X509Util.smali
.class public Laegon/chrome/net/X509Util;
.super Ljava/lang/Object;
# annotations
.annotation runtime Laegon/chrome/base/annotations/JNINamespace;
value = "net"
.end annotation
.annotation build Laegon/chrome/base/annotations/MainDex;
.end annotation
.annotation system Ldalvik/annotation/MemberClasses;
value = {
Laegon/chrome/net/X509Util$X509TrustManagerJellyBean;,
Laegon/chrome/net/X509Util$X509TrustManagerIceCreamSandwich;,
Laegon/chrome/net/X509Util$X509TrustManagerImplementation;,
Laegon/chrome/net/X509Util$TrustStorageListener;
}
.end annotation
# static fields
.field static final synthetic $assertionsDisabled:Z
.field private static final HEX_DIGITS:[C
.field private static final OID_ANY_EKU:Ljava/lang/String; = "2.5.29.37.0"
.field private static final OID_SERVER_GATED_MICROSOFT:Ljava/lang/String; = "1.3.6.1.4.1.311.10.3.3"
.field private static final OID_SERVER_GATED_NETSCAPE:Ljava/lang/String; = "2.16.840.1.113730.4.1"
.field private static final OID_TLS_SERVER_AUTH:Ljava/lang/String; = "1.3.6.1.5.5.7.3.1"
.field private static final TAG:Ljava/lang/String; = "X509Util"
.field private static sCertificateFactory:Ljava/security/cert/CertificateFactory;
.field private static sDefaultTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
.field private static sDisableNativeCodeForTest:Z
.field private static sLoadedSystemKeyStore:Z
.field private static final sLock:Ljava/lang/Object;
.field private static sSystemCertificateDirectory:Ljava/io/File;
.field private static sSystemKeyStore:Ljava/security/KeyStore;
.field private static sSystemTrustAnchorCache:Ljava/util/Set;
.annotation system Ldalvik/annotation/Signature;
value = {
"Ljava/util/Set",
"<",
"Landroid/util/Pair",
"<",
"Ljavax/security/auth/x500/X500Principal;",
"Ljava/security/PublicKey;",
">;>;"
}
.end annotation
.end field
.field private static sTestKeyStore:Ljava/security/KeyStore;
.field private static sTestTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
.field private static sTrustStorageListener:Laegon/chrome/net/X509Util$TrustStorageListener;
# direct methods
.method static constructor <clinit>()V
.registers 1
const-class v0, Laegon/chrome/net/X509Util;
invoke-virtual {v0}, Ljava/lang/Class;->desiredAssertionStatus()Z
move-result v0
if-nez v0, :cond_1c
const/4 v0, 0x1
:goto_9
sput-boolean v0, Laegon/chrome/net/X509Util;->$assertionsDisabled:Z
new-instance v0, Ljava/lang/Object;
invoke-direct {v0}, Ljava/lang/Object;-><init>()V
sput-object v0, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
const/16 v0, 0x10
new-array v0, v0, [C
fill-array-data v0, :array_1e
sput-object v0, Laegon/chrome/net/X509Util;->HEX_DIGITS:[C
return-void
:cond_1c
const/4 v0, 0x0
goto :goto_9
:array_1e
.array-data 2
0x30s
0x31s
0x32s
0x33s
0x34s
0x35s
0x36s
0x37s
0x38s
0x39s
0x61s
0x62s
0x63s
0x64s
0x65s
0x66s
.end array-data
.end method
.method public constructor <init>()V
.registers 1
invoke-direct {p0}, Ljava/lang/Object;-><init>()V
return-void
.end method
.method static synthetic access$000()V
.registers 0
invoke-static {}, Laegon/chrome/net/X509Util;->reloadDefaultTrustManager()V
return-void
.end method
.method public static addTestRootCertificate([B)V
.registers 6
invoke-static {}, Laegon/chrome/net/X509Util;->ensureInitialized()V
invoke-static {p0}, Laegon/chrome/net/X509Util;->createCertificateFromBytes([B)Ljava/security/cert/X509Certificate;
move-result-object v0
sget-object v1, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
monitor-enter v1
:try_start_a
sget-object v2, Laegon/chrome/net/X509Util;->sTestKeyStore:Ljava/security/KeyStore;
new-instance v3, Ljava/lang/StringBuilder;
invoke-direct {v3}, Ljava/lang/StringBuilder;-><init>()V
const-string v4, "root_cert_"
invoke-virtual {v3, v4}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v3
sget-object v4, Laegon/chrome/net/X509Util;->sTestKeyStore:Ljava/security/KeyStore;
invoke-virtual {v4}, Ljava/security/KeyStore;->size()I
move-result v4
invoke-static {v4}, Ljava/lang/Integer;->toString(I)Ljava/lang/String;
move-result-object v4
invoke-virtual {v3, v4}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v3
