package com.iskrembilen.quasseldroid.io;

import android.content.SharedPreferences;
import android.util.Log;
import com.iskrembilen.quasseldroid.service.CoreConnService;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
class CustomTrustManager implements X509TrustManager {
    private final CoreConnection coreConnection;
    X509TrustManager defaultTrustManager;

    /* loaded from: classes.dex */
    static class NewCertificateException extends CertificateException {
        private String hashedCert;

        public NewCertificateException(String str) {
            this.hashedCert = str;
        }

        public String hashedCert() {
            return this.hashedCert;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CustomTrustManager(CoreConnection coreConnection) throws GeneralSecurityException {
        this.coreConnection = coreConnection;
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (int i = 0; i < trustManagers.length; i++) {
            if (trustManagers[i] instanceof X509TrustManager) {
                this.defaultTrustManager = (X509TrustManager) trustManagers[i];
                return;
            }
        }
        throw new GeneralSecurityException("Couldn't initialize certificate management!");
    }

    private String hash(byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            StringBuffer stringBuffer = new StringBuffer();
            for (byte b : digest) {
                stringBuffer.append(Integer.toHexString(b & 255));
            }
            return stringBuffer.toString();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return "";
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            Log.e(CustomTrustManager.class.getName(), "checkClientTrusted failed", e);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException, NewCertificateException {
        try {
            this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            String hash = hash(x509CertificateArr[0].getEncoded());
            SharedPreferences sharedPreferences = this.coreConnection.service.getSharedPreferences("CertificateStorage", 0);
            if (!sharedPreferences.contains(CoreConnService.CERT_KEY)) {
                throw new NewCertificateException(hash);
            }
            if (!sharedPreferences.getString(CoreConnService.CERT_KEY, "lol").equals(hash)) {
                throw new CertificateException();
            }
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.defaultTrustManager.getAcceptedIssuers();
    }
}
