package de.duenndns.ssl;

import android.app.Activity;
import android.app.Application;
import android.app.Notification;
import android.app.NotificationChannel;
import android.app.NotificationManager;
import android.app.PendingIntent;
import android.app.Service;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.net.Uri;
import android.os.Build;
import android.os.Handler;
import android.util.Log;
import androidx.core.app.NotificationCompat;
import com.zhisland.android.blog.common.base.AppModule;
import com.zhisland.im.R;
import com.zhisland.lib.component.application.ZHApplication;
import com.zhisland.lib.util.StringUtil;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.jivesoftware.smackx.entitycaps.EntityCapsManager;

/* loaded from: classes3.dex */
public class MemorizingTrustManager implements X509TrustManager {
    static final String a = "MemorizingTrustManager";
    public static final String b = "de.duenndns.ssl.INTERCEPT_DECISION";
    public static final String c = "de.duenndns.ssl.INTERCEPT_DECISION.launch_intent";
    static final String d = "de.duenndns.ssl.DECISION";
    static final String e = "de.duenndns.ssl.DECISION.app";
    static final String f = "de.duenndns.ssl.DECISION.decisionId";
    static final String g = "de.duenndns.ssl.DECISION.cert";
    static final String h = "de.duenndns.ssl.DECISION.decisionChoice";
    static String i = "KeyStore";
    static String j = "KeyStore.bks";
    private static final int o = 100509;
    private static int p;
    private static HashMap<Integer, MTMDecision> q = new HashMap<>();
    Context k;
    Activity l;
    NotificationManager m;
    Handler n = new Handler();
    private File r;
    private KeyStore s;
    private X509TrustManager t;
    private X509TrustManager u;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public class LaunchRunnable implements Runnable {
        BroadcastReceiver a;
        private int c;
        private String d;

        public LaunchRunnable(int i, String str) {
            this.c = i;
            this.d = str;
        }

        @Override // java.lang.Runnable
        public void run() {
            Intent intent = new Intent(MemorizingTrustManager.this.k, (Class<?>) MemorizingActivity.class);
            intent.setData(Uri.parse(MemorizingTrustManager.class.getName() + "/" + this.c));
            intent.putExtra(MemorizingTrustManager.e, MemorizingTrustManager.this.k.getPackageName());
            intent.putExtra(MemorizingTrustManager.f, this.c);
            intent.putExtra(MemorizingTrustManager.g, this.d);
            try {
                MemorizingTrustManager.this.b().startActivity(intent);
            } catch (Exception e) {
                Log.e(MemorizingTrustManager.a, "startActivity: " + e);
                this.a = MemorizingTrustManager.this.a(intent, this.d);
            }
        }
    }

    public MemorizingTrustManager(Context context) {
        Application application;
        this.k = context;
        this.m = (NotificationManager) this.k.getSystemService(AppModule.h);
        if (context instanceof Application) {
            application = (Application) context;
        } else if (context instanceof Service) {
            application = ((Service) context).getApplication();
        } else {
            if (!(context instanceof Activity)) {
                throw new ClassCastException("MemorizingTrustManager context must be either Activity or Service!");
            }
            application = ((Activity) context).getApplication();
        }
        this.r = new File(application.getDir(i, 0) + File.separator + j);
        this.s = a();
        this.t = a((KeyStore) null);
        this.u = a(this.s);
    }

    private int a(MTMDecision mTMDecision) {
        int i2;
        synchronized (q) {
            i2 = p;
            q.put(Integer.valueOf(i2), mTMDecision);
            p++;
        }
        return i2;
    }

    private static String a(X509Certificate x509Certificate, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(x509Certificate.getEncoded());
            return a(messageDigest.digest());
        } catch (NoSuchAlgorithmException e2) {
            return e2.getMessage();
        } catch (CertificateEncodingException e3) {
            return e3.getMessage();
        }
    }

    private static String a(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i2 = 0; i2 < bArr.length; i2++) {
            stringBuffer.append(String.format("%02x", Byte.valueOf(bArr[i2])));
            if (i2 < bArr.length - 1) {
                stringBuffer.append(":");
            }
        }
        return stringBuffer.toString();
    }

