package app.aroundegypt.api;

import android.content.Context;
import android.net.Uri;
import android.util.Base64;
import app.aroundegypt.BaseApplication;
import app.aroundegypt.BuildConfig;
import app.aroundegypt.utilities.PrefManager;
import com.adjust.sdk.Constants;
import com.google.android.gms.security.ProviderInstaller;
import io.sentry.android.core.SentryLogcatAdapter;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import okhttp3.CertificatePinner;
import org.apache.commons.lang3.StringUtils;
import timber.log.Timber;

/* loaded from: classes.dex */
public class CertificatePinnerHelper {
    public static boolean sslDisabledDinamically = false;

    private static String extractHash(X509Certificate x509Certificate) {
        try {
            return "sha256/" + new String(Base64.encode(MessageDigest.getInstance(Constants.SHA256).digest(x509Certificate.getPublicKey().getEncoded()), 0)).replace(StringUtils.SPACE, "").replace(StringUtils.LF, "");
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public static CertificatePinner getCertificatePinner() {
        String host = Uri.parse(BuildConfig.APIURL).getHost();
        String str = (String) PrefManager.getInstance().getPref(PrefManager.Preference.HASH, String.class);
        Timber.i("Domain HASH : " + str, new Object[0]);
        CertificatePinner.Builder builder = new CertificatePinner.Builder();
        if (str != null) {
            builder.add(host, str);
        }
        return builder.build();
    }

    public static void getNewCertificateAndGenerateHash(Context context, QuickCallBack quickCallBack) throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        InputStream open = context.getAssets().open("cert.pem");
        try {
            Certificate generateCertificate = certificateFactory.generateCertificate(open);
            open.close();
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("ca", generateCertificate);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            URL url = new URL(String.format(BuildConfig.CERT_RENEWAL_URL, Uri.parse(BuildConfig.APIURL).getHost()));
            Timber.i("Get new certificate started : " + url.toString(), new Object[0]);
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
            httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
            if (httpsURLConnection.getResponseCode() != 200) {
                String str = "Cant get new certificate from SSL server : " + readStream(httpsURLConnection.getErrorStream());
                Timber.i(str, new Object[0]);
                if (quickCallBack != null) {
                    quickCallBack.onFailed(new Exception(str));
                    return;
                }
                return;
            }
            X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(httpsURLConnection.getInputStream());
            String extractHash = extractHash(x509Certificate);
            Timber.i("Encoded 256 Hash " + extractHash, new Object[0]);
            PrefManager.getInstance().setPref(PrefManager.Preference.CERT_PUBLIC_KEY, x509Certificate.getPublicKey().toString());
            PrefManager.getInstance().setPref(PrefManager.Preference.HASH, extractHash);
            BaseApplication.initDaggerComponent();
            if (quickCallBack != null) {
                quickCallBack.onDone();
            }
        } catch (Throwable th) {
            open.close();
            throw th;
        }
    }

    private static String readStream(InputStream inputStream) {
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("US-ASCII")));
            StringBuilder sb = new StringBuilder();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    bufferedReader.close();
                    return sb.toString();
                }
                sb.append(readLine);
            }
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public static void updateAndroidSecurityProvider() {
        try {
            SSLContext.getInstance("TLSv1.2");
            ProviderInstaller.installIfNeeded(BaseApplication.getmInstance());
        } catch (Exception unused) {
            SentryLogcatAdapter.e("SecurityException", "Google Play Services not available.");
        }
    }
}
