.class public final Lokhttp3/CertificatePinner; .super Ljava/lang/Object; .source "" # annotations .annotation system Ldalvik/annotation/MemberClasses; value = { Lokhttp3/CertificatePinner$Builder;, Lokhttp3/CertificatePinner$Pin; } .end annotation # static fields .field public static final DEFAULT:Lokhttp3/CertificatePinner; # instance fields .field private final certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; .field private final pins:Ljava/util/Set; .annotation system Ldalvik/annotation/Signature; value = { "Ljava/util/Set<", "Lokhttp3/CertificatePinner$Pin;", ">;" } .end annotation .end field # direct methods .method static constructor ()V .locals 1 new-instance v0, Lokhttp3/CertificatePinner$Builder; invoke-direct {v0}, Lokhttp3/CertificatePinner$Builder;->()V invoke-virtual {v0}, Lokhttp3/CertificatePinner$Builder;->build()Lokhttp3/CertificatePinner; move-result-object v0 sput-object v0, Lokhttp3/CertificatePinner;->DEFAULT:Lokhttp3/CertificatePinner; return-void .end method .method constructor (Ljava/util/Set;Lokhttp3/internal/tls/CertificateChainCleaner;)V .locals 0 .annotation system Ldalvik/annotation/Signature; value = { "(", "Ljava/util/Set<", "Lokhttp3/CertificatePinner$Pin;", ">;", "Lokhttp3/internal/tls/CertificateChainCleaner;", ")V" } .end annotation invoke-direct {p0}, Ljava/lang/Object;->()V iput-object p1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; iput-object p2, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; return-void .end method .method public static pin(Ljava/security/cert/Certificate;)Ljava/lang/String; .locals 2 instance-of v0, p0, Ljava/security/cert/X509Certificate; if-eqz v0, :cond_0 new-instance v0, Ljava/lang/StringBuilder; invoke-direct {v0}, Ljava/lang/StringBuilder;->()V const-string v1, "sha256/" invoke-virtual {v0, v1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; check-cast p0, Ljava/security/cert/X509Certificate; invoke-static {p0}, Lokhttp3/CertificatePinner;->sha256(Ljava/security/cert/X509Certificate;)Lokio/ByteString; move-result-object p0 invoke-virtual {p0}, Lokio/ByteString;->base64()Ljava/lang/String; move-result-object p0 invoke-virtual {v0, p0}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v0}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object p0 return-object p0 :cond_0 new-instance p0, Ljava/lang/IllegalArgumentException; const-string v0, "Certificate pinning requires X509 certificates" invoke-direct {p0, v0}, Ljava/lang/IllegalArgumentException;->(Ljava/lang/String;)V throw p0 .end method .method static sha1(Ljava/security/cert/X509Certificate;)Lokio/ByteString; .locals 0 invoke-virtual {p0}, Ljava/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey; move-result-object p0 invoke-interface {p0}, Ljava/security/PublicKey;->getEncoded()[B move-result-object p0 invoke-static {p0}, Lokio/ByteString;->of([B)Lokio/ByteString; move-result-object p0 invoke-virtual {p0}, Lokio/ByteString;->sha1()Lokio/ByteString; move-result-object p0 return-object p0 .end method .method static sha256(Ljava/security/cert/X509Certificate;)Lokio/ByteString; .locals 0 invoke-virtual {p0}, Ljava/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey; move-result-object p0 invoke-interface {p0}, Ljava/security/PublicKey;->getEncoded()[B move-result-object p0 invoke-static {p0}, Lokio/ByteString;->of([B)Lokio/ByteString; move-result-object p0 invoke-virtual {p0}, Lokio/ByteString;->sha256()Lokio/ByteString; move-result-object p0 return-object p0 .end method # virtual methods .method public check(Ljava/lang/String;Ljava/util/List;)V .locals 12 .annotation system Ldalvik/annotation/Signature; value = { "(", "Ljava/lang/String;", "Ljava/util/List<", "Ljava/security/cert/Certificate;", ">;)V" } .end annotation .annotation system Ldalvik/annotation/Throws; value = { Ljavax/net/ssl/SSLPeerUnverifiedException; } .end annotation invoke-virtual {p0, p1}, Lokhttp3/CertificatePinner;->findMatchingPins(Ljava/lang/String;)Ljava/util/List; move-result-object v0 invoke-interface {v0}, Ljava/util/List;->isEmpty()Z move-result v1 if-eqz v1, :cond_0 return-void :cond_0 iget-object v1, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; if-eqz v1, :cond_1 invoke-virtual {v1, p2, p1}, Lokhttp3/internal/tls/CertificateChainCleaner;->clean(Ljava/util/List;Ljava/lang/String;)Ljava/util/List; move-result-object p2 :cond_1 invoke-interface {p2}, Ljava/util/List;->size()I move-result v1 const/4 v2, 0x0 const/4 v3, 0x0 :goto_0 if-ge v3, v1, :cond_8 invoke-interface {p2, v3}, Ljava/util/List;->get(I)Ljava/lang/Object; move-result-object v4 check-cast v4, Ljava/security/cert/X509Certificate; invoke-interface {v0}, Ljava/util/List;->size()I move-result v5 const/4 v6, 0x0 move-object v7, v6 move-object v8, v7 const/4 v6, 0x0 :goto_1 if-ge v6, v5, :cond_7 invoke-interface {v0, v6}, Ljava/util/List;->get(I)Ljava/lang/Object; move-result-object v9 check-cast v9, Lokhttp3/CertificatePinner$Pin; iget-object v10, v9, Lokhttp3/CertificatePinner$Pin;->hashAlgorithm:Ljava/lang/String; const-string v11, "sha256/" invoke-virtual {v10, v11}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z move-result v10 if-eqz v10, :cond_3 if-nez v7, :cond_2 invoke-static {v4}, Lokhttp3/CertificatePinner;->sha256(Ljava/security/cert/X509Certificate;)Lokio/ByteString; move-result-object v7 :cond_2 iget-object v9, v9, Lokhttp3/CertificatePinner$Pin;->hash:Lokio/ByteString; invoke-virtual {v9, v7}, Lokio/ByteString;->equals(Ljava/lang/Object;)Z move-result v9 if-eqz v9, :cond_5 return-void :cond_3 iget-object v10, v9, Lokhttp3/CertificatePinner$Pin;->hashAlgorithm:Ljava/lang/String; const-string v11, "sha1/" invoke-virtual {v10, v11}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z move-result v10 if-eqz v10, :cond_6 if-nez v8, :cond_4 invoke-static {v4}, Lokhttp3/CertificatePinner;->sha1(Ljava/security/cert/X509Certificate;)Lokio/ByteString; move-result-object v8 :cond_4 iget-object v9, v9, Lokhttp3/CertificatePinner$Pin;->hash:Lokio/ByteString; invoke-virtual {v9, v8}, Lokio/ByteString;->equals(Ljava/lang/Object;)Z move-result v9 if-eqz v9, :cond_5 return-void :cond_5 add-int/lit8 v6, v6, 0x1 goto :goto_1 :cond_6 new-instance p1, Ljava/lang/AssertionError; new-instance p2, Ljava/lang/StringBuilder; invoke-direct {p2}, Ljava/lang/StringBuilder;->()V const-string v0, "unsupported hashAlgorithm: " invoke-virtual {p2, v0}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; iget-object v0, v9, Lokhttp3/CertificatePinner$Pin;->hashAlgorithm:Ljava/lang/String; invoke-virtual {p2, v0}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {p2}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object p2 invoke-direct {p1, p2}, Ljava/lang/AssertionError;->(Ljava/lang/Object;)V throw p1 :cond_7 add-int/lit8 v3, v3, 0x1 goto :goto_0 :cond_8 new-instance v1, Ljava/lang/StringBuilder; invoke-direct {v1}, Ljava/lang/StringBuilder;->()V const-string v3, "Certificate pinning failure!" invoke-virtual {v1, v3}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; const-string v3, "\n Peer certificate chain:" invoke-virtual {v1, v3}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-interface {p2}, Ljava/util/List;->size()I move-result v3 const/4 v4, 0x0 :goto_2 const-string v5, "\n " if-ge v4, v3, :cond_9 invoke-interface {p2, v4}, Ljava/util/List;->get(I)Ljava/lang/Object; move-result-object v6 check-cast v6, Ljava/security/cert/X509Certificate; invoke-virtual {v1, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-static {v6}, Lokhttp3/CertificatePinner;->pin(Ljava/security/cert/Certificate;)Ljava/lang/String; move-result-object v5 invoke-virtual {v1, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; const-string v5, ": " invoke-virtual {v1, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v6}, Ljava/security/cert/X509Certificate;->getSubjectDN()Ljava/security/Principal; move-result-object v5 invoke-interface {v5}, Ljava/security/Principal;->getName()Ljava/lang/String; move-result-object v5 invoke-virtual {v1, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; add-int/lit8 v4, v4, 0x1 goto :goto_2 :cond_9 const-string p2, "\n Pinned certificates for " invoke-virtual {v1, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v1, p1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; const-string p1, ":" invoke-virtual {v1, p1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-interface {v0}, Ljava/util/List;->size()I