package com.manageengine.desktopcentral.Common.Framework.network;

import android.util.Base64;
import android.util.Log;
import com.manageengine.desktopcentral.Common.tracking.TrackingService;
import com.zoho.assist.constants.Constants;
import com.zoho.zanalytics.ZAEvents;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.TuplesKt;
import kotlin.collections.MapsKt;
import kotlin.jvm.JvmStatic;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: SSLCertificateHandlerUtil.kt */
@Metadata(d1 = {"\u0000\\\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n\u0002\u0010\b\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0011\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0007\n\u0002\u0010\u0012\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u000b\n\u0002\b\u0006\u0018\u0000 *2\u00020\u0001:\u0001*B\u0005¢\u0006\u0002\u0010\u0002J\b\u0010\b\u001a\u0004\u0018\u00010\tJ\u001a\u0010\n\u001a\u0004\u0018\u00010\u000b2\u0006\u0010\f\u001a\u00020\u00052\u0006\u0010\r\u001a\u00020\u0005H\u0002J\u000e\u0010\u000e\u001a\u00020\u00062\u0006\u0010\u000f\u001a\u00020\u0005J\u001f\u0010\u0010\u001a\f\u0012\u0006\u0012\u0004\u0018\u00010\u000b\u0018\u00010\u00112\u0006\u0010\u0012\u001a\u00020\u0013H\u0002¢\u0006\u0002\u0010\u0014J\u0014\u0010\u0015\u001a\u0004\u0018\u00010\u000b2\b\u0010\u0016\u001a\u0004\u0018\u00010\u0005H\u0002J\u0014\u0010\u0017\u001a\u0004\u0018\u00010\u000b2\b\u0010\u0018\u001a\u0004\u0018\u00010\u0005H\u0002J\u0012\u0010\u0019\u001a\u0004\u0018\u00010\t2\b\u0010\u001a\u001a\u0004\u0018\u00010\u001bJ\u0018\u0010\u001c\u001a\u00020\u001d2\u0006\u0010\u001e\u001a\u00020\u001f2\u0006\u0010 \u001a\u00020!H\u0002J\u0018\u0010\"\u001a\u00020\u001d2\b\u0010\u001a\u001a\u0004\u0018\u00010\u001f2\u0006\u0010 \u001a\u00020!J\u001a\u0010#\u001a\u00020\u001d2\u0006\u0010\u000f\u001a\u00020\u00052\b\b\u0002\u0010$\u001a\u00020%H\u0007J\u0016\u0010&\u001a\u00020\u001d2\u0006\u0010\u000f\u001a\u00020\u00052\u0006\u0010'\u001a\u00020\u0006J\u000e\u0010(\u001a\u00020\u001d2\u0006\u0010)\u001a\u00020\u001fR*\u0010\u0003\u001a\u001e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020\u00060\u0004j\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020\u0006`\u0007X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006+"}, d2 = {"Lcom/manageengine/desktopcentral/Common/Framework/network/SSLCertificateHandlerUtil;", "", "()V", "counterMap", "Ljava/util/HashMap;", "", "", "Lkotlin/collections/HashMap;", "acceptAllCertificates", "Ljavax/net/ssl/SSLSocketFactory;", "formCertificateFromString", "Ljava/security/cert/Certificate;", "certificateString", Constants.ZB_TYPE, "getCounter", "key", "getIntermediateCertificate", "", "certificateJsonArray", "Lorg/json/JSONArray;", "(Lorg/json/JSONArray;)[Ljava/security/cert/Certificate;", "getRootCertificate", "rootCertificateStr", "getServerCertificate", "serverCertificateStr", "getSocketFactory", "response", "", "getTrustedSSLContext", "", "messageResponse", "Lorg/json/JSONObject;", "handler", "Lcom/manageengine/desktopcentral/Common/Framework/network/SSLContextCreationHandler;", "handleResponse", "resetCounter", "shouldTrack", "", "setCounter", "value", "setJSONBodyForDiscoveryService", "jsonBody", "Companion", "app_remoteaccessplusRelease"}, k = 1, mv = {1, 5, 1}, xi = 48)
/* loaded from: classes2.dex */
public final class SSLCertificateHandlerUtil {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    private static final String INTERMEDIATE_CERTIFICATE = "IntermediateCertificate";
    private static final String ROOT_CERTIFICATE = "RootCertificate";
    private static final String SERVER_CERTIFICATE = "ServerCertificate";
    private static SSLCertificateHandlerUtil instance;
    private final HashMap<String, Integer> counterMap = new HashMap<>();