invoke-virtual {v3}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v3
invoke-virtual {v2, v3, v0}, Ljava/security/KeyStore;->setCertificateEntry(Ljava/lang/String;Ljava/security/cert/Certificate;)V
invoke-static {}, Laegon/chrome/net/X509Util;->reloadTestTrustManager()V
monitor-exit v1
return-void
:catchall_31
move-exception v0
monitor-exit v1
:try_end_33
.catchall {:try_start_a .. :try_end_33} :catchall_31
throw v0
.end method
.method public static clearTestRootCertificates()V
.registers 3
invoke-static {}, Laegon/chrome/net/X509Util;->ensureInitialized()V
sget-object v1, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
monitor-enter v1
:try_start_6
sget-object v0, Laegon/chrome/net/X509Util;->sTestKeyStore:Ljava/security/KeyStore;
const/4 v2, 0x0
invoke-virtual {v0, v2}, Ljava/security/KeyStore;->load(Ljava/security/KeyStore$LoadStoreParameter;)V
invoke-static {}, Laegon/chrome/net/X509Util;->reloadTestTrustManager()V
:try_end_f
.catch Ljava/io/IOException; {:try_start_6 .. :try_end_f} :catch_14
.catchall {:try_start_6 .. :try_end_f} :catchall_11
:goto_f
:try_start_f
monitor-exit v1
return-void
:catchall_11
move-exception v0
monitor-exit v1
:try_end_13
.catchall {:try_start_f .. :try_end_13} :catchall_11
throw v0
:catch_14
move-exception v0
goto :goto_f
.end method
.method public static createCertificateFromBytes([B)Ljava/security/cert/X509Certificate;
.registers 3
invoke-static {}, Laegon/chrome/net/X509Util;->ensureInitialized()V
sget-object v0, Laegon/chrome/net/X509Util;->sCertificateFactory:Ljava/security/cert/CertificateFactory;
new-instance v1, Ljava/io/ByteArrayInputStream;
invoke-direct {v1, p0}, Ljava/io/ByteArrayInputStream;-><init>([B)V
invoke-virtual {v0, v1}, Ljava/security/cert/CertificateFactory;->generateCertificate(Ljava/io/InputStream;)Ljava/security/cert/Certificate;
move-result-object v0
check-cast v0, Ljava/security/cert/X509Certificate;
return-object v0
.end method
.method private static createTrustManager(Ljava/security/KeyStore;)Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
.registers 10
invoke-static {}, Ljavax/net/ssl/TrustManagerFactory;->getDefaultAlgorithm()Ljava/lang/String;
move-result-object v1
invoke-static {v1}, Ljavax/net/ssl/TrustManagerFactory;->getInstance(Ljava/lang/String;)Ljavax/net/ssl/TrustManagerFactory;
move-result-object v1
invoke-virtual {v1, p0}, Ljavax/net/ssl/TrustManagerFactory;->init(Ljava/security/KeyStore;)V
invoke-virtual {v1}, Ljavax/net/ssl/TrustManagerFactory;->getTrustManagers()[Ljavax/net/ssl/TrustManager;
move-result-object v5
array-length v6, v5
const/4 v1, 0x0
move v4, v1
:goto_12
if-ge v4, v6, :cond_65
aget-object v2, v5, v4
instance-of v1, v2, Ljavax/net/ssl/X509TrustManager;
if-eqz v1, :cond_61
:try_start_1a
sget v1, Landroid/os/Build$VERSION;->SDK_INT:I
const/16 v3, 0x11
if-lt v1, v3, :cond_2b
new-instance v3, Laegon/chrome/net/X509Util$X509TrustManagerJellyBean;
move-object v0, v2
check-cast v0, Ljavax/net/ssl/X509TrustManager;
move-object v1, v0
invoke-direct {v3, v1}, Laegon/chrome/net/X509Util$X509TrustManagerJellyBean;-><init>(Ljavax/net/ssl/X509TrustManager;)V
move-object v1, v3
:goto_2a
return-object v1
:cond_2b
new-instance v3, Laegon/chrome/net/X509Util$X509TrustManagerIceCreamSandwich;
move-object v0, v2
check-cast v0, Ljavax/net/ssl/X509TrustManager;
move-object v1, v0
invoke-direct {v3, v1}, Laegon/chrome/net/X509Util$X509TrustManagerIceCreamSandwich;-><init>(Ljavax/net/ssl/X509TrustManager;)V
:try_end_34
.catch Ljava/lang/IllegalArgumentException; {:try_start_1a .. :try_end_34} :catch_36
move-object v1, v3
goto :goto_2a
:catch_36
move-exception v1
invoke-virtual {v2}, Ljava/lang/Object;->getClass()Ljava/lang/Class;
move-result-object v2
invoke-virtual {v2}, Ljava/lang/Class;->getName()Ljava/lang/String;
move-result-object v2
const-string v3, "X509Util"
new-instance v7, Ljava/lang/StringBuilder;
invoke-direct {v7}, Ljava/lang/StringBuilder;-><init>()V
const-string v8, "Error creating trust manager ("
invoke-virtual {v7, v8}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v7
invoke-virtual {v7, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v2
const-string v7, "): "
