package com.ivuu.googleTalk.token;

import android.net.http.X509TrustManagerExtensions;
import android.os.Build;
import android.util.Base64;
import com.google.firebase.perf.network.FirebasePerfUrlConnection;
import com.ivuu.C1722R;
import com.ivuu.IvuuApplication;
import com.ivuu.f2.s;
import com.ivuu.l1;
import com.ivuu.m1;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.net.URLConnection;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: AlfredSource */
/* loaded from: classes2.dex */
public class j {
    private static KeyStore a;
    private static SSLContext b;
    private static List<String> c;

    /* compiled from: AlfredSource */
    /* loaded from: classes2.dex */
    public static class a implements X509TrustManager {
        ArrayList<X509TrustManager> a = new ArrayList<>();

        public a(KeyStore... keyStoreArr) {
            ArrayList arrayList = new ArrayList();
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init((KeyStore) null);
                arrayList.add(trustManagerFactory);
                if (keyStoreArr != null) {
                    for (KeyStore keyStore : keyStoreArr) {
                        TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                        trustManagerFactory2.init(keyStore);
                        arrayList.add(trustManagerFactory2);
                    }
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    for (TrustManager trustManager : ((TrustManagerFactory) it.next()).getTrustManagers()) {
                        if (trustManager instanceof X509TrustManager) {
                            this.a.add((X509TrustManager) trustManager);
                        }
                    }
                }
                if (this.a.size() == 0) {
                    throw new RuntimeException("Couldn't find any X509TrustManagers");
                }
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        }

        private boolean a(X509Certificate x509Certificate) {
            s.p("HttpUtils", "isValidatePinning: ");
            if (!x509Certificate.getSubjectDN().getName().endsWith("my-alfred.com")) {
                return true;
            }
            try {
                byte[] encoded = x509Certificate.getPublicKey().getEncoded();
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
                messageDigest.update(encoded, 0, encoded.length);
                return j.c.contains(Base64.encodeToString(messageDigest.digest(), 2));
            } catch (Exception e2) {
                e2.printStackTrace();
                return false;
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            this.a.get(0).checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            try {
                x509CertificateArr[0].checkValidity();
                Iterator<X509TrustManager> it = this.a.iterator();
                boolean z = false;
                while (it.hasNext()) {
                    try {
                        it.next().checkServerTrusted(x509CertificateArr, str);
                        z = true;
                    } catch (CertificateException unused) {
                    }
                }
                if (!z) {
                    throw new CertificateException("Invalid server certificate");
                }
                if (!a(x509CertificateArr[0])) {
                    throw new CertificateException("Invalid server certificate");
                }
            } catch (Exception e2) {
                e2.printStackTrace();
                throw new CertificateException("Certificate checkValidity failed");
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            ArrayList arrayList = new ArrayList();
            Iterator<X509TrustManager> it = this.a.iterator();
            while (it.hasNext()) {
                arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        }
    }

    private static void b(HttpsURLConnection httpsURLConnection) {
        httpsURLConnection.setSSLSocketFactory(f().getSocketFactory());
    }

    private static void c(HttpsURLConnection httpsURLConnection) {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        X509TrustManager x509TrustManager = null;
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        int length = trustManagers.length;
        int i2 = 0;
        while (true) {
            if (i2 >= length) {
                break;
            }
            TrustManager trustManager = trustManagers[i2];
            if (trustManager instanceof X509TrustManager) {
                x509TrustManager = (X509TrustManager) trustManager;
                break;
            }
            i2++;
        }
        o(new X509TrustManagerExtensions(x509TrustManager), httpsURLConnection);
    }

    public static void d(HttpsURLConnection httpsURLConnection) {
        String url = httpsURLConnection.getURL().toString();
        if (url.contains("my-alfred.com")) {
            int i2 = Build.VERSION.SDK_INT;
            boolean z = false;
            if (i2 <= 21) {
                s.d0("HttpUtils", "additionalTrustManager url: " + url);
                b(httpsURLConnection);
                z = true;
            }
            httpsURLConnection.connect();
            if (z || i2 <= 21 || i2 > 23) {
                return;
            }
            s.d0("HttpUtils", "checkTrustManager url: " + url);
            c(httpsURLConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static HttpsURLConnection e(String str) {
        String str2 = "Alfred-Android/" + IvuuApplication.f() + " (Linux; Android " + Build.VERSION.RELEASE + "; " + Build.MODEL + ")";
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) ((URLConnection) FirebasePerfUrlConnection.instrument(new URL(str).openConnection()));
        httpsURLConnection.setRequestProperty("User-Agent", str2);
        httpsURLConnection.setConnectTimeout(30000);
        httpsURLConnection.setReadTimeout(30000);
        s.p("HttpUtils", "getHttpsURLConnection UA : " + str2);
        try {
            TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).init((KeyStore) null);
        } catch (KeyStoreException | NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        }
        return httpsURLConnection;
    }