    /* compiled from: SSLCertificateHandlerUtil.kt */
    @Metadata(d1 = {"\u0000\u001c\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\b\u0010\t\u001a\u00020\bH\u0007R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u0010\u0010\u0007\u001a\u0004\u0018\u00010\bX\u0082\u000e¢\u0006\u0002\n\u0000¨\u0006\n"}, d2 = {"Lcom/manageengine/desktopcentral/Common/Framework/network/SSLCertificateHandlerUtil$Companion;", "", "()V", "INTERMEDIATE_CERTIFICATE", "", "ROOT_CERTIFICATE", "SERVER_CERTIFICATE", "instance", "Lcom/manageengine/desktopcentral/Common/Framework/network/SSLCertificateHandlerUtil;", "getInstance", "app_remoteaccessplusRelease"}, k = 1, mv = {1, 5, 1}, xi = 48)
    /* loaded from: classes2.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        @JvmStatic
        public final SSLCertificateHandlerUtil getInstance() {
            if (SSLCertificateHandlerUtil.instance == null) {
                SSLCertificateHandlerUtil.instance = new SSLCertificateHandlerUtil();
            }
            SSLCertificateHandlerUtil sSLCertificateHandlerUtil = SSLCertificateHandlerUtil.instance;
            if (sSLCertificateHandlerUtil != null) {
                return sSLCertificateHandlerUtil;
            }
            throw new NullPointerException("null cannot be cast to non-null type com.manageengine.desktopcentral.Common.Framework.network.SSLCertificateHandlerUtil");
        }
    }

    private final Certificate formCertificateFromString(String certificateString, String type) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(certificateString, 0));
            BufferedInputStream bufferedInputStream = new BufferedInputStream(byteArrayInputStream);
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(bufferedInputStream);
                Intrinsics.checkNotNullExpressionValue(generateCertificate, "{\n                certificateFactory.generateCertificate(certificateStream)\n            }");
                return generateCertificate;
            } finally {
                byteArrayInputStream.close();
                bufferedInputStream.close();
            }
        } catch (Exception e) {
            if (Intrinsics.areEqual(type, SERVER_CERTIFICATE)) {
                TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.Server_Certificate_Error, MapsKt.hashMapOf(TuplesKt.to("SERVER_CERTIFICATE_CREATION_ERROR", e.toString())));
            }
            if (Intrinsics.areEqual(type, ROOT_CERTIFICATE)) {
                TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.Root_Certificate_Error, MapsKt.hashMapOf(TuplesKt.to("ROOT_CERTIFICATE_CREATION_ERROR", e.toString())));
            }
            if (!Intrinsics.areEqual(type, INTERMEDIATE_CERTIFICATE)) {
                return null;
            }
            TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.Intermediate_Certificate_Error, MapsKt.hashMapOf(TuplesKt.to("INTERMEDIATE_CERTIFICATE_CREATION_ERROR", e.toString())));
            return null;
        }
    }

    @JvmStatic
    public static final SSLCertificateHandlerUtil getInstance() {
        return INSTANCE.getInstance();
    }

    private final Certificate[] getIntermediateCertificate(JSONArray certificateJsonArray) {
        Certificate[] certificateArr = new Certificate[certificateJsonArray.length()];
        int length = certificateJsonArray.length();
        if (length > 0) {
            int i = 0;
            while (true) {
                int i2 = i + 1;
                try {
                    String string = certificateJsonArray.getString(i);
                    if (string != null) {
                        if (string.length() > 0) {
                            certificateArr[i] = formCertificateFromString(string, INTERMEDIATE_CERTIFICATE);
                        }
                    }
                } catch (Exception e) {
                    Log.d("SSLCert creation Error", e.toString());
                }
                if (i2 >= length) {
                    break;
                }
                i = i2;
            }
        }
        return certificateArr;
    }

    private final Certificate getRootCertificate(String rootCertificateStr) {
        if (rootCertificateStr != null) {
            if (rootCertificateStr.length() > 0) {
                return formCertificateFromString(rootCertificateStr, ROOT_CERTIFICATE);
            }
        }
        return (Certificate) null;
    }