invoke-virtual {v2, v7}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v2
invoke-virtual {v2, v1}, Ljava/lang/StringBuilder;->append(Ljava/lang/Object;)Ljava/lang/StringBuilder;
move-result-object v1
invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v1
invoke-static {v3, v1}, Landroid/util/Log;->e(Ljava/lang/String;Ljava/lang/String;)I
:cond_61
add-int/lit8 v1, v4, 0x1
move v4, v1
goto :goto_12
:cond_65
const-string v1, "X509Util"
const-string v2, "Could not find suitable trust manager"
invoke-static {v1, v2}, Landroid/util/Log;->e(Ljava/lang/String;Ljava/lang/String;)I
const/4 v1, 0x0
goto :goto_2a
.end method
.method private static ensureInitialized()V
.registers 2
sget-object v1, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
monitor-enter v1
:try_start_3
invoke-static {}, Laegon/chrome/net/X509Util;->ensureInitializedLocked()V
monitor-exit v1
return-void
:catchall_8
move-exception v0
monitor-exit v1
:try_end_a
.catchall {:try_start_3 .. :try_end_a} :catchall_8
throw v0
.end method
.method private static ensureInitializedLocked()V
.registers 4
const/4 v3, 0x0
sget-boolean v0, Laegon/chrome/net/X509Util;->$assertionsDisabled:Z
if-nez v0, :cond_13
sget-object v0, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
invoke-static {v0}, Ljava/lang/Thread;->holdsLock(Ljava/lang/Object;)Z
move-result v0
if-nez v0, :cond_13
new-instance v0, Ljava/lang/AssertionError;
invoke-direct {v0}, Ljava/lang/AssertionError;-><init>()V
throw v0
:cond_13
sget-object v0, Laegon/chrome/net/X509Util;->sCertificateFactory:Ljava/security/cert/CertificateFactory;
if-nez v0, :cond_1f
const-string v0, "X.509"
invoke-static {v0}, Ljava/security/cert/CertificateFactory;->getInstance(Ljava/lang/String;)Ljava/security/cert/CertificateFactory;
move-result-object v0
sput-object v0, Laegon/chrome/net/X509Util;->sCertificateFactory:Ljava/security/cert/CertificateFactory;
:cond_1f
sget-object v0, Laegon/chrome/net/X509Util;->sDefaultTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
if-nez v0, :cond_29
invoke-static {v3}, Laegon/chrome/net/X509Util;->createTrustManager(Ljava/security/KeyStore;)Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
move-result-object v0
sput-object v0, Laegon/chrome/net/X509Util;->sDefaultTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
:cond_29
sget-boolean v0, Laegon/chrome/net/X509Util;->sLoadedSystemKeyStore:Z
if-nez v0, :cond_5e
:try_start_2d
const-string v0, "AndroidCAStore"
invoke-static {v0}, Ljava/security/KeyStore;->getInstance(Ljava/lang/String;)Ljava/security/KeyStore;
move-result-object v0
sput-object v0, Laegon/chrome/net/X509Util;->sSystemKeyStore:Ljava/security/KeyStore;
:try_end_35
.catch Ljava/security/KeyStoreException; {:try_start_2d .. :try_end_35} :catch_c0
:try_start_35
sget-object v0, Laegon/chrome/net/X509Util;->sSystemKeyStore:Ljava/security/KeyStore;
const/4 v1, 0x0
invoke-virtual {v0, v1}, Ljava/security/KeyStore;->load(Ljava/security/KeyStore$LoadStoreParameter;)V
:try_end_3b
.catch Ljava/io/IOException; {:try_start_35 .. :try_end_3b} :catch_c2
.catch Ljava/security/KeyStoreException; {:try_start_35 .. :try_end_3b} :catch_c0
:goto_3b
:try_start_3b
new-instance v0, Ljava/io/File;
new-instance v1, Ljava/lang/StringBuilder;
invoke-direct {v1}, Ljava/lang/StringBuilder;-><init>()V
const-string v2, "ANDROID_ROOT"
invoke-static {v2}, Ljava/lang/System;->getenv(Ljava/lang/String;)Ljava/lang/String;
move-result-object v2
invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v1
const-string v2, "/etc/security/cacerts"
invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v1
invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v1
invoke-direct {v0, v1}, Ljava/io/File;-><init>(Ljava/lang/String;)V
sput-object v0, Laegon/chrome/net/X509Util;->sSystemCertificateDirectory:Ljava/io/File;
:try_end_5b
.catch Ljava/security/KeyStoreException; {:try_start_3b .. :try_end_5b} :catch_c0
:goto_5b
const/4 v0, 0x1
sput-boolean v0, Laegon/chrome/net/X509Util;->sLoadedSystemKeyStore:Z
:cond_5e
sget-object v0, Laegon/chrome/net/X509Util;->sSystemTrustAnchorCache:Ljava/util/Set;
if-nez v0, :cond_69
new-instance v0, Ljava/util/HashSet;
