package defpackage;

import android.content.Context;
import com.vzw.mobilefirst.MobileFirstApplication;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: MFPubKeyManager.java */
/* loaded from: classes6.dex */
public final class vw8 implements X509TrustManager {
    public static int w = 16;

    /* renamed from: a, reason: collision with root package name */
    public X509TrustManager f13456a;
    public Context b;
    public X509Certificate c;
    public X509Certificate d;
    public X509Certificate e;
    protected z45 eventBus;
    public X509Certificate f;
    public X509Certificate g;
    public String h = "Digi";
    public String i = "Geo";
    public String j = "certExprd";
    public String k = "NotTrusted";
    public String l = "certificateCount";
    public String m = "clientCerName";
    public String n = "serverCerName";
    public String o = "null";
    public String p = "ssl pinning type";
    public String q = "serverCerLength";
    public String r = "REASON";
    public boolean s = false;
    public boolean t = false;
    public boolean u = false;
    public boolean v = false;

    public vw8(Context context) {
        this.b = context;
        this.d = f(context, "int_certificate.crt");
        this.e = f(this.b, "digi_inter.crt");
        this.f = f(this.b, "aws_updated.crt");
        this.g = f(this.b, "aws-inter.crt");
        MobileFirstApplication.l(context.getApplicationContext()).E2(this);
        d();
    }

    public final boolean a(X509Certificate x509Certificate, X509Certificate x509Certificate2) throws CertificateException, IOException {
        boolean equalsIgnoreCase = new BigInteger(1, ((RSAPublicKey) x509Certificate2.getPublicKey()).getEncoded()).toString(w).equalsIgnoreCase(new BigInteger(1, ((RSAPublicKey) x509Certificate.getPublicKey()).getEncoded()).toString(w));
        boolean c = c(x509Certificate2, x509Certificate);
        HashMap<String, Object> g = g(g(g(g(g(g(null, "Int " + this.m, x509Certificate2.getIssuerDN().getName() + ""), "Int " + this.n, x509Certificate.getIssuerDN().getName() + ""), "Int " + this.n + " SigAlgName ", x509Certificate.getSigAlgName() + ""), "Int " + this.m + " SigAlgName ", x509Certificate2.getSigAlgName() + ""), "Int " + this.n + " SerialNumber ", x509Certificate.getSerialNumber() + ""), "Int " + this.m + " SerialNumber ", x509Certificate2.getSerialNumber() + "");
        if (c) {
            this.v = true;
            g(g, this.p, "MF_ANDROID_SSL_INT_CERT_PINNED");
            ur8.a(this.b, "MF_ANDROID_SSL_INT_CERT_PINNED");
            return true;
        }
        this.v = false;
        ur8.a(this.b, "MF_ANDROID_SSL_INT_CERT_MISMATCH");
        if (equalsIgnoreCase) {
            this.t = true;
            g(g, this.k, "MF_ANDROID_SSL_INT_CERT_PUBLIC_KEY_PINNED");
            ur8.a(this.b, "MF_ANDROID_SSL_INT_CERT_PUBLIC_KEY_PINNED");
        } else {
            this.t = false;
            g(g, this.k, "MF_ANDROID_SSL_INT_PUBLIC_KEY_NOT_PINNED");
            ur8.a(this.b, "MF_ANDROID_SSL_INT_PUBLIC_KEY_NOT_PINNED");
        }
        return equalsIgnoreCase;
    }

    public final boolean b(X509Certificate x509Certificate, X509Certificate x509Certificate2) throws CertificateException, IOException {
        if (x509Certificate == null) {
            g(null, this.n, this.o);
            ur8.a(this.b, "MF_ANDROID_SSL_SERVER_CERT_DATA_NULL");
            return false;
        }
        boolean equalsIgnoreCase = new BigInteger(1, ((RSAPublicKey) x509Certificate2.getPublicKey()).getEncoded()).toString(w).equalsIgnoreCase(new BigInteger(1, ((RSAPublicKey) x509Certificate.getPublicKey()).getEncoded()).toString(w));
        boolean c = c(x509Certificate2, x509Certificate);
        HashMap<String, Object> g = g(g(g(g(g(g(null, this.m, x509Certificate2.getIssuerDN().getName() + ""), this.n, x509Certificate.getIssuerDN().getName() + ""), this.n + " SigAlgName ", x509Certificate.getSigAlgName() + ""), this.m + " SigAlgName ", x509Certificate2.getSigAlgName() + ""), this.n + " SerialNumber ", x509Certificate.getSerialNumber() + ""), this.m + " SerialNumber ", x509Certificate2.getSerialNumber() + "");
        if (c) {
            this.u = true;
            g(g, this.p, "MF_ANDROID_SSL_CERT_PINNED");
            ur8.a(this.b, "MF_ANDROID_SSL_CERT_PINNED");
            return true;
        }
        this.u = false;
        HashMap<String, Object> g2 = g(g, this.k, "MF_ANDROID_SSL_CERT_MISMATCH");
        ur8.a(this.b, "MF_ANDROID_SSL_CERT_MISMATCH");
        if (equalsIgnoreCase) {
            this.s = true;
            g(g2, this.k, "MF_ANDROID_SSL_PUBLIC_KEY_PINNED");
            ur8.a(this.b, "MF_ANDROID_SSL_PUBLIC_KEY_PINNED");
        } else {
            this.s = false;
            g(g2, this.k, "MF_ANDROID_SSL_LEAF_PUBLIC_KEY_NOT_PINNED");
            ur8.a(this.b, "MF_ANDROID_SSL_LEAF_PUBLIC_KEY_NOT_PINNED");
        }
        return equalsIgnoreCase;
    }

