package com.daimler.mm.android.login.siteminder;

import android.net.Uri;
import android.os.AsyncTask;
import android.support.annotation.Nullable;
import com.squareup.okhttp.CertificatePinner;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import rx.Single;
import rx.subjects.ReplaySubject;
import timber.log.Timber;

/* loaded from: classes.dex */
public class OscarCertificatePinner {
    private final OscarCertificatePinnerWrapper certificatePinner;
    private boolean sslPinningEnabled;

    /* loaded from: classes.dex */
    public static class OscarCertificatePinnerWrapper {
        private final String[][] certificateHashes;
        private final CertificatePinner certificatePinner;

        public OscarCertificatePinnerWrapper(String[][] strArr) {
            this.certificateHashes = strArr;
            CertificatePinner.Builder builder = new CertificatePinner.Builder();
            for (String[] strArr2 : this.certificateHashes) {
                builder.add(strArr2[0], strArr2[1]);
            }
            this.certificatePinner = builder.build();
        }

        private List<Certificate> getCertificates(String str, int i) {
            X509TrustManager x509TrustManager = new X509TrustManager() { // from class: com.daimler.mm.android.login.siteminder.OscarCertificatePinner.OscarCertificatePinnerWrapper.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            try {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
                SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, i);
                sSLSocket.startHandshake();
                return Arrays.asList(sSLSocket.getSession().getPeerCertificates());
            } catch (Exception e) {
                throw new RuntimeException("Problem while fetching peer certificates", e);
            }
        }

        public void check(String str, int i) throws SSLPeerUnverifiedException {
            this.certificatePinner.check(str, getCertificates(str, i));
        }

        public String[][] getCertificateHashes() {
            return this.certificateHashes;
        }

        public CertificatePinner getCertificatePinner() {
            return this.certificatePinner;
        }
    }

    public OscarCertificatePinner(OscarCertificatePinnerWrapper oscarCertificatePinnerWrapper, boolean z) {
        this.certificatePinner = oscarCertificatePinnerWrapper;
        this.sslPinningEnabled = z;
    }

    /* JADX INFO: Access modifiers changed from: private */
    @Nullable
    public Exception verifyPinsFor(String str, int i) {
        try {
            this.certificatePinner.check(str, i);
            return null;
        } catch (Exception e) {
            Timber.e(e.getMessage(), new Object[0]);
            return e;
        }
    }

    public Single<Void> verifyAsync(final String str) {
        final ReplaySubject create = ReplaySubject.create();
        new AsyncTask<Void, Void, Exception>() { // from class: com.daimler.mm.android.login.siteminder.OscarCertificatePinner.1
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public Exception doInBackground(Void... voidArr) {
                if (!OscarCertificatePinner.this.sslPinningEnabled) {
                    Timber.d("SSL_PINNING is off", new Object[0]);
                    return null;
                }
                Uri parse = Uri.parse(str);
                if (!"https".equals(parse.getScheme())) {
                    return null;
                }
                int port = parse.getPort();
                if (port == -1) {
                    port = 443;
                }
                return OscarCertificatePinner.this.verifyPinsFor(parse.getHost(), port);
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public void onPostExecute(Exception exc) {
                if (exc != null) {
                    create.onError(exc);
                } else {
                    create.onNext(null);
                    create.onCompleted();
                }
            }
        }.execute(new Void[0]);
        return create.toSingle();
    }
}