    private String a(X509Certificate[] x509CertificateArr, CertificateException certificateException) {
        Log.d(a, "certChainMessage for " + certificateException);
        StringBuffer stringBuffer = new StringBuffer();
        if (certificateException.getCause() != null) {
            stringBuffer.append(certificateException.getCause().getLocalizedMessage());
        }
        for (X509Certificate x509Certificate : x509CertificateArr) {
            stringBuffer.append("\n\n");
            stringBuffer.append(x509Certificate.getSubjectDN().toString());
            stringBuffer.append("\nMD5: ");
            stringBuffer.append(a(x509Certificate, "MD5"));
            stringBuffer.append("\nSHA1: ");
            stringBuffer.append(a(x509Certificate, EntityCapsManager.b));
            stringBuffer.append("\nSigned by: ");
            stringBuffer.append(x509Certificate.getIssuerDN().toString());
        }
        return stringBuffer.toString();
    }

    public static void a(Intent intent) {
        MTMDecision mTMDecision;
        int intExtra = intent.getIntExtra(f, 0);
        int intExtra2 = intent.getIntExtra(h, 0);
        Log.d(a, "interactResult: " + intExtra + " chose " + intExtra2);
        StringBuilder sb = new StringBuilder();
        sb.append("openDecisions: ");
        sb.append(q);
        Log.d(a, sb.toString());
        synchronized (q) {
            mTMDecision = q.get(Integer.valueOf(intExtra));
            q.remove(Integer.valueOf(intExtra));
        }
        if (mTMDecision == null) {
            Log.e(a, "interactResult: aborting due to stale decision reference!");
            return;
        }
        synchronized (mTMDecision) {
            mTMDecision.e = intExtra2;
            mTMDecision.notify();
        }
    }

    public static void a(String str, String str2) {
        i = str;
        j = str2;
    }

    private boolean a(Throwable th) {
        while (!(th instanceof CertificateExpiredException)) {
            th = th.getCause();
            if (th == null) {
                return false;
            }
        }
        return true;
    }

    private boolean a(X509Certificate x509Certificate) {
        try {
            return this.s.getCertificateAlias(x509Certificate) != null;
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    public static X509TrustManager[] a(Context context) {
        return new X509TrustManager[]{new MemorizingTrustManager(context)};
    }

    BroadcastReceiver a(Intent intent, final String str) {
        BroadcastReceiver broadcastReceiver = new BroadcastReceiver() { // from class: de.duenndns.ssl.MemorizingTrustManager.1
            @Override // android.content.BroadcastReceiver
            public void onReceive(Context context, Intent intent2) {
                Log.i(MemorizingTrustManager.a, "Interception not done by the application. Send notification");
                MemorizingTrustManager.this.a((PendingIntent) intent2.getParcelableExtra(MemorizingTrustManager.c), str);
            }
        };
        this.k.registerReceiver(broadcastReceiver, new IntentFilter("de.duenndns.ssl.INTERCEPT_DECISION/" + this.k.getPackageName()));
        PendingIntent activity = PendingIntent.getActivity(this.k, 0, intent, 0);
        Intent intent2 = new Intent("de.duenndns.ssl.INTERCEPT_DECISION/" + this.k.getPackageName());
        intent2.putExtra(c, activity);
        this.k.sendOrderedBroadcast(intent2, null);
        return broadcastReceiver;
    }

    KeyStore a() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                keyStore.load(null, null);
                keyStore.load(new FileInputStream(this.r), "MTM".toCharArray());
            } catch (FileNotFoundException unused) {
                Log.i(a, "getAppKeyStore(" + this.r + ") - file does not exist");
            } catch (Exception e2) {
                Log.e(a, "getAppKeyStore(" + this.r + ")", e2);
            }
            return keyStore;
        } catch (KeyStoreException e3) {
            Log.e(a, "getAppKeyStore()", e3);
            return null;
        }
    }

    X509TrustManager a(KeyStore keyStore) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
            return null;
        } catch (Exception e2) {
            Log.e(a, "getTrustManager(" + keyStore + ")", e2);
            return null;
        }
    }

    public void a(Activity activity) {
        this.l = activity;
    }

    void a(PendingIntent pendingIntent, String str) {
        NotificationCompat.Builder b2 = b(null, null);
        b2.e((CharSequence) this.k.getString(R.string.mtm_notification)).a((CharSequence) this.k.getString(R.string.mtm_notification));
        b2.b((CharSequence) str);
        b2.a(android.R.drawable.ic_lock_lock);
        b2.f(true).a(System.currentTimeMillis());
        b2.a(pendingIntent);
        Notification b3 = b2.b();
        b3.ledARGB = -16776961;
        b3.ledOnMS = 1000;
        b3.ledOffMS = 1000;
        b3.flags |= 16;
        b3.defaults = 1;
        this.m.notify(o, b3);
    }