invoke-direct {v0}, Ljava/util/HashSet;-><init>()V
sput-object v0, Laegon/chrome/net/X509Util;->sSystemTrustAnchorCache:Ljava/util/Set;
:cond_69
sget-object v0, Laegon/chrome/net/X509Util;->sTestKeyStore:Ljava/security/KeyStore;
if-nez v0, :cond_7d
invoke-static {}, Ljava/security/KeyStore;->getDefaultType()Ljava/lang/String;
move-result-object v0
invoke-static {v0}, Ljava/security/KeyStore;->getInstance(Ljava/lang/String;)Ljava/security/KeyStore;
move-result-object v0
sput-object v0, Laegon/chrome/net/X509Util;->sTestKeyStore:Ljava/security/KeyStore;
:try_start_77
sget-object v0, Laegon/chrome/net/X509Util;->sTestKeyStore:Ljava/security/KeyStore;
const/4 v1, 0x0
invoke-virtual {v0, v1}, Ljava/security/KeyStore;->load(Ljava/security/KeyStore$LoadStoreParameter;)V
:try_end_7d
.catch Ljava/io/IOException; {:try_start_77 .. :try_end_7d} :catch_be
:cond_7d
:goto_7d
sget-object v0, Laegon/chrome/net/X509Util;->sTestTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
if-nez v0, :cond_89
sget-object v0, Laegon/chrome/net/X509Util;->sTestKeyStore:Ljava/security/KeyStore;
invoke-static {v0}, Laegon/chrome/net/X509Util;->createTrustManager(Ljava/security/KeyStore;)Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
move-result-object v0
sput-object v0, Laegon/chrome/net/X509Util;->sTestTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
:cond_89
sget-object v0, Laegon/chrome/net/X509Util;->sTrustStorageListener:Laegon/chrome/net/X509Util$TrustStorageListener;
if-nez v0, :cond_b7
new-instance v0, Laegon/chrome/net/X509Util$TrustStorageListener;
invoke-direct {v0, v3}, Laegon/chrome/net/X509Util$TrustStorageListener;-><init>(Laegon/chrome/net/X509Util$1;)V
sput-object v0, Laegon/chrome/net/X509Util;->sTrustStorageListener:Laegon/chrome/net/X509Util$TrustStorageListener;
new-instance v0, Landroid/content/IntentFilter;
invoke-direct {v0}, Landroid/content/IntentFilter;-><init>()V
sget v1, Landroid/os/Build$VERSION;->SDK_INT:I
const/16 v2, 0x1a
if-lt v1, v2, :cond_b8
const-string v1, "android.security.action.KEYCHAIN_CHANGED"
invoke-virtual {v0, v1}, Landroid/content/IntentFilter;->addAction(Ljava/lang/String;)V
const-string v1, "android.security.action.KEY_ACCESS_CHANGED"
invoke-virtual {v0, v1}, Landroid/content/IntentFilter;->addAction(Ljava/lang/String;)V
const-string v1, "android.security.action.TRUST_STORE_CHANGED"
invoke-virtual {v0, v1}, Landroid/content/IntentFilter;->addAction(Ljava/lang/String;)V
:goto_ae
invoke-static {}, Laegon/chrome/base/ContextUtils;->getApplicationContext()Landroid/content/Context;
move-result-object v1
sget-object v2, Laegon/chrome/net/X509Util;->sTrustStorageListener:Laegon/chrome/net/X509Util$TrustStorageListener;
invoke-virtual {v1, v2, v0}, Landroid/content/Context;->registerReceiver(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;)Landroid/content/Intent;
:cond_b7
return-void
:cond_b8
const-string v1, "android.security.STORAGE_CHANGED"
invoke-virtual {v0, v1}, Landroid/content/IntentFilter;->addAction(Ljava/lang/String;)V
goto :goto_ae
:catch_be
move-exception v0
goto :goto_7d
:catch_c0
move-exception v0
goto :goto_5b
:catch_c2
move-exception v0
goto/16 :goto_3b
.end method
.method private static hashPrincipal(Ljavax/security/auth/x500/X500Principal;)Ljava/lang/String;
.registers 7
const-string v0, "MD5"
invoke-static {v0}, Ljava/security/MessageDigest;->getInstance(Ljava/lang/String;)Ljava/security/MessageDigest;
move-result-object v0
invoke-virtual {p0}, Ljavax/security/auth/x500/X500Principal;->getEncoded()[B
move-result-object v1
invoke-virtual {v0, v1}, Ljava/security/MessageDigest;->digest([B)[B
move-result-object v1
const/16 v0, 0x8
new-array v2, v0, [C
const/4 v0, 0x0
:goto_13
const/4 v3, 0x4
if-ge v0, v3, :cond_39
mul-int/lit8 v3, v0, 0x2
sget-object v4, Laegon/chrome/net/X509Util;->HEX_DIGITS:[C
rsub-int/lit8 v5, v0, 0x3
aget-byte v5, v1, v5
shr-int/lit8 v5, v5, 0x4
and-int/lit8 v5, v5, 0xf
aget-char v4, v4, v5
aput-char v4, v2, v3
mul-int/lit8 v3, v0, 0x2
add-int/lit8 v3, v3, 0x1
sget-object v4, Laegon/chrome/net/X509Util;->HEX_DIGITS:[C
rsub-int/lit8 v5, v0, 0x3
aget-byte v5, v1, v5
