package com.shenxuanche.app.utils;

import car.network.utils.Base64;
import java.io.PrintStream;
import java.security.MessageDigest;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class SSLPinGenerator {
    private static final String DEFAULT_HASH_ALGORTHM = "SHA-1";
    private boolean debugPrinting;
    private MessageDigest digest;
    private String hashAlgorthm;
    private int hostPort;
    private String hostname;

    /* loaded from: classes.dex */
    public class PublicKeyExtractingTrustManager implements X509TrustManager {
        private final Base64 base64Encoder = new Base64();

        public PublicKeyExtractingTrustManager() {
        }

        private String removeHyphen(String str) {
            return str.replace("-", "");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            Principal subjectDN;
            for (X509Certificate x509Certificate : x509CertificateArr) {
                byte[] encoded = x509Certificate.getPublicKey().getEncoded();
                if (SSLPinGenerator.this.debugPrinting && (subjectDN = x509Certificate.getSubjectDN()) != null) {
                    System.out.println("Subject :  " + subjectDN.getName());
                }
                byte[] digest = SSLPinGenerator.this.digest.digest(encoded);
                String removeHyphen = removeHyphen(SSLPinGenerator.this.hashAlgorthm);
                PrintStream printStream = System.out;
                Base64 base64 = this.base64Encoder;
                printStream.println(String.format("%s/%s", removeHyphen, Base64.encode(digest)));
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public SSLPinGenerator(String str, int i, String str2, boolean z) throws Exception {
        this.hashAlgorthm = DEFAULT_HASH_ALGORTHM;
        this.debugPrinting = false;
        this.hashAlgorthm = str2;
        this.hostname = str;
        this.hostPort = i;
        this.debugPrinting = z;
        this.digest = MessageDigest.getInstance(str2);
    }

    public static void main(String[] strArr) {
        try {
            if (strArr.length < 1) {
                printHelp();
                return;
            }
            if ("help".equalsIgnoreCase(strArr[0])) {
                printHelp();
                return;
            }
            String[] split = strArr[0].split(":");
            try {
                new SSLPinGenerator(split[0], split.length == 1 ? 443 : Integer.parseInt(split[1]), strArr.length >= 2 ? strArr[1] : DEFAULT_HASH_ALGORTHM, strArr.length >= 3 && "debug".equalsIgnoreCase(strArr[2])).fetchAndPrintPinHashs();
            } catch (Exception e) {
                printHelp();
                System.out.println("\nWhoops something went wrong: " + e.getMessage());
                e.printStackTrace();
            }
        } catch (Exception e2) {
            System.out.println("CLI Error: " + e2.getMessage());
            printHelp();
        }
    }

    private static void printHelp() {
        System.out.println("##SSL pin set generator##");
        System.out.println("The generated pinset are base-64 encoded hashes (default SHA-1, but supports SHA-256). Note: only run this on a trusted network.");
        System.out.println("\nUsage: \"java -jar generatePins.jar <host>[:port] hashAlgorthm\" i.e scottyab.com:443 sha-256 ");
    }

    public void fetchAndPrintPinHashs() throws Exception {
        System.out.println("**Run this on a trusted network**\nGenerating SSL pins for: " + this.hostname);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{new PublicKeyExtractingTrustManager()}, null);
        SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(this.hostname, this.hostPort);
        sSLSocket.setSoTimeout(10000);
        sSLSocket.startHandshake();
        sSLSocket.close();
    }
}
