package com.konylabs.api.net;

import android.net.http.X509TrustManagerExtensions;
import android.util.Base64;
import android.util.Log;
import com.kony.binarydatamanager.constant.BinaryDataManagerConstants;
import com.kony.logger.Constants.LoggerConstants;
import com.konylabs.android.KonyApplication;
import com.konylabs.android.KonyMain;
import com.konylabs.api.util.CommonUtil;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import java.util.Set;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.json.JSONArray;
import org.json.JSONObject;

/* compiled from: UnknownSource */
/* loaded from: classes2.dex */
public final class q {
    private static String TAG = "KonyPublicKeyPinningManager";
    private static boolean tv = false;
    private static HashMap<String, Set<String>> tx = new HashMap<>();
    private static HashMap<String, Set<String>> ty = new HashMap<>();
    private static HashMap<String, Set<String>> tz = new HashMap<>();
    private X509TrustManagerExtensions tw = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    public q() {
        if (KonyMain.mSDKVersion >= 17) {
            fk();
        }
    }

    private static boolean a(ArrayList<String> arrayList, Set<String> set) {
        Iterator<String> it = arrayList.iterator();
        boolean z = false;
        while (it.hasNext()) {
            if (set.contains(it.next())) {
                z = true;
            }
        }
        return z;
    }

    private static ArrayList<String> b(List<X509Certificate> list) {
        ArrayList<String> arrayList = new ArrayList<>();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(BinaryDataManagerConstants.SHA_256);
            Iterator<X509Certificate> it = list.iterator();
            while (it.hasNext()) {
                byte[] encoded = it.next().getPublicKey().getEncoded();
                messageDigest.update(encoded, 0, encoded.length);
                arrayList.add(Base64.encodeToString(messageDigest.digest(), 2));
            }
        } catch (NoSuchAlgorithmException e) {
            KonyApplication.G().c(0, TAG, Log.getStackTraceString(e));
        }
        return arrayList;
    }

    private static void fj() {
        String str = "certs/public_keys.json";
        if (KonyApplication.isUniversalApp && KonyApplication.isTabletDevice) {
            str = "tab/certs/public_keys.json";
        }
        try {
            InputStream open = KonyMain.getAppContext().getAssets().open(str);
            byte[] bArr = new byte[open.available()];
            int read = open.read(bArr);
            open.close();
            if (read == -1) {
                KonyApplication.G().c(2, TAG, "Error while reading " + str + ". File is empty");
                return;
            }
            tx.clear();
            ty.clear();
            tz.clear();
            JSONObject jSONObject = new JSONObject(new String(bArr, "UTF-8"));
            Iterator<String> keys = jSONObject.keys();
            while (keys.hasNext()) {
                String next = keys.next();
                if (i.ad(next)) {
                    HashSet hashSet = new HashSet();
                    Object obj = jSONObject.get(next);
                    if (obj instanceof JSONArray) {
                        JSONArray jSONArray = jSONObject.getJSONArray(next);
                        int length = jSONArray.length();
                        for (int i = 0; i < length; i++) {
                            try {
                                Object obj2 = jSONArray.get(i);
                                if (obj2 instanceof String) {
                                    hashSet.add(obj2.toString());
                                } else if (obj2 != null) {
                                    KonyApplication.G().c(0, TAG, "Provided Pin value = " + obj2.toString() + " should be of type string for domain :: " + next);
                                }
                            } catch (Exception e) {
                            }
                        }
                    } else if (obj instanceof String) {
                        hashSet.add(obj.toString());
                    } else if (obj != null) {
                        KonyApplication.G().c(0, TAG, "Provided Pin/Pins set = " + obj.toString() + " should be of type array or string for domain :: " + next);
                    }
                    if (next.startsWith("*.")) {
                        ty.put(next.substring(next.indexOf(".") + 1).toLowerCase(Locale.ENGLISH), hashSet);
                    } else {
                        tx.put(next.toLowerCase(Locale.ENGLISH), hashSet);
                    }
                }
            }
        } catch (Exception e2) {
            KonyApplication.G().c(2, TAG, "Error while reading " + str + " , " + e2.getMessage());
        }
    }

    private void fk() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            X509TrustManager x509TrustManager = null;
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    x509TrustManager = (X509TrustManager) trustManager;
                    break;
                }
                i++;
            }
            this.tw = new X509TrustManagerExtensions(x509TrustManager);
        } catch (Exception e) {
            KonyApplication.G().c(2, TAG, "Error while configuring KonyPublicKeyPinningManager. " + e.getMessage());
        }
    }

    public static void fl() throws IOException {
        Properties properties = new Properties();
        try {
            r1 = KonyMain.getAppType() == 3 ? com.konylabs.android.a.i() : null;
            if (r1 == null) {
                r1 = (KonyApplication.isUniversalApp && KonyApplication.isTabletDevice) ? KonyApplication.getAppContext().getAssets().open("tab/application.properties") : KonyApplication.getAppContext().getAssets().open(LoggerConstants.FILE_APPLICATION_PROPERTIES);
            }
            properties.load(r1);
            String property = properties.getProperty("NetworkTrustConfig");
            if (property != null && property.trim().equals("Allow Pinned")) {
                tv = true;
                fj();
            }
        } finally {
            CommonUtil.a(r1);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean fm() {
        return tv;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void a(HttpsURLConnection httpsURLConnection) throws Exception {
        if (tv) {
            String host = httpsURLConnection.getURL().getHost();
            Certificate[] serverCertificates = httpsURLConnection.getServerCertificates();
            X509Certificate[] x509CertificateArr = (X509Certificate[]) Arrays.copyOf(serverCertificates, serverCertificates.length, X509Certificate[].class);
            List<X509Certificate> asList = Arrays.asList(x509CertificateArr);
            if (KonyMain.mSDKVersion >= 17) {
                asList = this.tw.checkServerTrusted(x509CertificateArr, "RSA", host);
            }
            String lowerCase = host.toLowerCase(Locale.ENGLISH);
            ArrayList<String> b = b(asList);
            Set<String> set = tx.get(lowerCase);
            boolean z = false;
            boolean a = set != null ? a(b, set) : false;
            int length = lowerCase.split("\\.").length;
            if (!a && length >= 2) {
                synchronized (tz) {
                    Set<String> set2 = tz.get(lowerCase);
                    if (set2 != null) {
                        z = a(b, set2);
                    } else {
                        HashSet hashSet = new HashSet();
                        Set<String> keySet = ty.keySet();
                        String substring = length == 2 ? lowerCase : lowerCase.substring(lowerCase.indexOf(".") + 1);
                        Iterator<String> it = keySet.iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            String next = it.next();
                            if (substring.equals(next)) {
                                hashSet.addAll(ty.get(next));
                                break;
                            }
                        }
                        if (hashSet.size() != 0) {
                            tz.put(lowerCase, hashSet);
                            z = a(b, hashSet);
                        }
                    }
                }
                a = z;
            }
            if (!a) {
                throw new SSLPeerUnverifiedException("Pin verification failed\n");
            }
        }
    }
}
