package de.sep.sesam.common.security;

import java.io.IOException;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:de/sep/sesam/common/security/SSLUtils.class */
public class SSLUtils {
    private static SSLSocketFactory socketFactory = null;
    private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

    public static String getSSLThumbPrint(String str) throws UnknownHostException, IOException, NoSuchAlgorithmException, KeyManagementException, CertificateEncodingException {
        if (socketFactory == null) {
            initTrustManager();
        }
        SSLSocket sSLSocket = (SSLSocket) socketFactory.createSocket(str, 443);
        sSLSocket.setSoTimeout(10000);
        sSLSocket.startHandshake();
        Certificate[] peerCertificates = new HandshakeCompletedEvent(sSLSocket, sSLSocket.getSession()).getPeerCertificates();
        if (peerCertificates == null || peerCertificates.length <= 0) {
            return null;
        }
        MessageDigest.getInstance("SHA-1").update(peerCertificates[0].getEncoded());
        return getThumbPrint(peerCertificates[0]);
    }

    public static void initTrustManager() throws NoSuchAlgorithmException, KeyManagementException {
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: de.sep.sesam.common.security.SSLUtils.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }
        }};
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.getServerSessionContext().setSessionTimeout(0);
        sSLContext.init(null, trustManagerArr, new SecureRandom());
        socketFactory = sSLContext.getSocketFactory();
        HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);
        HttpsURLConnection.setDefaultHostnameVerifier((str, sSLSession) -> {
            return true;
        });
    }

    private static String getThumbPrint(Certificate certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(certificate.getEncoded());
        return toHexString(messageDigest.digest());
    }

    private static String toHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 3);
        for (byte b : bArr) {
            int i = b & 255;
            sb.append(HEXDIGITS[i >> 4]);
            sb.append(HEXDIGITS[i & 15]);
            sb.append(':');
        }
        String upperCase = sb.toString().toUpperCase();
        return upperCase.substring(0, upperCase.length() - 1);
    }
}