    public final boolean c(X509Certificate x509Certificate, X509Certificate x509Certificate2) throws CertificateEncodingException {
        return Arrays.equals(x509Certificate.getEncoded(), x509Certificate2.getEncoded());
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.f13456a.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        int length = x509CertificateArr.length;
        if (i23.N0) {
            throw new CertificateException(this.k);
        }
        if (i23.M0) {
            throw new CertificateException(this.j);
        }
        if (length <= 0) {
            ur8.a(this.b, "MF_ANDROID_SSL_SERVER_CERT_DATA_NULL");
            g(null, this.l, length + "");
            return;
        }
        if (e(this.f)) {
            ur8.a(this.b, "MF_DIGI_SSL_PINNING_FAILED");
            return;
        }
        this.c = this.f;
        try {
            X509TrustManager x509TrustManager = this.f13456a;
            if (x509TrustManager == null) {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                trustManagerFactory.init((KeyStore) null);
                for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                    if (trustManager instanceof X509TrustManager) {
                        X509TrustManager x509TrustManager2 = (X509TrustManager) trustManager;
                        this.f13456a = x509TrustManager2;
                        x509TrustManager2.checkServerTrusted(x509CertificateArr, str);
                    }
                }
            } else {
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
            }
            int i = 1;
            if (!x509CertificateArr[0].getIssuerDN().getName().contains(this.i)) {
                int i2 = length - 1;
                if (!x509CertificateArr[i2].getIssuerDN().getName().contains(this.i)) {
                    if (!x509CertificateArr[0].getIssuerDN().getName().contains(this.h) && !x509CertificateArr[i2].getIssuerDN().getName().contains(this.h)) {
                        HashMap<String, Object> g = g(g(g(null, this.m, this.c.getIssuerDN().getName() + ""), this.l, length + ""), this.n, x509CertificateArr[0].getIssuerDN().getName() + "");
                        if (length > 1) {
                            g = g(g, "Intermediate " + this.n, x509CertificateArr[i2].getIssuerDN().getName() + "");
                        }
                        if (b(x509CertificateArr[0], this.c) || a(x509CertificateArr[i2], this.d)) {
                            h(g, "MF_ANDROID_SSL_PINNING_SUCCESS");
                            return;
                        } else {
                            ur8.a(this.b, "MF_ANDROID_SSL_PINNING_FAILED");
                            return;
                        }
                    }
                    i = i2;
                    g(g(g(g(g(null, this.m, this.c.getIssuerDN().getName() + ""), "Leaf " + this.n, x509CertificateArr[0].getIssuerDN().getName() + ""), "Intermediate " + this.n, x509CertificateArr[i].getIssuerDN().getName() + ""), "Root " + this.n, x509CertificateArr[i2].getIssuerDN().getName() + ""), this.q, length + "");
                    return;
                }
            }
            this.c = this.f;
            int i3 = length - 1;
            if (length <= 2) {
                i = i3;
            }
            HashMap<String, Object> g2 = g(g(g(g(g(null, this.m, this.c.getIssuerDN().getName() + ""), "Leaf " + this.n, x509CertificateArr[0].getIssuerDN().getName() + ""), "Intermediate " + this.n, x509CertificateArr[i].getIssuerDN().getName() + ""), "Root " + this.n, x509CertificateArr[i3].getIssuerDN().getName() + ""), this.q, length + "");
            if (b(x509CertificateArr[0], this.c) || a(x509CertificateArr[i], this.g)) {
                h(g2, "MF_DIGI_SSL_PINNING_SUCCESS");
            } else {
                ur8.a(this.b, "MF_DIGI_SSL_PINNING_FAILED");
            }
        } catch (Exception unused) {
            HashMap<String, Object> g3 = g(g(null, "Exception", "while comparing server certificates"), this.q, length + "");
            if (length > 0) {
                g(g3, this.n, x509CertificateArr[0].getIssuerDN().getName() + "");
            }
            ur8.a(this.b, "MF_ANDROID_SSL_PINNING_FAILED");
        }
    }