move-result p1 :goto_3 if-ge v2, p1, :cond_a invoke-interface {v0, v2}, Ljava/util/List;->get(I)Ljava/lang/Object; move-result-object p2 check-cast p2, Lokhttp3/CertificatePinner$Pin; invoke-virtual {v1, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v1, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/Object;)Ljava/lang/StringBuilder; add-int/lit8 v2, v2, 0x1 goto :goto_3 :cond_a new-instance p1, Ljavax/net/ssl/SSLPeerUnverifiedException; invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object p2 invoke-direct {p1, p2}, Ljavax/net/ssl/SSLPeerUnverifiedException;->(Ljava/lang/String;)V goto :goto_5 :goto_4 throw p1 :goto_5 goto :goto_4 .end method .method public varargs check(Ljava/lang/String;[Ljava/security/cert/Certificate;)V .locals 0 .annotation system Ldalvik/annotation/Throws; value = { Ljavax/net/ssl/SSLPeerUnverifiedException; } .end annotation invoke-static {p2}, Ljava/util/Arrays;->asList([Ljava/lang/Object;)Ljava/util/List; move-result-object p2 invoke-virtual {p0, p1, p2}, Lokhttp3/CertificatePinner;->check(Ljava/lang/String;Ljava/util/List;)V return-void .end method .method public equals(Ljava/lang/Object;)Z .locals 3 const/4 v0, 0x1 if-ne p1, p0, :cond_0 return v0 :cond_0 instance-of v1, p1, Lokhttp3/CertificatePinner; if-eqz v1, :cond_1 iget-object v1, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; check-cast p1, Lokhttp3/CertificatePinner; iget-object v2, p1, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; invoke-static {v1, v2}, Lokhttp3/internal/Util;->equal(Ljava/lang/Object;Ljava/lang/Object;)Z move-result v1 if-eqz v1, :cond_1 iget-object v1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; iget-object p1, p1, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; invoke-interface {v1, p1}, Ljava/util/Set;->equals(Ljava/lang/Object;)Z move-result p1 if-eqz p1, :cond_1 goto :goto_0 :cond_1 const/4 v0, 0x0 :goto_0 return v0 .end method .method findMatchingPins(Ljava/lang/String;)Ljava/util/List; .locals 4 .annotation system Ldalvik/annotation/Signature; value = { "(", "Ljava/lang/String;", ")", "Ljava/util/List<", "Lokhttp3/CertificatePinner$Pin;", ">;" } .end annotation invoke-static {}, Ljava/util/Collections;->emptyList()Ljava/util/List; move-result-object v0 iget-object v1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; invoke-interface {v1}, Ljava/util/Set;->iterator()Ljava/util/Iterator; move-result-object v1 :cond_0 :goto_0 invoke-interface {v1}, Ljava/util/Iterator;->hasNext()Z move-result v2 if-eqz v2, :cond_2 invoke-interface {v1}, Ljava/util/Iterator;->next()Ljava/lang/Object; move-result-object v2 check-cast v2, Lokhttp3/CertificatePinner$Pin; invoke-virtual {v2, p1}, Lokhttp3/CertificatePinner$Pin;->matches(Ljava/lang/String;)Z move-result v3 if-eqz v3, :cond_0 invoke-interface {v0}, Ljava/util/List;->isEmpty()Z move-result v3 if-eqz v3, :cond_1 new-instance v0, Ljava/util/ArrayList; invoke-direct {v0}, Ljava/util/ArrayList;->()V :cond_1 invoke-interface {v0, v2}, Ljava/util/List;->add(Ljava/lang/Object;)Z goto :goto_0 :cond_2 return-object v0 .end method .method public hashCode()I .locals 2 iget-object v0, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; if-eqz v0, :cond_0 invoke-virtual {v0}, Ljava/lang/Object;->hashCode()I move-result v0 goto :goto_0 :cond_0 const/4 v0, 0x0 :goto_0 mul-int/lit8 v0, v0, 0x1f iget-object v1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; invoke-interface {v1}, Ljava/util/Set;->hashCode()I move-result v1 add-int/2addr v0, v1 return v0 .end method .method withCertificateChainCleaner(Lokhttp3/internal/tls/CertificateChainCleaner;)Lokhttp3/CertificatePinner; .locals 2 iget-object v0, p0, Lokhttp3/CertificatePinner;->certificateChainCleaner:Lokhttp3/internal/tls/CertificateChainCleaner; invoke-static {v0, p1}, Lokhttp3/internal/Util;->equal(Ljava/lang/Object;Ljava/lang/Object;)Z move-result v0 if-eqz v0, :cond_0 move-object v0, p0 goto :goto_0 :cond_0 new-instance v0, Lokhttp3/CertificatePinner; iget-object v1, p0, Lokhttp3/CertificatePinner;->pins:Ljava/util/Set; invoke-direct {v0, v1, p1}, Lokhttp3/CertificatePinner;->(Ljava/util/Set;Lokhttp3/internal/tls/CertificateChainCleaner;)V :goto_0 return-object v0 .end method