    private final Certificate getServerCertificate(String serverCertificateStr) {
        if (serverCertificateStr != null) {
            if (serverCertificateStr.length() > 0) {
                return formCertificateFromString(serverCertificateStr, SERVER_CERTIFICATE);
            }
        }
        return (Certificate) null;
    }

    private final void getTrustedSSLContext(JSONObject messageResponse, SSLContextCreationHandler handler) {
        Certificate certificate;
        Certificate certificate2;
        Certificate formCertificateFromString;
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            String serverCertificateStr = messageResponse.optString(SERVER_CERTIFICATE);
            Intrinsics.checkNotNullExpressionValue(serverCertificateStr, "serverCertificateStr");
            int i = 0;
            if (serverCertificateStr.length() > 0) {
                certificate = formCertificateFromString(serverCertificateStr, SERVER_CERTIFICATE);
                if (certificate != null) {
                    keyStore.setCertificateEntry(SERVER_CERTIFICATE, certificate);
                }
            } else {
                certificate = null;
            }
            String rootCertificateStr = messageResponse.optString(ROOT_CERTIFICATE);
            Intrinsics.checkNotNullExpressionValue(rootCertificateStr, "rootCertificateStr");
            if (rootCertificateStr.length() > 0) {
                certificate2 = formCertificateFromString(rootCertificateStr, ROOT_CERTIFICATE);
                if (certificate2 != null) {
                    keyStore.setCertificateEntry(ROOT_CERTIFICATE, certificate2);
                }
            } else {
                certificate2 = null;
            }
            JSONArray optJSONArray = messageResponse.optJSONArray(INTERMEDIATE_CERTIFICATE);
            ArrayList arrayList = new ArrayList();
            if (optJSONArray != null && optJSONArray.length() > 0 && (r13 = optJSONArray.length()) > 0) {
                int i2 = 0;
                while (true) {
                    int i3 = i2 + 1;
                    String intermediateCertificateStr = optJSONArray.optString(i2);
                    Intrinsics.checkNotNullExpressionValue(intermediateCertificateStr, "intermediateCertificateStr");
                    if ((intermediateCertificateStr.length() > 0) && (formCertificateFromString = formCertificateFromString(intermediateCertificateStr, INTERMEDIATE_CERTIFICATE)) != null) {
                        arrayList.add(formCertificateFromString);
                    }
                    i2 = i3;
                }
            }
            int size = arrayList.size();
            if (size > 0) {
                while (true) {
                    int i4 = i + 1;
                    keyStore.setCertificateEntry(Intrinsics.stringPlus(INTERMEDIATE_CERTIFICATE, Integer.valueOf(i)), (Certificate) arrayList.get(i));
                    if (i4 >= size) {
                        break;
                    } else {
                        i = i4;
                    }
                }
            }
            if ((certificate == null || keyStore.getCertificate(SERVER_CERTIFICATE) == null) && ((certificate2 == null || keyStore.getCertificate(ROOT_CERTIFICATE) == null) && arrayList.isEmpty())) {
                handler.error("ServerCertificate is null;  RootCertificate is null;  IntermediateCertificate is null");
                return;
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            Intrinsics.checkNotNullExpressionValue(socketFactory, "sslContext.socketFactory");
            handler.success(socketFactory);
        } catch (Exception e) {
            handler.error(e.toString());
        }
    }

    public static /* synthetic */ void resetCounter$default(SSLCertificateHandlerUtil sSLCertificateHandlerUtil, String str, boolean z, int i, Object obj) {
        if ((i & 2) != 0) {
            z = false;
        }
        sSLCertificateHandlerUtil.resetCounter(str, z);
    }

    public final SSLSocketFactory acceptAllCertificates() {
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.manageengine.desktopcentral.Common.Framework.network.SSLCertificateHandlerUtil$acceptAllCertificates$trustAllCerts$1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] certs, String authType) {
                    Intrinsics.checkNotNullParameter(certs, "certs");
                    Intrinsics.checkNotNullParameter(authType, "authType");
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] certs, String authType) {
                    Intrinsics.checkNotNullParameter(certs, "certs");
                    Intrinsics.checkNotNullParameter(authType, "authType");
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            HttpsURLConnection.setDefaultHostnameVerifier(new DCHostNameVerifier());
            return sSLContext.getSocketFactory();
        } catch (Exception unused) {
            return null;
        }
    }

