package in.juspay.godel.util;

import android.content.Context;
import android.net.http.SslCertificate;
import android.webkit.WebView;
import d.a.a.a.a;
import in.juspay.godel.analytics.GodelTracker;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyStore;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.regex.Pattern;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import k.b.b;
import org.apache.http.conn.util.InetAddressUtils;

/* loaded from: classes.dex */
public class JuspayTrustManager {
    public TrustManagerFactory a = null;

    private X509Certificate a(X509Certificate[] x509CertificateArr, X509Certificate x509Certificate) {
        if (x509CertificateArr != null && x509CertificateArr.length > 0) {
            for (X509Certificate x509Certificate2 : x509CertificateArr) {
                try {
                    x509Certificate.verify(x509Certificate2.getPublicKey());
                    return x509Certificate2;
                } catch (Exception e2) {
                    StringBuilder t = a.t("");
                    t.append(e2.getLocalizedMessage());
                    JuspayLogger.b("JuspayTrustManager", t.toString());
                }
            }
        }
        StringBuilder t2 = a.t("Nothing Found for ");
        t2.append(x509Certificate.getSubjectDN());
        JuspayLogger.b("JuspayTrustManager", t2.toString());
        return null;
    }

    private X509Certificate a(TrustManager[] trustManagerArr, X509Certificate x509Certificate) {
        X509Certificate a;
        for (TrustManager trustManager : trustManagerArr) {
            if ((trustManager instanceof X509TrustManager) && (a = a(((X509TrustManager) trustManager).getAcceptedIssuers(), x509Certificate)) != null) {
                return a;
            }
        }
        return null;
    }

    private List<TrustManager> a() {
        ArrayList arrayList = new ArrayList(this.a.getTrustManagers().length);
        Collections.addAll(arrayList, this.a.getTrustManagers());
        return arrayList;
    }

    private boolean a(String str) {
        int i2;
        String[] split = str.split("\\.");
        if (split.length != 4) {
            return false;
        }
        int length = split.length;
        while (i2 < length) {
            try {
                int parseInt = Integer.parseInt(split[i2]);
                i2 = (parseInt >= 0 && parseInt <= 255) ? i2 + 1 : 0;
            } catch (NumberFormatException unused) {
            }
            return false;
        }
        return true;
    }

    private boolean a(String str, String str2) {
        return str.equalsIgnoreCase(str2);
    }

    private String[] a(Context context, String str) {
        try {
            return context.getAssets().list(str);
        } catch (IOException e2) {
            JuspayLogger.b("JuspayTrustManager", "caught while trying to open assets for trustmanager", e2);
            return new String[0];
        }
    }

    private boolean b(String str, String str2) {
        if (str.equalsIgnoreCase(str2)) {
            return true;
        }
        String[] split = str2.split("\\.");
        String[] split2 = str.split("\\.");
        if (split.length != split2.length) {
            return false;
        }
        for (int i2 = 0; i2 < split.length; i2++) {
            if (!Pattern.compile(split[i2].replace("*", ".*")).matcher(split2[i2]).matches()) {
                return false;
            }
        }
        return true;
    }

    private boolean b(X509Certificate x509Certificate) {
        try {
            x509Certificate.verify(x509Certificate.getPublicKey());
            JuspayLogger.b("JuspayTrustManager", "Self Signed!" + x509Certificate.getSubjectDN());
            return true;
        } catch (Exception e2) {
            JuspayLogger.b("JuspayTrustManager", "Exception while checking self sign" + e2);
            return false;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:63:0x00c7  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.security.cert.X509Certificate[] b(android.webkit.WebView r17) {
        /*
            Method dump skipped, instructions count: 310
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: in.juspay.godel.util.JuspayTrustManager.b(android.webkit.WebView):java.security.cert.X509Certificate[]");
    }

