package com.hiya.service.utils;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class KeyPinStore {
    private static final String a = KeyPinStore.class.getName();
    private static KeyPinStore b = null;
    private SSLContext c;
    private final List<byte[]> d = new LinkedList();
    private final Set<X509Certificate> e = Collections.synchronizedSet(new HashSet());
    private String f;

    private KeyPinStore() {
        try {
            this.c = SSLContext.getInstance("TLS");
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            keyStore.load(null, null);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            final X509TrustManager x509TrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.hiya.service.utils.KeyPinStore.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                    x509TrustManager.checkClientTrusted(x509CertificateArr, str);
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                    x509TrustManager.checkServerTrusted(x509CertificateArr, str);
                    if (KeyPinStore.this.e.contains(x509CertificateArr[0])) {
                        HiyaLog.a(KeyPinStore.a, "key is already in verified cache and return. certs name : " + x509CertificateArr[0].getSubjectX500Principal().getName());
                        return;
                    }
                    if (KeyPinStore.this.a(x509CertificateArr[0])) {
                        HiyaLog.a(KeyPinStore.a, "cache.add certs[0] Name : " + x509CertificateArr[0].getSubjectX500Principal().getName());
                        KeyPinStore.this.e.add(x509CertificateArr[0]);
                        return;
                    }
                    HiyaLog.a(KeyPinStore.a, "certs[0] Name : " + x509CertificateArr[0].getSubjectX500Principal().getName());
                    for (int i = 1; i < x509CertificateArr.length; i++) {
                        HiyaLog.a(KeyPinStore.a, "certs[" + i + "] Name : " + x509CertificateArr[i].getSubjectX500Principal().getName());
                        if (!KeyPinStore.this.a(x509CertificateArr[i], x509CertificateArr[i - 1])) {
                            break;
                        }
                        if (KeyPinStore.this.a(x509CertificateArr[i])) {
                            HiyaLog.a(KeyPinStore.a, "cache.add certs[" + i + "] Name : " + x509CertificateArr[i].getSubjectX500Principal().getName());
                            KeyPinStore.this.e.add(x509CertificateArr[0]);
                            return;
                        }
                    }
                    throw new CertificateException("No valid pins found in chain!");
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return x509TrustManager.getAcceptedIssuers();
                }
            }};
            SSLContext.getInstance("TLS");
            this.c.init(null, trustManagerArr, null);
        } catch (IOException e) {
            HiyaLog.a(a, "Exception occurred ", e);
        } catch (KeyManagementException e2) {
            HiyaLog.a(a, "Exception occurred ", e2);
        } catch (KeyStoreException e3) {
            HiyaLog.a(a, "Exception occurred ", e3);
        } catch (NoSuchAlgorithmException e4) {
            HiyaLog.a(a, "Exception occurred ", e4);
        } catch (CertificateException e5) {
            HiyaLog.a(a, "Exception occurred ", e5);
        }
    }

    public static synchronized KeyPinStore a() {
        KeyPinStore keyPinStore;
        synchronized (KeyPinStore.class) {
            if (b == null) {
                b = new KeyPinStore();
            }
            keyPinStore = b;
        }
        return keyPinStore;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean a(X509Certificate x509Certificate) {
        try {
            byte[] digest = MessageDigest.getInstance("SHA1").digest(x509Certificate.getPublicKey().getEncoded());
            Iterator<byte[]> it = this.d.iterator();
            while (it.hasNext()) {
                if (Arrays.equals(it.next(), digest)) {
                    return true;
                }
            }
        } catch (NoSuchAlgorithmException e) {
            HiyaLog.a(a, "Exception occurred ", e);
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean a(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        try {
            if (x509Certificate2.getIssuerX500Principal().equals(x509Certificate.getSubjectX500Principal())) {
                x509Certificate2.verify(x509Certificate.getPublicKey());
                return true;
            }
        } catch (GeneralSecurityException e) {
            HiyaLog.a(a, "Exception occurred ", e);
        }
        return false;
    }

    private String[] b(String str) {
        return ApiLibraryUtils.d(str, "ac3efa22a472a1").split(",");
    }

    public synchronized void a(String str) {
        if (str != null) {
            if (!str.equals(this.f)) {
                this.f = str;
                String[] b2 = b(this.f);
                if (b2 != null) {
                    this.d.clear();
                    this.e.clear();
                    HiyaLog.a(a, "new pin: *******************");
                    for (String str2 : b2) {
                        HiyaLog.a(a, "new pin:" + str2);
                        this.d.add(Hex.a(str2));
                    }
                }
            }
        }
    }

    public boolean b() {
        return this.d.size() > 0;
    }

    public SSLContext c() {
        return this.c;
    }
}
