Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
example
package okhttp3;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import javax.annotation.Nullable;
import javax.net.ssl.SSLPeerUnverifiedException;
import okhttp3.internal.C6496c;
import okhttp3.internal.p196f.C6509b;
import okio.ByteString;
/* compiled from: CertificatePinner */
/* renamed from: okhttp3.k */
public final class C6565k {
/* renamed from: a */
public static final C6565k f20056a = new C6563a().m22759a();
/* renamed from: b */
private final Set<C6564b> f20057b;
@Nullable
/* renamed from: c */
private final C6509b f20058c;
/* compiled from: CertificatePinner */
/* renamed from: okhttp3.k$a */
public static final class C6563a {
/* renamed from: a */
private final List<C6564b> f20051a = new ArrayList();
/* renamed from: a */
public C6563a m22758a(String str, String... strArr) {
if (str == null) {
throw new NullPointerException("pattern == null");
}
for (String c6564b : strArr) {
this.f20051a.add(new C6564b(str, c6564b));
}
return this;
}
/* renamed from: a */
public C6565k m22759a() {
return new C6565k(new LinkedHashSet(this.f20051a), null);
}
}
/* compiled from: CertificatePinner */
/* renamed from: okhttp3.k$b */
static final class C6564b {
/* renamed from: a */
final String f20052a;
/* renamed from: b */
final String f20053b;
/* renamed from: c */
final String f20054c;
/* renamed from: d */
final ByteString f20055d;
C6564b(String str, String str2) {
String f;
this.f20052a = str;
if (str.startsWith("*.")) {
f = HttpUrl.m21961e("http://" + str.substring("*.".length())).m21969f();
} else {
f = HttpUrl.m21961e("http://" + str).m21969f();
}
this.f20053b = f;
if (str2.startsWith("sha1/")) {
this.f20054c = "sha1/";
this.f20055d = ByteString.decodeBase64(str2.substring("sha1/".length()));
} else if (str2.startsWith("sha256/")) {
this.f20054c = "sha256/";
this.f20055d = ByteString.decodeBase64(str2.substring("sha256/".length()));
} else {
throw new IllegalArgumentException("pins must start with 'sha256/' or 'sha1/': " + str2);
}
if (this.f20055d == null) {
throw new IllegalArgumentException("pins must be base64: " + str2);
}
}
/* renamed from: a */
boolean m22760a(String str) {
if (!this.f20052a.startsWith("*.")) {
return str.equals(this.f20053b);
}
return str.regionMatches(false, str.indexOf(46) + 1, this.f20053b, 0, this.f20053b.length());
}
public boolean equals(Object obj) {
return (obj instanceof C6564b) && this.f20052a.equals(((C6564b) obj).f20052a) && this.f20054c.equals(((C6564b) obj).f20054c) && this.f20055d.equals(((C6564b) obj).f20055d);
}
public int hashCode() {
return ((((this.f20052a.hashCode() + 527) * 31) + this.f20054c.hashCode()) * 31) + this.f20055d.hashCode();
}
public String toString() {
return this.f20054c + this.f20055d.base64();
}
}
C6565k(Set<C6564b> set, @Nullable C6509b c6509b) {
this.f20057b = set;
this.f20058c = c6509b;
}
public boolean equals(@Nullable Object obj) {
if (obj == this) {
return true;
}
boolean z = (obj instanceof C6565k) && C6496c.m22393a(this.f20058c, ((C6565k) obj).f20058c) && this.f20057b.equals(((C6565k) obj).f20057b);
return z;
}
public int hashCode() {
return ((this.f20058c != null ? this.f20058c.hashCode() : 0) * 31) + this.f20057b.hashCode();
}
/* renamed from: a */
public void m22766a(String str, List<Certificate> list) {
List a = m22764a(str);
if (!a.isEmpty()) {
int i;
if (this.f20058c != null) {
list = this.f20058c.mo7147a(list, str);
}
int size = list.size();
for (int i2 = 0; i2 < size; i2++) {
X509Certificate x509Certificate = (X509Certificate) list.get(i2);
int size2 = a.size();
int i3 = 0;
Object obj = null;
Object obj2 = null;
while (i3 < size2) {
C6564b c6564b = (C6564b) a.get(i3);
if (c6564b.f20054c.equals("sha256/")) {
if (obj == null) {
obj = C6565k.m22763b(x509Certificate);
}
if (c6564b.f20055d.equals(obj)) {
return;
}
} else if (c6564b.f20054c.equals("sha1/")) {
if (obj2 == null) {
obj2 = C6565k.m22762a(x509Certificate);
}
if (c6564b.f20055d.equals(obj2)) {
return;
}
} else {
throw new AssertionError();
}
Object obj3 = obj;
i3++;
obj2 = obj2;
obj = obj3;
}
}
StringBuilder append = new StringBuilder().append("Certificate pinning failure!").append("\n Peer certificate chain:");
int size3 = list.size();
for (i = 0; i < size3; i++) {
Certificate certificate = (X509Certificate) list.get(i);
append.append("\n ").append(C6565k.m22761a(certificate)).append(": ").append(certificate.getSubjectDN().getName());
}
append.append("\n Pinned certificates for ").append(str).append(":");
size3 = a.size();
for (i = 0; i < size3; i++) {
append.append("\n ").append((C6564b) a.get(i));
}
throw new SSLPeerUnverifiedException(append.toString());
}
}
/* renamed from: a */
List<C6564b> m22764a(String str) {
List<C6564b> emptyList = Collections.emptyList();
for (C6564b c6564b : this.f20057b) {
if (c6564b.m22760a(str)) {
if (emptyList.isEmpty()) {
emptyList = new ArrayList();
}
emptyList.add(c6564b);
}
}
return emptyList;
}
/* renamed from: a */
C6565k m22765a(C6509b c6509b) {
if (C6496c.m22393a(this.f20058c, (Object) c6509b)) {
return this;
}
return new C6565k(this.f20057b, c6509b);
}
/* renamed from: a */
public static String m22761a(Certificate certificate) {
if (certificate instanceof X509Certificate) {
return "sha256/" + C6565k.m22763b((X509Certificate) certificate).base64();
}
throw new IllegalArgumentException("Certificate pinning requires X509 certificates");
}
/* renamed from: a */
static ByteString m22762a(X509Certificate x509Certificate) {
return ByteString.of(x509Certificate.getPublicKey().getEncoded()).sha1();
}
/* renamed from: b */
static ByteString m22763b(X509Certificate x509Certificate) {
return ByteString.of(x509Certificate.getPublicKey().getEncoded()).sha256();
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.