    public String a(X509Certificate x509Certificate) {
        try {
            String str = null;
            for (b bVar : Collections.unmodifiableList(new k.b.a(x509Certificate.getSubjectX500Principal().getName()).a)) {
                if ("CN".equalsIgnoreCase(((b.C0212b) bVar.a.get(0)).a)) {
                    str = ((b.C0212b) bVar.a.get(0)).f11612b.toString();
                }
            }
            return str;
        } catch (k.a unused) {
            return null;
        }
    }

    public void a(WebView webView) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            this.a = trustManagerFactory;
            trustManagerFactory.init((KeyStore) null);
        } catch (Exception e2) {
            JuspayLogger.b("JuspayTrustManager", "error while initializing trustmanager", e2);
        }
    }

    public void a(String str, X509Certificate x509Certificate) throws URISyntaxException, CertificateParsingException, SSLPeerUnverifiedException {
        String a;
        String host = new URI(str).getHost();
        Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
        if (a(host) || InetAddressUtils.isIPv6Address(host)) {
            throw new SSLPeerUnverifiedException(a.j("IP address are not allowed: Please check https://tools.ietf.org/html/rfc6066 ", str));
        }
        boolean z = false;
        for (List<?> list : subjectAlternativeNames) {
            if (list.size() == 2 && ((Integer) list.get(0)).intValue() == 2) {
                if (b(host, (String) list.get(1))) {
                    return;
                } else {
                    z = true;
                }
            }
        }
        if (z || (a = a(x509Certificate)) == null || !a(host, a)) {
            throw new SSLPeerUnverifiedException(a.j("No host name in the certificate did not match the requested host name: ", str));
        }
    }

    public boolean a(WebView webView, SslCertificate sslCertificate, String str) {
        X509Certificate a;
        try {
            Field declaredField = sslCertificate.getClass().getDeclaredField("mX509Certificate");
            declaredField.setAccessible(true);
            X509Certificate x509Certificate = (X509Certificate) declaredField.get(sslCertificate);
            X509Certificate[] b2 = b(webView);
            ArrayList arrayList = new ArrayList();
            try {
                x509Certificate.checkValidity();
                try {
                    a(str, x509Certificate);
                    arrayList.add(x509Certificate);
                    do {
                        a = a(b2, (X509Certificate) arrayList.get(arrayList.size() - 1));
                        if (a != null && !b(a)) {
                            arrayList.add(a);
                        }
                        if (a == null) {
                            break;
                        }
                    } while (!b(a));
                    X509Certificate a2 = a(this.a.getTrustManagers(), (X509Certificate) arrayList.get(arrayList.size() - 1));
                    if (a2 != null) {
                        arrayList.add(a2);
                    }
                    boolean z = false;
                    for (TrustManager trustManager : a()) {
                        if (trustManager instanceof X509TrustManager) {
                            try {
                                ((X509TrustManager) trustManager).checkServerTrusted((X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]), "generic");
                            } catch (Exception unused) {
                            }
                            try {
                                JuspayLogger.b("JuspayTrustManager", "found a match here!");
                                return true;
                            } catch (Exception unused2) {
                                z = true;
                                JuspayLogger.b("JuspayTrustManager", ((X509Certificate) arrayList.get(0)).getSubjectDN() + " is not verified yet.");
                            }
                        }
                    }
                    return z;
                } catch (Exception e2) {
                    GodelTracker.getInstance().a("trust_manager_error", "invalid_host");
                    JuspayLogger.b("JuspayTrustManager", "certificate_host_not_valid " + e2, e2);
                    return false;
                }
            } catch (Exception e3) {
                GodelTracker.getInstance().a("trust_manager_error", "invalid_date");
                JuspayLogger.b("JuspayTrustManager", "certificate_date_not_valid ", e3);
                return false;
            }
        } catch (Exception e4) {
            JuspayLogger.b("JuspayTrustManager", "Certificate casting error: " + e4);
            return false;
        }
    }
}