and-int/lit8 v5, v5, 0xf
aget-char v4, v4, v5
aput-char v4, v2, v3
add-int/lit8 v0, v0, 0x1
goto :goto_13
:cond_39
new-instance v0, Ljava/lang/String;
invoke-direct {v0, v2}, Ljava/lang/String;-><init>([C)V
return-object v0
.end method
.method private static isKnownRoot(Ljava/security/cert/X509Certificate;)Z
.registers 11
const/4 v3, 0x1
const/4 v2, 0x0
sget-boolean v0, Laegon/chrome/net/X509Util;->$assertionsDisabled:Z
if-nez v0, :cond_14
sget-object v0, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
invoke-static {v0}, Ljava/lang/Thread;->holdsLock(Ljava/lang/Object;)Z
move-result v0
if-nez v0, :cond_14
new-instance v0, Ljava/lang/AssertionError;
invoke-direct {v0}, Ljava/lang/AssertionError;-><init>()V
throw v0
:cond_14
sget-object v0, Laegon/chrome/net/X509Util;->sSystemKeyStore:Ljava/security/KeyStore;
if-nez v0, :cond_19
:cond_18
:goto_18
return v2
:cond_19
new-instance v4, Landroid/util/Pair;
invoke-virtual {p0}, Ljava/security/cert/X509Certificate;->getSubjectX500Principal()Ljavax/security/auth/x500/X500Principal;
move-result-object v0
invoke-virtual {p0}, Ljava/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey;
move-result-object v1
invoke-direct {v4, v0, v1}, Landroid/util/Pair;-><init>(Ljava/lang/Object;Ljava/lang/Object;)V
sget-object v0, Laegon/chrome/net/X509Util;->sSystemTrustAnchorCache:Ljava/util/Set;
invoke-interface {v0, v4}, Ljava/util/Set;->contains(Ljava/lang/Object;)Z
move-result v0
if-eqz v0, :cond_30
move v2, v3
goto :goto_18
:cond_30
invoke-virtual {p0}, Ljava/security/cert/X509Certificate;->getSubjectX500Principal()Ljavax/security/auth/x500/X500Principal;
move-result-object v0
invoke-static {v0}, Laegon/chrome/net/X509Util;->hashPrincipal(Ljavax/security/auth/x500/X500Principal;)Ljava/lang/String;
move-result-object v5
move v1, v2
:goto_39
new-instance v0, Ljava/lang/StringBuilder;
invoke-direct {v0}, Ljava/lang/StringBuilder;-><init>()V
invoke-virtual {v0, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v0
const/16 v6, 0x2e
invoke-virtual {v0, v6}, Ljava/lang/StringBuilder;->append(C)Ljava/lang/StringBuilder;
move-result-object v0
invoke-virtual {v0, v1}, Ljava/lang/StringBuilder;->append(I)Ljava/lang/StringBuilder;
move-result-object v0
invoke-virtual {v0}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v6
new-instance v0, Ljava/io/File;
sget-object v7, Laegon/chrome/net/X509Util;->sSystemCertificateDirectory:Ljava/io/File;
invoke-direct {v0, v7, v6}, Ljava/io/File;-><init>(Ljava/io/File;Ljava/lang/String;)V
invoke-virtual {v0}, Ljava/io/File;->exists()Z
move-result v0
if-eqz v0, :cond_18
sget-object v0, Laegon/chrome/net/X509Util;->sSystemKeyStore:Ljava/security/KeyStore;
new-instance v7, Ljava/lang/StringBuilder;
invoke-direct {v7}, Ljava/lang/StringBuilder;-><init>()V
const-string v8, "system:"
invoke-virtual {v7, v8}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v7
invoke-virtual {v7, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v7
invoke-virtual {v7}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v7
invoke-virtual {v0, v7}, Ljava/security/KeyStore;->getCertificate(Ljava/lang/String;)Ljava/security/cert/Certificate;
move-result-object v0
if-nez v0, :cond_7c
:cond_78
:goto_78
add-int/lit8 v0, v1, 0x1
move v1, v0
goto :goto_39
:cond_7c
instance-of v7, v0, Ljava/security/cert/X509Certificate;
if-nez v7, :cond_ab
invoke-virtual {v0}, Ljava/lang/Object;->getClass()Ljava/lang/Class;
move-result-object v0
invoke-virtual {v0}, Ljava/lang/Class;->getName()Ljava/lang/String;
move-result-object v0
const-string v7, "X509Util"
new-instance v8, Ljava/lang/StringBuilder;
invoke-direct {v8}, Ljava/lang/StringBuilder;-><init>()V
const-string v9, "Anchor "
invoke-virtual {v8, v9}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v8
invoke-virtual {v8, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v6
const-string v8, " not an X509Certificate: "
invoke-virtual {v6, v8}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v6
invoke-virtual {v6, v0}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v0
invoke-virtual {v0}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v0