    void a(X509Certificate[] x509CertificateArr) {
        try {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                this.s.setCertificateEntry(x509Certificate.getSubjectDN().toString(), x509Certificate);
            }
            this.u = a(this.s);
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(this.r);
                this.s.store(fileOutputStream, "MTM".toCharArray());
                fileOutputStream.close();
            } catch (Exception e2) {
                Log.e(a, "storeCert(" + this.r + ")", e2);
            }
        } catch (KeyStoreException e3) {
            Log.e(a, "storeCert(" + x509CertificateArr + ")", e3);
        }
    }

    void a(X509Certificate[] x509CertificateArr, String str, CertificateException certificateException) throws CertificateException {
        MTMDecision mTMDecision = new MTMDecision();
        int a2 = a(mTMDecision);
        String a3 = a(x509CertificateArr, certificateException);
        BroadcastReceiver broadcastReceiver = new BroadcastReceiver() { // from class: de.duenndns.ssl.MemorizingTrustManager.2
            @Override // android.content.BroadcastReceiver
            public void onReceive(Context context, Intent intent) {
                MemorizingTrustManager.a(intent);
            }
        };
        this.k.registerReceiver(broadcastReceiver, new IntentFilter("de.duenndns.ssl.DECISION/" + this.k.getPackageName()));
        LaunchRunnable launchRunnable = new LaunchRunnable(a2, a3);
        this.n.post(launchRunnable);
        Log.d(a, "openDecisions: " + q);
        Log.d(a, "waiting on " + a2);
        try {
            synchronized (mTMDecision) {
                mTMDecision.wait();
            }
        } catch (InterruptedException e2) {
            e2.printStackTrace();
        }
        this.k.unregisterReceiver(broadcastReceiver);
        if (launchRunnable.a != null) {
            this.k.unregisterReceiver(launchRunnable.a);
        }
        Log.d(a, "finished wait on " + a2 + ": " + mTMDecision.e);
        int i2 = mTMDecision.e;
        if (i2 != 2) {
            if (i2 != 3) {
                throw certificateException;
            }
            a(x509CertificateArr);
        }
    }

    public void a(X509Certificate[] x509CertificateArr, String str, boolean z) throws CertificateException {
        Log.d(a, "checkCertTrusted(" + x509CertificateArr + ", " + str + ", " + z + ")");
        try {
            Log.d(a, "checkCertTrusted: trying appTrustManager");
            if (z) {
                this.u.checkServerTrusted(x509CertificateArr, str);
            } else {
                this.u.checkClientTrusted(x509CertificateArr, str);
            }
        } catch (CertificateException e2) {
            e2.printStackTrace();
            if (a(e2)) {
                Log.i(a, "checkCertTrusted: accepting expired certificate from keystore");
                return;
            }
            if (a(x509CertificateArr[0])) {
                Log.i(a, "checkCertTrusted: accepting cert already stored in keystore");
                return;
            }
            try {
                Log.d(a, "checkCertTrusted: trying defaultTrustManager");
                if (z) {
                    this.t.checkServerTrusted(x509CertificateArr, str);
                } else {
                    this.t.checkClientTrusted(x509CertificateArr, str);
                }
            } catch (CertificateException e3) {
                e3.printStackTrace();
                a(x509CertificateArr, str, e3);
            }
        }
    }

    Context b() {
        Activity activity = this.l;
        return activity != null ? activity : this.k;
    }

    public NotificationCompat.Builder b(String str, String str2) {
        if (Build.VERSION.SDK_INT < 26) {
            return new NotificationCompat.Builder(ZHApplication.e);
        }
        if (StringUtil.b(str) || StringUtil.b(str2)) {
            str = "miscellaneous";
            str2 = "ZhislandIM";
        }
        NotificationChannel notificationChannel = this.m.getNotificationChannel(str);
        if (notificationChannel == null) {
            notificationChannel = new NotificationChannel(str, str2, 3);
            notificationChannel.setSound(null, null);
            this.m.createNotificationChannel(notificationChannel);
        }
        return new NotificationCompat.Builder(ZHApplication.e, notificationChannel.getId());
    }

    public void b(Activity activity) {
        if (this.l == activity) {
            this.l = null;
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        a(x509CertificateArr, str, false);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        a(x509CertificateArr, str, true);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        Log.d(a, "getAcceptedIssuers()");
        return this.t.getAcceptedIssuers();
    }
}
