package com.smileandpay.mpos.tools;

import android.util.Base64;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.logging.Logger;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes4.dex */
final class SPwebX509TrustManager implements X509TrustManager {
    private Logger logger;
    private X509TrustManager x509TrustManager;
    private static List<String> validPins = Arrays.asList("yUZX46uNTHF69doC88KoCtSK7MPEWrFMwR6whAAY8gE=", "WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4=", "x4QzPSC810K5/cMjb05Qm4k3Bw5zBn4lTdO/nEW/Td4=", "wv4jMY4pjUojoZetKd2uYPlMRv5SUU66ule5McSq784=");
    private static List<String> validCN = Arrays.asList("cn=*.smileandpay.eu,ou=gandi standard wildcard ssl,ou=domain control validated", "cn=*.smileandpay.com,ou=gandi standard wildcard ssl,ou=domain control validated", "cn=gandi standard ssl ca 2,o=gandi,l=paris,st=paris,c=fr", "cn=usertrust rsa certification authority,o=the usertrust network,l=jersey city,st=new jersey,c=us");

    public SPwebX509TrustManager(TLSSocketFactory tLSSocketFactory) throws NoSuchAlgorithmException, KeyStoreException, Exception {
        this.x509TrustManager = null;
        Logger logger = Logger.getLogger("WinPayment");
        this.logger = logger;
        logger.info("  Creating SPwebX509TrustManager ...");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                this.x509TrustManager = (X509TrustManager) trustManager;
                return;
            }
        }
        throw new Exception("Couldn't initialize SPwebX509TrustManager");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.x509TrustManager.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if (x509CertificateArr == null || x509CertificateArr.length < 2) {
            throw new CertificateException("Certificate pinning failure\n chain==null or chain.length < 2");
        }
        for (int i = 0; i < x509CertificateArr.length; i++) {
            try {
                String encodeToString = Base64.encodeToString(MessageDigest.getInstance("SHA-256").digest(x509CertificateArr[i].getPublicKey().getEncoded()), 2);
                String str2 = "    sha256/" + encodeToString + " : " + x509CertificateArr[i].getSubjectDN().toString() + "\n";
                if (!validPins.contains(encodeToString)) {
                    throw new CertificateException("Certificate pinning failure\n  Peer certificate chain:\n" + str2);
                }
                if (!validCN.contains(x509CertificateArr[i].getSubjectX500Principal().getName().toLowerCase())) {
                    throw new CertificateException("Certificate pinning failure\n  Commun Name:\n" + x509CertificateArr[0].getSubjectX500Principal().getName());
                }
            } catch (NoSuchAlgorithmException unused) {
                throw new CertificateException("Certificate pinning failure\n  NoSuchAlgorithmException");
            } catch (CertificateException e) {
                throw e;
            }
        }
        this.x509TrustManager.checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.x509TrustManager.getAcceptedIssuers();
    }
}