    public final void d() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init((KeyStore) null);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    this.f13456a = (X509TrustManager) trustManager;
                }
            }
        } catch (KeyStoreException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        }
    }

    public final boolean e(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return false;
        }
        Date notAfter = x509Certificate.getNotAfter();
        Date date = new Date();
        if (!date.after(notAfter)) {
            return false;
        }
        g(g(null, "Client Certificate expired Date:", notAfter.toString()), "Client current Date:", date.toString());
        ur8.a(this.b, "MF_ANDROID_SSL_CLIENT_CERT_EXPIRED");
        return true;
    }

    /* JADX WARN: Not initialized variable reg: 2, insn: 0x003c: MOVE (r0 I:??[OBJECT, ARRAY]) = (r2 I:??[OBJECT, ARRAY]), block:B:26:0x003c */
    /* JADX WARN: Removed duplicated region for block: B:18:0x0032 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:29:0x003f A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final java.security.cert.X509Certificate f(android.content.Context r4, java.lang.String r5) {
        /*
            r3 = this;
            r0 = 0
            java.lang.String r1 = "X.509"
            java.security.cert.CertificateFactory r1 = java.security.cert.CertificateFactory.getInstance(r1)     // Catch: java.lang.Throwable -> L27 java.io.IOException -> L29 java.security.cert.CertificateException -> L2b
            java.io.BufferedInputStream r2 = new java.io.BufferedInputStream     // Catch: java.lang.Throwable -> L27 java.io.IOException -> L29 java.security.cert.CertificateException -> L2b
            android.content.res.AssetManager r4 = r4.getAssets()     // Catch: java.lang.Throwable -> L27 java.io.IOException -> L29 java.security.cert.CertificateException -> L2b
            java.io.InputStream r4 = r4.open(r5)     // Catch: java.lang.Throwable -> L27 java.io.IOException -> L29 java.security.cert.CertificateException -> L2b
            r2.<init>(r4)     // Catch: java.lang.Throwable -> L27 java.io.IOException -> L29 java.security.cert.CertificateException -> L2b
            java.security.cert.Certificate r4 = r1.generateCertificate(r2)     // Catch: java.io.IOException -> L23 java.security.cert.CertificateException -> L25 java.lang.Throwable -> L3b
            java.security.cert.X509Certificate r4 = (java.security.cert.X509Certificate) r4     // Catch: java.io.IOException -> L23 java.security.cert.CertificateException -> L25 java.lang.Throwable -> L3b
            r2.close()     // Catch: java.io.IOException -> L1e
            goto L22
        L1e:
            r5 = move-exception
            r5.printStackTrace()
        L22:
            return r4
        L23:
            r4 = move-exception
            goto L2d
        L25:
            r4 = move-exception
            goto L2d
        L27:
            r4 = move-exception
            goto L3d
        L29:
            r4 = move-exception
            goto L2c
        L2b:
            r4 = move-exception
        L2c:
            r2 = r0
        L2d:
            r4.printStackTrace()     // Catch: java.lang.Throwable -> L3b
            if (r2 == 0) goto L3a
            r2.close()     // Catch: java.io.IOException -> L36
            goto L3a
        L36:
            r4 = move-exception
            r4.printStackTrace()
        L3a:
            return r0
        L3b:
            r4 = move-exception
            r0 = r2
        L3d:
            if (r0 == 0) goto L47
            r0.close()     // Catch: java.io.IOException -> L43
            goto L47
        L43:
            r5 = move-exception
            r5.printStackTrace()
        L47:
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: defpackage.vw8.f(android.content.Context, java.lang.String):java.security.cert.X509Certificate");
    }

    public final HashMap<String, Object> g(HashMap<String, Object> hashMap, String str, String str2) {
        if (hashMap == null) {
            hashMap = new HashMap<>();
        }
        hashMap.put(str, str2);
        return hashMap;
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.f13456a.getAcceptedIssuers();
    }

    /* JADX WARN: Multi-variable type inference failed */
    public final void h(HashMap hashMap, String str) {
        if (this.s || this.t) {
            hashMap = g(g(hashMap, "cert PubKey Pinning", this.s + ""), "int cert PubKey Pinning", this.t + "");
        }
        if (this.u || this.v) {
            g(g(hashMap, "cert Pinning", this.u + ""), "int cert Pinning", this.v + "");
        }
        ur8.a(this.b, str);
    }
}