invoke-static {v7, v0}, Landroid/util/Log;->e(Ljava/lang/String;Ljava/lang/String;)I
goto :goto_78
:cond_ab
check-cast v0, Ljava/security/cert/X509Certificate;
invoke-virtual {p0}, Ljava/security/cert/X509Certificate;->getSubjectX500Principal()Ljavax/security/auth/x500/X500Principal;
move-result-object v6
invoke-virtual {v0}, Ljava/security/cert/X509Certificate;->getSubjectX500Principal()Ljavax/security/auth/x500/X500Principal;
move-result-object v7
invoke-virtual {v6, v7}, Ljavax/security/auth/x500/X500Principal;->equals(Ljava/lang/Object;)Z
move-result v6
if-eqz v6, :cond_78
invoke-virtual {p0}, Ljava/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey;
move-result-object v6
invoke-virtual {v0}, Ljava/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey;
move-result-object v0
invoke-virtual {v6, v0}, Ljava/lang/Object;->equals(Ljava/lang/Object;)Z
move-result v0
if-eqz v0, :cond_78
sget-object v0, Laegon/chrome/net/X509Util;->sSystemTrustAnchorCache:Ljava/util/Set;
invoke-interface {v0, v4}, Ljava/util/Set;->add(Ljava/lang/Object;)Z
move v2, v3
goto/16 :goto_18
.end method
.method private static native nativeNotifyKeyChainChanged()V
.end method
.method private static reloadDefaultTrustManager()V
.registers 2
sget-object v1, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
monitor-enter v1
const/4 v0, 0x0
:try_start_4
sput-object v0, Laegon/chrome/net/X509Util;->sDefaultTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
const/4 v0, 0x0
sput-object v0, Laegon/chrome/net/X509Util;->sSystemTrustAnchorCache:Ljava/util/Set;
invoke-static {}, Laegon/chrome/net/X509Util;->ensureInitializedLocked()V
monitor-exit v1
:try_end_d
.catchall {:try_start_4 .. :try_end_d} :catchall_11
invoke-static {}, Laegon/chrome/net/X509Util;->nativeNotifyKeyChainChanged()V
return-void
:catchall_11
move-exception v0
:try_start_12
monitor-exit v1
:try_end_13
.catchall {:try_start_12 .. :try_end_13} :catchall_11
throw v0
.end method
.method private static reloadTestTrustManager()V
.registers 1
sget-boolean v0, Laegon/chrome/net/X509Util;->$assertionsDisabled:Z
if-nez v0, :cond_12
sget-object v0, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
invoke-static {v0}, Ljava/lang/Thread;->holdsLock(Ljava/lang/Object;)Z
move-result v0
if-nez v0, :cond_12
new-instance v0, Ljava/lang/AssertionError;
invoke-direct {v0}, Ljava/lang/AssertionError;-><init>()V
throw v0
:cond_12
sget-object v0, Laegon/chrome/net/X509Util;->sTestKeyStore:Ljava/security/KeyStore;
invoke-static {v0}, Laegon/chrome/net/X509Util;->createTrustManager(Ljava/security/KeyStore;)Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
move-result-object v0
sput-object v0, Laegon/chrome/net/X509Util;->sTestTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
return-void
.end method
.method public static setDisableNativeCodeForTest(Z)V
.registers 1
sput-boolean p0, Laegon/chrome/net/X509Util;->sDisableNativeCodeForTest:Z
return-void
.end method
.method static verifyKeyUsage(Ljava/security/cert/X509Certificate;)Z
.registers 6
const/4 v1, 0x1
const/4 v2, 0x0
:try_start_2
invoke-virtual {p0}, Ljava/security/cert/X509Certificate;->getExtendedKeyUsage()Ljava/util/List;
:try_end_5
.catch Ljava/lang/NullPointerException; {:try_start_2 .. :try_end_5} :catch_a
move-result-object v0
if-nez v0, :cond_d
move v0, v1
:goto_9
return v0
:catch_a
move-exception v0
move v0, v2
goto :goto_9
:cond_d
invoke-interface {v0}, Ljava/util/List;->iterator()Ljava/util/Iterator;
move-result-object v3
:cond_11
invoke-interface {v3}, Ljava/util/Iterator;->hasNext()Z
move-result v0
if-eqz v0, :cond_3f
invoke-interface {v3}, Ljava/util/Iterator;->next()Ljava/lang/Object;
move-result-object v0
check-cast v0, Ljava/lang/String;
const-string v4, "1.3.6.1.5.5.7.3.1"
invoke-virtual {v0, v4}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
move-result v4
if-nez v4, :cond_3d
const-string v4, "2.5.29.37.0"
invoke-virtual {v0, v4}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
move-result v4
if-nez v4, :cond_3d
const-string v4, "2.16.840.1.113730.4.1"
invoke-virtual {v0, v4}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
move-result v4
if-nez v4, :cond_3d