    private static SSLContext f() {
        SSLContext sSLContext = b;
        if (sSLContext != null) {
            return sSLContext;
        }
        TrustManager[] trustManagerArr = {new a(g())};
        SSLContext sSLContext2 = SSLContext.getInstance("TLS");
        sSLContext2.init(null, trustManagerArr, new SecureRandom());
        b = sSLContext2;
        return sSLContext2;
    }

    public static KeyStore g() {
        if (Build.VERSION.SDK_INT > 21) {
            return null;
        }
        return h(C1722R.raw.tc);
    }

    private static KeyStore h(int i2) {
        try {
            if (a == null) {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                BufferedInputStream bufferedInputStream = new BufferedInputStream(IvuuApplication.d().getResources().openRawResource(i2));
                ArrayList<Certificate> arrayList = new ArrayList();
                try {
                    arrayList.addAll(certificateFactory.generateCertificates(bufferedInputStream));
                    bufferedInputStream.close();
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    a = keyStore;
                    keyStore.load(null, null);
                    int i3 = 0;
                    for (Certificate certificate : arrayList) {
                        a.setCertificateEntry(Integer.toString(i3), certificate);
                        s.d0("HttpUtils", "ca=" + ((X509Certificate) certificate).getSubjectDN());
                        i3++;
                    }
                    s.d0("HttpUtils", "getKeyStore certificate loaded");
                } catch (Throwable th) {
                    bufferedInputStream.close();
                    throw th;
                }
            }
            return a;
        } catch (Exception e2) {
            e2.printStackTrace();
            try {
                KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore2.load(null, null);
                return keyStore2;
            } catch (Exception e3) {
                e3.printStackTrace();
                return null;
            }
        }
    }

    public static void i() {
        try {
            ArrayList arrayList = new ArrayList();
            c = arrayList;
            arrayList.add("DZeoDIuOsiFKOjlSJuB/AAe5EKY1Db4KcvAD1lE3GcI=");
            c.add("Bmg5XAJPJhPDtW8pLIpk8dD0Sgzev7l33E0d28bMvAI=");
        } catch (Exception e2) {
            e2.printStackTrace();
        }
    }

    private static JSONObject j(HttpsURLConnection httpsURLConnection, int i2) {
        String url = httpsURLConnection.getURL().toString();
        int lastIndexOf = url.lastIndexOf("?");
        if (lastIndexOf > 0) {
            url = url.substring(0, lastIndexOf);
        }
        try {
            InputStream errorStream = httpsURLConnection.getErrorStream();
            if (errorStream == null) {
                errorStream = httpsURLConnection.getInputStream();
            }
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(errorStream));
            StringBuffer stringBuffer = new StringBuffer();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine != null) {
                    stringBuffer.append(readLine);
                } else {
                    try {
                        break;
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
            }
            bufferedReader.close();
            JSONObject jSONObject = stringBuffer.toString().length() <= 0 ? new JSONObject() : new JSONObject(stringBuffer.toString());
            jSONObject.put("responseCode", i2);
            jSONObject.put("url", url);
            return jSONObject;
        } catch (Exception e3) {
            e3.printStackTrace();
            JSONObject jSONObject2 = new JSONObject();
            try {
                jSONObject2.put("responseCode", i2);
                jSONObject2.put("url", url);
            } catch (JSONException e4) {
                e4.printStackTrace();
            }
            return jSONObject2;
        }
    }

    public static JSONObject k(String str, int i2) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("responseCode", i2);
            jSONObject.put("url", str);
        } catch (JSONException unused) {
        }
        return jSONObject;
    }

    private static JSONObject l(String str) {
        return k(str, -1);
    }

    public static JSONObject m(String str) {
        if (l1.a1(m1.KVTOKEN_INTERRUPT)) {
            return l(str);
        }
        HttpsURLConnection e2 = e(str);
        e2.setRequestMethod("GET");
        d(e2);
        return j(e2, e2.getResponseCode());
    }

    private static List<X509Certificate> n(X509TrustManagerExtensions x509TrustManagerExtensions, HttpsURLConnection httpsURLConnection) {
        Certificate[] serverCertificates = httpsURLConnection.getServerCertificates();
        try {
            return x509TrustManagerExtensions.checkServerTrusted((X509Certificate[]) Arrays.copyOf(serverCertificates, serverCertificates.length, X509Certificate[].class), "RSA", httpsURLConnection.getURL().getHost());
        } catch (CertificateException e2) {
            throw new SSLException(e2);
        }
    }

    private static void o(X509TrustManagerExtensions x509TrustManagerExtensions, HttpsURLConnection httpsURLConnection) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            String str = "";
            for (X509Certificate x509Certificate : n(x509TrustManagerExtensions, httpsURLConnection)) {
                byte[] encoded = x509Certificate.getPublicKey().getEncoded();
                messageDigest.update(encoded, 0, encoded.length);
                String encodeToString = Base64.encodeToString(messageDigest.digest(), 2);
                str = str + x509Certificate.getSubjectDN().toString() + "\n";
                if (c.contains(encodeToString)) {
                    return;
                }
            }
            throw new SSLPeerUnverifiedException("Invalid server certificate");
        } catch (NoSuchAlgorithmException e2) {
            throw new SSLException(e2);
        }
    }
}
