package com.echostar.transfersEngine.Engine;

import com.flurry.android.Constants;
import com.sm.logger.DanyLogger;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class InstallCert {
    private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();
    private static KeyStore savedTrustStore = null;
    private String host;
    private int port;
    private String TAG = "InstallCert";
    private boolean showCert = false;

    /* loaded from: classes.dex */
    private static class SavingTrustManager implements X509TrustManager {
        private X509Certificate[] chain;
        private final X509TrustManager tm;

        SavingTrustManager(X509TrustManager x509TrustManager) {
            this.tm = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.chain = x509CertificateArr;
            this.tm.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            throw new UnsupportedOperationException();
        }
    }

    public InstallCert(String str, int i) {
        this.host = str;
        this.port = i;
    }

    private static String toHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 3);
        for (byte b : bArr) {
            int i = b & Constants.UNKNOWN;
            sb.append(HEXDIGITS[i >> 4]);
            sb.append(HEXDIGITS[i & 15]);
            sb.append(' ');
        }
        return sb.toString();
    }

    public KeyStore getUpdatedTrustStore() throws Exception {
        if (savedTrustStore != null) {
            DanyLogger.LOGString_Info(this.TAG, "Using saved TrustStore");
            return savedTrustStore;
        }
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        int i = 0;
        SavingTrustManager savingTrustManager = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
        sSLContext.init(null, new TrustManager[]{savingTrustManager}, null);
        SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(this.host, this.port);
        sSLSocket.setSoTimeout(10000);
        try {
            DanyLogger.LOGString_Info(this.TAG, "Starting SSL handshake...");
            sSLSocket.startHandshake();
            sSLSocket.close();
            DanyLogger.LOGString_Info(this.TAG, "No errors, certificate is already trusted");
        } catch (SSLException unused) {
            DanyLogger.LOGString_Info(this.TAG, "Certificate is not trusted. Should add certificates to trust store.");
        }
        X509Certificate[] x509CertificateArr = savingTrustManager.chain;
        if (x509CertificateArr == null) {
            DanyLogger.LOGString_Info(this.TAG, "Could not obtain server certificate chain");
            return null;
        }
        DanyLogger.LOGString_Info(this.TAG, "Server sent " + x509CertificateArr.length + " certificate(s)");
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
        MessageDigest messageDigest2 = MessageDigest.getInstance("MD5");
        for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
            X509Certificate x509Certificate = x509CertificateArr[i2];
            if (this.showCert) {
                DanyLogger.LOGString_Info(this.TAG, " " + (i2 + 1) + " Subject " + x509Certificate.getSubjectDN());
                String str = this.TAG;
                StringBuilder sb = new StringBuilder();
                sb.append("   Issuer  ");
                sb.append(x509Certificate.getIssuerDN());
                DanyLogger.LOGString_Info(str, sb.toString());
            }
            messageDigest.update(x509Certificate.getEncoded());
            if (this.showCert) {
                DanyLogger.LOGString_Info(this.TAG, "   sha1    " + toHexString(messageDigest.digest()));
            }
            messageDigest2.update(x509Certificate.getEncoded());
            if (this.showCert) {
                DanyLogger.LOGString_Info(this.TAG, "   md5     " + toHexString(messageDigest2.digest()));
            }
        }
        while (i < x509CertificateArr.length) {
            X509Certificate x509Certificate2 = x509CertificateArr[i];
            StringBuilder sb2 = new StringBuilder();
            sb2.append(this.host);
            sb2.append("-");
            i++;
            sb2.append(i);
            String sb3 = sb2.toString();
            keyStore.setCertificateEntry(sb3, x509Certificate2);
            if (this.showCert) {
                DanyLogger.LOGString_Info(this.TAG, x509Certificate2.toString());
                DanyLogger.LOGString_Info(this.TAG, "Added certificate [ " + i + " ] to keystore using alias '" + sb3 + "'");
            }
        }
        DanyLogger.LOGString_Info(this.TAG, "Added certificate(s) to trust store");
        savedTrustStore = keyStore;
        return savedTrustStore;
    }
}
