.class public final Lokhttp3/CertificatePinner; .super Ljava/lang/Object; .source "SourceFile" # annotations .annotation system Ldalvik/annotation/MemberClasses; value = { Lokhttp3/CertificatePinner$Builder; } .end annotation # static fields .field public static final DEFAULT:Lokhttp3/CertificatePinner; # instance fields .field public final certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; .field public final pins:Ljava/util/Set; # direct methods .method static constructor ()V .locals 1 .line 128 new-instance v0, Lokhttp3/CertificatePinner$Builder; invoke-direct {v0}, Lokhttp3/CertificatePinner$Builder;->()V invoke-virtual {v0}, Lokhttp3/CertificatePinner$Builder;->build()Lokhttp3/CertificatePinner; move-result-object v0 sput-object v0, Lokhttp3/CertificatePinner;->DEFAULT:Lokhttp3/CertificatePinner; return-void .end method .method public constructor (Ljava/util/Set;Lokhttp3/internal/tls/CertificateChainCleaner;)V .locals 0 .line 133 invoke-direct {p0}, Ljava/lang/Object;->()V iput-object p1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; iput-object p2, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; return-void .end method .method public static pin(Ljava/security/cert/Certificate;)Ljava/lang/String; .locals 2 .line 243 instance-of v0, p0, Ljava/security/cert/X509Certificate; if-eqz v0, :cond_0 .line 246 new-instance v0, Ljava/lang/StringBuilder; invoke-direct {v0}, Ljava/lang/StringBuilder;->()V const-string v1, "sha256/" invoke-virtual {v0, v1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; check-cast p0, Ljava/security/cert/X509Certificate; invoke-static {p0}, Lokhttp3/CertificatePinner;->sha256(Ljava/security/cert/X509Certificate;)Lokio/ByteString; move-result-object p0 invoke-virtual {p0}, Lokio/ByteString;->base64()Ljava/lang/String; move-result-object p0 invoke-virtual {v0, p0}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v0}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object p0 return-object p0 .line 244 :cond_0 new-instance p0, Ljava/lang/IllegalArgumentException; const-string v0, "Certificate pinning requires X509 certificates" invoke-direct {p0, v0}, Ljava/lang/IllegalArgumentException;->(Ljava/lang/String;)V throw p0 .end method .method public static sha256(Ljava/security/cert/X509Certificate;)Lokio/ByteString; .locals 0 .line 254 invoke-virtual {p0}, Ljava/security/cert/Certificate;->getPublicKey()Ljava/security/PublicKey; move-result-object p0 invoke-interface {p0}, Ljava/security/Key;->getEncoded()[B move-result-object p0 invoke-static {p0}, Lokio/ByteString;->of([B)Lokio/ByteString; move-result-object p0 invoke-virtual {p0}, Lokio/ByteString;->sha256()Lokio/ByteString; move-result-object p0 return-object p0 .end method # virtual methods .method public check(Ljava/lang/String;Ljava/util/List;)V .locals 8 .line 162 invoke-virtual {p0, p1}, Lokhttp3/CertificatePinner;->findMatchingPins(Ljava/lang/String;)Ljava/util/List; move-result-object v0 .line 163 invoke-interface {v0}, Ljava/util/List;->isEmpty()Z move-result v1 if-eqz v1, :cond_0 return-void :cond_0 iget-object v1, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; if-eqz v1, :cond_1 .line 166 invoke-virtual {v1, p2, p1}, Lokhttp3/internal/tls/CertificateChainCleaner;->clean(Ljava/util/List;Ljava/lang/String;)Ljava/util/List; move-result-object p2 .line 169 :cond_1 invoke-interface {p2}, Ljava/util/List;->size()I move-result v1 const/4 v2, 0x0 move v3, v2 :goto_0 const/4 v4, 0x0 if-ge v3, v1, :cond_3 .line 170 invoke-interface {p2, v3}, Ljava/util/List;->get(I)Ljava/lang/Object; move-result-object v5 check-cast v5, Ljava/security/cert/X509Certificate; .line 176 invoke-interface {v0}, Ljava/util/List;->size()I move-result v5 if-gtz v5, :cond_2 add-int/lit8 v3, v3, 0x1 goto :goto_0 .line 177 :cond_2 invoke-interface {v0, v2}, Ljava/util/List;->get(I)Ljava/lang/Object; move-result-object p1 invoke-static {p1}, Lcom/amazonaws/handlers/HandlerChainFactory$$ExternalSyntheticThrowCCEIfNotNull0;->m(Ljava/lang/Object;)V .line 178 throw v4 .line 191 :cond_3 new-instance v1, Ljava/lang/StringBuilder; invoke-direct {v1}, Ljava/lang/StringBuilder;->()V const-string v3, "Certificate pinning failure!" .line 192 invoke-virtual {v1, v3}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; const-string v3, "\n Peer certificate chain:" .line 193 invoke-virtual {v1, v3}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; .line 194 invoke-interface {p2}, Ljava/util/List;->size()I move-result v3 move v5, v2 :goto_1 const-string v6, "\n " if-ge v5, v3, :cond_4 .line 195 invoke-interface {p2, v5}, Ljava/util/List;->get(I)Ljava/lang/Object; move-result-object v7 check-cast v7, Ljava/security/cert/X509Certificate; .line 196 invoke-virtual {v1, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-static {v7}, Lokhttp3/CertificatePinner;->pin(Ljava/security/cert/Certificate;)Ljava/lang/String; move-result-object v6 invoke-virtual {v1, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; const-string v6, ": " .line 197 invoke-virtual {v1, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v7}, Ljava/security/cert/X509Certificate;->getSubjectDN()Ljava/security/Principal; move-result-object v6 invoke-interface {v6}, Ljava/security/Principal;->getName()Ljava/lang/String; move-result-object v6 invoke-virtual {v1, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; add-int/lit8 v5, v5, 0x1 goto :goto_1 :cond_4 const-string p2, "\n Pinned certificates for " .line 199 invoke-virtual {v1, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v1, p1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; const-string p1, ":" invoke-virtual {v1, p1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; .line 200 invoke-interface {v0}, Ljava/util/List;->size()I move-result p1 :goto_2 if-ge v2, p1, :cond_5 .line 201 invoke-interface {v0, v2}, Ljava/util/List;->get(I)Ljava/lang/Object; move-result-object p2 invoke-static {p2}, Lcom/amazonaws/handlers/HandlerChainFactory$$ExternalSyntheticThrowCCEIfNotNull0;->m(Ljava/lang/Object;)V .line 202 invoke-virtual {v1, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v1, v4}, Ljava/lang/StringBuilder;->append(Ljava/lang/Object;)Ljava/lang/StringBuilder; add-int/lit8 v2, v2, 0x1 goto :goto_2 .line 204 :cond_5 new-instance p1, Ljavax/net/ssl/SSLPeerUnverifiedException; invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object p2 invoke-direct {p1, p2}, Ljavax/net/ssl/SSLPeerUnverifiedException;->(Ljava/lang/String;)V throw p1 .end method .method public equals(Ljava/lang/Object;)Z .locals 3 const/4 v0, 0x1 if-ne p1, p0, :cond_0 return v0 .line 140 :cond_0 instance-of v1, p1, Lokhttp3/CertificatePinner; if-eqz v1, :cond_1 iget-object v1, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; check-cast p1, Lokhttp3/CertificatePinner; iget-object v2, p1, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; .line 141 invoke-static {v1, v2}, Ljava/util/Objects;->equals(Ljava/lang/Object;Ljava/lang/Object;)Z move-result v1 if-eqz v1, :cond_1 iget-object v1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; iget-object p1, p1, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; .line 143 invoke-interface {v1, p1}, Ljava/util/Set;->equals(Ljava/lang/Object;)Z move-result p1 if-eqz p1, :cond_1 goto :goto_0 :cond_1 const/4 v0, 0x0 :goto_0 return v0 .end method .method public findMatchingPins(Ljava/lang/String;)Ljava/util/List; .locals 2 .line 218 invoke-static {}, Ljava/util/Collections;->emptyList()Ljava/util/List; move-result-object p1 iget-object v0, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; .line 219 invoke-interface {v0}, Ljava/util/Set;->iterator()Ljava/util/Iterator; move-result-object v0 invoke-interface {v0}, Ljava/util/Iterator;->hasNext()Z move-result v1 if-nez v1, :cond_0 return-object p1 :cond_0 invoke-interface {v0}, Ljava/util/Iterator;->next()Ljava/lang/Object; move-result-object p1 invoke-static {p1}, Lcom/amazonaws/handlers/HandlerChainFactory$$ExternalSyntheticThrowCCEIfNotNull0;->m(Ljava/lang/Object;)V const/4 p1, 0x0 .line 220 throw p1 .end method .method public hashCode()I .locals 2 iget-object v0, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; .line 147 invoke-static {v0}, Ljava/util/Objects;->hashCode(Ljava/lang/Object;)I move-result v0 mul-int/lit8 v0, v0, 0x1f iget-object v1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; .line 148 invoke-interface {v1}, Ljava/util/Set;->hashCode()I move-result v1 add-int/2addr v0, v1 return v0 .end method .method public withCertificateChainCleaner(Lokhttp3/internal/tls/CertificateChainCleaner;)Lokhttp3/CertificatePinner; .locals 2 iget-object v0, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; .line 231 invoke-static {v0, p1}, Ljava/util/Objects;->equals(Ljava/lang/Object;Ljava/lang/Object;)Z move-result v0 if-eqz v0, :cond_0 move-object v0, p0 goto :goto_0 .line 233 :cond_0 new-instance v0, Lokhttp3/CertificatePinner; iget-object v1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; invoke-direct {v0, v1, p1}, Lokhttp3/CertificatePinner;->(Ljava/util/Set;Lokhttp3/internal/tls/CertificateChainCleaner;)V :goto_0 return-object v0 .end method