package e5;

import android.app.Activity;
import android.net.http.X509TrustManagerExtensions;
import android.os.Build;
import android.util.Base64;
import android.util.Log;
import java.net.URLConnection;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class b implements h5.a {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class a implements Runnable {

        /* renamed from: v, reason: collision with root package name */
        final /* synthetic */ Activity f6641v;

        a(Activity activity) {
            this.f6641v = activity;
        }

        @Override // java.lang.Runnable
        public void run() {
            HttpsURLConnection C;
            try {
                if (!h5.c.p(this.f6641v) || (C = h5.b.C(h5.b.d(com.manageengine.adssp.passwordselfservice.a.a(this.f6641v)), this.f6641v)) == null) {
                    return;
                }
                C.connect();
                h5.b.M0(this.f6641v, "PUBLIC_KEY_PIN", b.c(C));
            } catch (Exception e8) {
                e8.printStackTrace();
            }
        }
    }

    public static boolean a(URLConnection uRLConnection, Activity activity) {
        if (uRLConnection.getURL().getQuery() == null) {
            return false;
        }
        boolean contains = uRLConnection.getURL().getQuery().contains("operation=isServerAlive");
        boolean z7 = uRLConnection instanceof HttpsURLConnection;
        if (z7 && e(activity) && d(activity) && !contains && !k(activity, uRLConnection)) {
            h5.b.M0(activity, "AUTH_TOKEN", "");
            return true;
        }
        if (!z7 || !f(activity) || contains || b(activity, uRLConnection)) {
            return false;
        }
        h5.b.M0(activity, "AUTH_TOKEN", "");
        return true;
    }

    public static boolean b(Activity activity, URLConnection uRLConnection) {
        try {
            Certificate[] serverCertificates = ((HttpsURLConnection) uRLConnection).getServerCertificates();
            X509Certificate[] x509CertificateArr = (X509Certificate[]) Arrays.copyOf(serverCertificates, serverCertificates.length, X509Certificate[].class);
            String host = uRLConnection.getURL().getHost();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            X509TrustManager x509TrustManager = null;
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i8 = 0;
            while (true) {
                if (i8 >= length) {
                    break;
                }
                TrustManager trustManager = trustManagers[i8];
                if (trustManager instanceof X509TrustManager) {
                    x509TrustManager = (X509TrustManager) trustManager;
                    break;
                }
                i8++;
            }
            X509TrustManagerExtensions x509TrustManagerExtensions = new X509TrustManagerExtensions(x509TrustManager);
            if (j(x509TrustManagerExtensions, x509CertificateArr, host)) {
                return true;
            }
            return g(x509TrustManagerExtensions, x509CertificateArr);
        } catch (Exception e8) {
            e8.printStackTrace();
            return false;
        }
    }

    public static String c(URLConnection uRLConnection) {
        try {
            Certificate[] serverCertificates = ((HttpsURLConnection) uRLConnection).getServerCertificates();
            byte[] encoded = ((X509Certificate[]) Arrays.copyOf(serverCertificates, serverCertificates.length, X509Certificate[].class))[0].getPublicKey().getEncoded();
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(encoded, 0, encoded.length);
            return Base64.encodeToString(messageDigest.digest(), 2);
        } catch (Exception e8) {
            Log.d("ADSSPApplication", "Exception occurred :" + e8);
            return " ";
        }
    }

    public static boolean d(Activity activity) {
        return h5.b.u(activity, "PUBLIC_KEY_PIN").length() > 0;
    }

    public static boolean e(Activity activity) {
        return h5.b.u(activity, "FORCE_SSL_PINNING").equalsIgnoreCase("true");
    }

    public static boolean f(Activity activity) {
        return h5.b.u(activity, "FORCE_TLS_VALIDATION").equalsIgnoreCase("true");
    }

    public static boolean g(X509TrustManagerExtensions x509TrustManagerExtensions, X509Certificate[] x509CertificateArr) {
        if (Build.VERSION.SDK_INT >= 21) {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                if (x509TrustManagerExtensions.isUserAddedCertificate(x509Certificate)) {
                    return true;
                }
            }
        }
        return false;
    }

    public static void h(Activity activity) {
        try {
            new Thread(new a(activity)).start();
        } catch (Exception e8) {
            e8.printStackTrace();
        }
    }

    public static void i(JSONObject jSONObject, boolean z7, Activity activity) {
        if (jSONObject.has("FORCE_SSL_PINNING")) {
            h5.b.M0(activity, "FORCE_SSL_PINNING", jSONObject.optString("FORCE_SSL_PINNING", "false"));
            if (jSONObject.optBoolean("FORCE_SSL_PINNING", false) && ((com.manageengine.adssp.passwordselfservice.a.c(activity) && !z7) || (com.manageengine.adssp.passwordselfservice.a.c(activity) && z7 && !d(activity)))) {
                h(activity);
            }
        } else {
            h5.b.M0(activity, "FORCE_SSL_PINNING", "false");
        }
        if (jSONObject.has("FORCE_TLS_VALIDATION")) {
            h5.b.M0(activity, "FORCE_TLS_VALIDATION", jSONObject.optString("FORCE_TLS_VALIDATION", "false"));
        } else {
            h5.b.M0(activity, "FORCE_TLS_VALIDATION", "false");
        }
    }

    public static boolean j(X509TrustManagerExtensions x509TrustManagerExtensions, X509Certificate[] x509CertificateArr, String str) {
        try {
            x509TrustManagerExtensions.checkServerTrusted(x509CertificateArr, "RSA", str);
            return true;
        } catch (Exception e8) {
            e8.printStackTrace();
            return false;
        }
    }

    public static boolean k(Activity activity, URLConnection uRLConnection) {
        try {
            return h5.b.u(activity, "PUBLIC_KEY_PIN").equals(c(uRLConnection));
        } catch (Exception e8) {
            e8.printStackTrace();
            return true;
        }
    }
}
