package com.orange.authentication.lowLevelApi.impl;

import android.content.Context;
import com.orange.authentication.lowLevelApi.api.LowLevelAuthenticationCPListener;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;

/* loaded from: classes5.dex */
public final class a1 implements X509TrustManager {
    private final Context e;
    private final LowLevelAuthenticationCPListener f;
    public static final a d = new a(null);
    private static final String a = "TLS";
    private static final MessageDigest b = MessageDigest.getInstance("SHA-256");
    private static final String c = "a1";

    /* loaded from: classes5.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final String a(byte[] digestSha256) {
            Intrinsics.checkNotNullParameter(digestSha256, "digestSha256");
            StringBuilder sb = new StringBuilder();
            for (byte b : digestSha256) {
                String format = String.format("%1$02X", Arrays.copyOf(new Object[]{Byte.valueOf(b)}, 1));
                Intrinsics.checkNotNullExpressionValue(format, "java.lang.String.format(format, *args)");
                sb.append(format);
                sb.append(":");
            }
            String sb2 = sb.toString();
            Intrinsics.checkNotNullExpressionValue(sb2, "sb.toString()");
            return StringsKt.dropLast(sb2, 1);
        }

        public final X509TrustManager a() {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                if (trustManagerFactory == null) {
                    return null;
                }
                trustManagerFactory.init((KeyStore) null);
                TrustManager trustManager = trustManagerFactory.getTrustManagers()[0];
                if (trustManager != null) {
                    return (X509TrustManager) trustManager;
                }
                throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
            } catch (Exception unused) {
                return null;
            }
        }

        public final void a(Context ctx, LowLevelAuthenticationCPListener lowLevelAuthenticationCPListener) {
            Intrinsics.checkNotNullParameter(ctx, "ctx");
            SSLContext sslcontext = SSLContext.getInstance(a1.a);
            sslcontext.init(null, new TrustManager[]{new a1(ctx, lowLevelAuthenticationCPListener)}, new SecureRandom());
            Intrinsics.checkNotNullExpressionValue(sslcontext, "sslcontext");
            HttpsURLConnection.setDefaultSSLSocketFactory(sslcontext.getSocketFactory());
        }
    }

    public a1(Context context, LowLevelAuthenticationCPListener lowLevelAuthenticationCPListener) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.e = context;
        this.f = lowLevelAuthenticationCPListener;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        X509TrustManager a2 = d.a();
        if (a2 != null) {
            a2.checkClientTrusted(x509CertificateArr, str);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String authType) {
        X509TrustManager a2;
        Intrinsics.checkNotNullParameter(authType, "authType");
        if (x509CertificateArr != null) {
            try {
                if (x509CertificateArr.length > 0) {
                    a aVar = d;
                    byte[] digest = b.digest(x509CertificateArr[0].getEncoded());
                    Intrinsics.checkNotNullExpressionValue(digest, "md.digest(certificates[0].encoded)");
                    String a3 = aVar.a(digest);
                    String obj = x509CertificateArr[0].getIssuerDN().toString();
                    LowLevelAuthenticationCPListener lowLevelAuthenticationCPListener = this.f;
                    if (lowLevelAuthenticationCPListener != null) {
                        lowLevelAuthenticationCPListener.certificatePinningResult(LowLevelAuthenticationCPListener.CPStatus.CP_EXPECTED, a3, obj, this.e);
                    }
                    if (!LowLevelAuthenticationConfigurationImpl.a || (a2 = aVar.a()) == null) {
                        return;
                    }
                    a2.checkServerTrusted(x509CertificateArr, authType);
                    return;
                }
            } catch (Exception e) {
                LowLevelAuthenticationCPListener lowLevelAuthenticationCPListener2 = this.f;
                if (lowLevelAuthenticationCPListener2 != null) {
                    lowLevelAuthenticationCPListener2.certificatePinningResult(LowLevelAuthenticationCPListener.CPStatus.CP_EXCEPTION, null, null, this.e);
                }
                throw e;
            }
        }
        LowLevelAuthenticationCPListener lowLevelAuthenticationCPListener3 = this.f;
        if (lowLevelAuthenticationCPListener3 != null) {
            lowLevelAuthenticationCPListener3.certificatePinningResult(LowLevelAuthenticationCPListener.CPStatus.CP_NOT_DONE, null, null, this.e);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Certificate[] acceptedIssuers;
        X509TrustManager a2 = d.a();
        return (a2 == null || (acceptedIssuers = a2.getAcceptedIssuers()) == null) ? new X509Certificate[0] : acceptedIssuers;
    }
}