const-string v4, "1.3.6.1.4.1.311.10.3.3"
invoke-virtual {v0, v4}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
move-result v0
if-eqz v0, :cond_11
:cond_3d
move v0, v1
goto :goto_9
:cond_3f
move v0, v2
goto :goto_9
.end method
.method public static verifyServerCertificates([[BLjava/lang/String;Ljava/lang/String;)Laegon/chrome/net/AndroidCertVerifyResult;
.registers 10
const/4 v6, -0x1
const/4 v2, 0x0
if-eqz p0, :cond_b
array-length v0, p0
if-eqz v0, :cond_b
aget-object v0, p0, v2
if-nez v0, :cond_28
:cond_b
new-instance v0, Ljava/lang/IllegalArgumentException;
new-instance v1, Ljava/lang/StringBuilder;
invoke-direct {v1}, Ljava/lang/StringBuilder;-><init>()V
const-string v2, "Expected non-null and non-empty certificate chain passed as |certChain|. |certChain|="
invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v1
invoke-static {p0}, Ljava/util/Arrays;->deepToString([Ljava/lang/Object;)Ljava/lang/String;
move-result-object v2
invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v1
invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v1
invoke-direct {v0, v1}, Ljava/lang/IllegalArgumentException;-><init>(Ljava/lang/String;)V
throw v0
:cond_28
:try_start_28
invoke-static {}, Laegon/chrome/net/X509Util;->ensureInitialized()V
:try_end_2b
.catch Ljava/security/cert/CertificateException; {:try_start_28 .. :try_end_2b} :catch_4a
new-instance v1, Ljava/util/ArrayList;
invoke-direct {v1}, Ljava/util/ArrayList;-><init>()V
const/4 v0, 0x0
:try_start_31
aget-object v0, p0, v0
invoke-static {v0}, Laegon/chrome/net/X509Util;->createCertificateFromBytes([B)Ljava/security/cert/X509Certificate;
move-result-object v0
invoke-interface {v1, v0}, Ljava/util/List;->add(Ljava/lang/Object;)Z
:try_end_3a
.catch Ljava/security/cert/CertificateException; {:try_start_31 .. :try_end_3a} :catch_51
const/4 v0, 0x1
:goto_3b
array-length v3, p0
if-ge v0, v3, :cond_79
:try_start_3e
aget-object v3, p0, v0
invoke-static {v3}, Laegon/chrome/net/X509Util;->createCertificateFromBytes([B)Ljava/security/cert/X509Certificate;
move-result-object v3
invoke-interface {v1, v3}, Ljava/util/List;->add(Ljava/lang/Object;)Z
:try_end_47
.catch Ljava/security/cert/CertificateException; {:try_start_3e .. :try_end_47} :catch_59
:goto_47
add-int/lit8 v0, v0, 0x1
goto :goto_3b
:catch_4a
move-exception v0
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
invoke-direct {v0, v6}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(I)V
:goto_50
return-object v0
:catch_51
move-exception v0
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
const/4 v1, -0x5
invoke-direct {v0, v1}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(I)V
goto :goto_50
:catch_59
move-exception v3
const-string v3, "X509Util"
new-instance v4, Ljava/lang/StringBuilder;
invoke-direct {v4}, Ljava/lang/StringBuilder;-><init>()V
const-string v5, "intermediate "
invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v4
invoke-virtual {v4, v0}, Ljava/lang/StringBuilder;->append(I)Ljava/lang/StringBuilder;
move-result-object v4
const-string v5, " failed parsing"
invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v4
invoke-virtual {v4}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v4
invoke-static {v3, v4}, Landroid/util/Log;->w(Ljava/lang/String;Ljava/lang/String;)I
goto :goto_47
:cond_79
invoke-interface {v1}, Ljava/util/List;->size()I
move-result v0
new-array v0, v0, [Ljava/security/cert/X509Certificate;
invoke-interface {v1, v0}, Ljava/util/List;->toArray([Ljava/lang/Object;)[Ljava/lang/Object;
move-result-object v0
check-cast v0, [Ljava/security/cert/X509Certificate;
const/4 v1, 0x0
:try_start_86
aget-object v1, v0, v1
invoke-virtual {v1}, Ljava/security/cert/X509Certificate;->checkValidity()V
const/4 v1, 0x0
aget-object v1, v0, v1
invoke-static {v1}, Laegon/chrome/net/X509Util;->verifyKeyUsage(Ljava/security/cert/X509Certificate;)Z
move-result v1
if-nez v1, :cond_b2
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
const/4 v1, -0x6
invoke-direct {v0, v1}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(I)V
:try_end_9a
.catch Ljava/security/cert/CertificateExpiredException; {:try_start_86 .. :try_end_9a} :catch_9b
