagerExtensions = new X509TrustManagerExtensions(x509TrustManager);
                if (com.integra.fi.b.a.b().l) {
                    Collections.singleton(com.integra.fi.b.a.b().cJ);
                }
                a(x509TrustManagerExtensions, httpsURLConnection, (Set<String>) Collections.singleton(com.integra.fi.b.a.b().cK));
            } catch (Exception e) {
                com.integra.fi.security.b.b(e);
                throw new Exception();
            }
        } catch (Throwable th) {
            bufferedInputStream.close();
            throw th;
        }
    }

    private static void a(X509TrustManagerExtensions x509TrustManagerExtensions, HttpsURLConnection httpsURLConnection, Set<String> set) throws SSLException {
        String encodeToString;
        String str = "";
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            Iterator<X509Certificate> it = a(x509TrustManagerExtensions, httpsURLConnection).iterator();
            do {
                String str2 = str;
                if (!it.hasNext()) {
                    com.integra.fi.security.b.b("Peer certificate chain: " + str2);
                    throw new SSLPeerUnverifiedException("Certificate pinning failure\n  Peer certificate chain:\n");
                }
                X509Certificate next = it.next();
                byte[] encoded = next.getPublicKey().getEncoded();
                messageDigest.update(encoded, 0, encoded.length);
                encodeToString = Base64.encodeToString(messageDigest.digest(), 2);
                str = str2 + "    sha256/" + encodeToString + " : " + next.getSubjectDN().toString() + "\nExpiry : " + next.getNotAfter().toString() + "\nCert Type : " + next.getType() + "\nCert Hash Code : " + next.hashCode() + "\nCert Public Key Algorithm : " + next.getPublicKey().getAlgorithm() + "\nCert Public Key Format : " + next.getPublicKey().getFormat();
            } while (!set.contains(encodeToString));
        } catch (NoSuchAlgorithmException e) {
            com.integra.fi.security.b.b(e);
            throw new SSLException(e);
        }
    }
}