.catch Ljava/security/cert/CertificateNotYetValidException; {:try_start_86 .. :try_end_9a} :catch_a3
.catch Ljava/security/cert/CertificateException; {:try_start_86 .. :try_end_9a} :catch_ab
goto :goto_50
:catch_9b
move-exception v0
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
const/4 v1, -0x3
invoke-direct {v0, v1}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(I)V
goto :goto_50
:catch_a3
move-exception v0
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
const/4 v1, -0x4
invoke-direct {v0, v1}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(I)V
goto :goto_50
:catch_ab
move-exception v0
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
invoke-direct {v0, v6}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(I)V
goto :goto_50
:cond_b2
sget-object v4, Laegon/chrome/net/X509Util;->sLock:Ljava/lang/Object;
monitor-enter v4
:try_start_b5
sget-object v1, Laegon/chrome/net/X509Util;->sDefaultTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
if-nez v1, :cond_c4
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
const/4 v1, -0x1
invoke-direct {v0, v1}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(I)V
monitor-exit v4
goto :goto_50
:catchall_c1
move-exception v0
monitor-exit v4
:try_end_c3
.catchall {:try_start_b5 .. :try_end_c3} :catchall_c1
throw v0
:cond_c4
:try_start_c4
sget-object v1, Laegon/chrome/net/X509Util;->sDefaultTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
invoke-interface {v1, v0, p1, p2}, Laegon/chrome/net/X509Util$X509TrustManagerImplementation;->checkServerTrusted([Ljava/security/cert/X509Certificate;Ljava/lang/String;Ljava/lang/String;)Ljava/util/List;
:try_end_c9
.catch Ljava/security/cert/CertificateException; {:try_start_c4 .. :try_end_c9} :catch_eb
.catchall {:try_start_c4 .. :try_end_c9} :catchall_c1
move-result-object v0
move-object v3, v0
:goto_cb
:try_start_cb
invoke-interface {v3}, Ljava/util/List;->size()I
move-result v0
if-lez v0, :cond_11a
invoke-interface {v3}, Ljava/util/List;->size()I
move-result v0
add-int/lit8 v0, v0, -0x1
invoke-interface {v3, v0}, Ljava/util/List;->get(I)Ljava/lang/Object;
move-result-object v0
check-cast v0, Ljava/security/cert/X509Certificate;
invoke-static {v0}, Laegon/chrome/net/X509Util;->isKnownRoot(Ljava/security/cert/X509Certificate;)Z
move-result v0
move v1, v0
:goto_e2
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
const/4 v2, 0x0
invoke-direct {v0, v2, v1, v3}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(IZLjava/util/List;)V
monitor-exit v4
:try_end_e9
.catchall {:try_start_cb .. :try_end_e9} :catchall_c1
goto/16 :goto_50
:catch_eb
move-exception v1
:try_start_ec
sget-object v3, Laegon/chrome/net/X509Util;->sTestTrustManager:Laegon/chrome/net/X509Util$X509TrustManagerImplementation;
invoke-interface {v3, v0, p1, p2}, Laegon/chrome/net/X509Util$X509TrustManagerImplementation;->checkServerTrusted([Ljava/security/cert/X509Certificate;Ljava/lang/String;Ljava/lang/String;)Ljava/util/List;
:try_end_f1
.catch Ljava/security/cert/CertificateException; {:try_start_ec .. :try_end_f1} :catch_f4
.catchall {:try_start_ec .. :try_end_f1} :catchall_c1
move-result-object v0
move-object v3, v0
goto :goto_cb
:catch_f4
move-exception v0
:try_start_f5
const-string v0, "X509Util"
new-instance v2, Ljava/lang/StringBuilder;
invoke-direct {v2}, Ljava/lang/StringBuilder;-><init>()V
const-string v3, "Failed to validate the certificate chain, error: "
invoke-virtual {v2, v3}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v2
invoke-virtual {v1}, Ljava/security/cert/CertificateException;->getMessage()Ljava/lang/String;
move-result-object v1
invoke-virtual {v2, v1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v1
invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v1
invoke-static {v0, v1}, Landroid/util/Log;->i(Ljava/lang/String;Ljava/lang/String;)I
new-instance v0, Laegon/chrome/net/AndroidCertVerifyResult;
const/4 v1, -0x2
invoke-direct {v0, v1}, Laegon/chrome/net/AndroidCertVerifyResult;-><init>(I)V
monitor-exit v4
:try_end_118
.catchall {:try_start_f5 .. :try_end_118} :catchall_c1
goto/16 :goto_50
:cond_11a
move v1, v2
goto :goto_e2
.end method