    public final int getCounter(String key) {
        Intrinsics.checkNotNullParameter(key, "key");
        Integer num = this.counterMap.get(key);
        if (num == null) {
            return 0;
        }
        return num.intValue();
    }

    public final SSLSocketFactory getSocketFactory(byte[] response) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(response);
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                Intrinsics.checkNotNullExpressionValue(generateCertificate, "{\n                certificateFactory.generateCertificate(certificateInputStream)\n            }");
                byteArrayInputStream.close();
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
                keyStore.setCertificateEntry("ca", generateCertificate);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                return sSLContext.getSocketFactory();
            } catch (Throwable th) {
                byteArrayInputStream.close();
                throw th;
            }
        } catch (Exception e) {
            Log.d("SSLCert creation Error", e.toString());
            return null;
        }
    }

    public final void handleResponse(JSONObject response, final SSLContextCreationHandler handler) {
        Intrinsics.checkNotNullParameter(handler, "handler");
        if (response == null || response.length() == 0) {
            HashMap<String, String> hashMap = new HashMap<>();
            hashMap.put("SSL Certificate API Error", "API response is null");
            TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.SSL_Certificate_API_Error, hashMap);
            handler.error("SSL Certificate API response is null");
            return;
        }
        String optString = response.optString("Status");
        JSONObject optJSONObject = response.optJSONObject("MessageResponse");
        if (optJSONObject != null && optJSONObject.length() != 0) {
            if (Intrinsics.areEqual(optString, "Acknowledged")) {
                TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.SSL_Certificate_API_Success);
            }
            getTrustedSSLContext(optJSONObject, new SSLContextCreationHandler() { // from class: com.manageengine.desktopcentral.Common.Framework.network.SSLCertificateHandlerUtil$handleResponse$1
                @Override // com.manageengine.desktopcentral.Common.Framework.network.SSLContextCreationHandler
                public void error(String errormsg) {
                    Intrinsics.checkNotNullParameter(errormsg, "errormsg");
                    HashMap<String, String> hashMap2 = new HashMap<>();
                    hashMap2.put("SSL Certificate creation Error", errormsg);
                    TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.SSL_Certificate_Creation_Error, hashMap2);
                    SSLContextCreationHandler.this.error(Intrinsics.stringPlus("SSL Certificate creation Error - ", errormsg));
                }

                @Override // com.manageengine.desktopcentral.Common.Framework.network.SSLContextCreationHandler
                public void success(SSLSocketFactory socketFactory) {
                    Intrinsics.checkNotNullParameter(socketFactory, "socketFactory");
                    TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.SSL_Certificate_Creation_Success);
                    SSLContextCreationHandler.this.success(socketFactory);
                }
            });
            return;
        }
        HashMap<String, String> hashMap2 = new HashMap<>();
        HashMap<String, String> hashMap3 = hashMap2;
        hashMap3.put("SSL Certificate API Error", "API - MessageResponse is null or empty");
        String jSONObject = response.toString();
        Intrinsics.checkNotNullExpressionValue(jSONObject, "response.toString()");
        hashMap3.put("SSL Certificate API response", jSONObject);
        TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.SSL_Certificate_API_Error, hashMap2);
        handler.error("SSL Certificate API - MessageResponse is null or empty");
    }

    public final void resetCounter(String key) {
        Intrinsics.checkNotNullParameter(key, "key");
        resetCounter$default(this, key, false, 2, null);
    }

    public final void resetCounter(String key, boolean shouldTrack) {
        Intrinsics.checkNotNullParameter(key, "key");
        if (getCounter(key) == 2 && shouldTrack) {
            TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.SSL_Certificate_Looping_Problem);
        }
        this.counterMap.put(key, 0);
    }

    public final void setCounter(String key, int value) {
        Intrinsics.checkNotNullParameter(key, "key");
        this.counterMap.put(key, Integer.valueOf(value));
    }

    public final void setJSONBodyForDiscoveryService(JSONObject jsonBody) {
        Intrinsics.checkNotNullParameter(jsonBody, "jsonBody");
        try {
            jsonBody.put("MessageType", "CertificateRequest");
            jsonBody.put("AgentType", "AndroidAgent");
            jsonBody.put("MsgRequestType", "CertificateRequest");
            jsonBody.put("DevicePlatform", "Android");
            jsonBody.put("MessageVersion", "1.0");
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("Request", "NewCertificate");
            jsonBody.put("Message", jSONObject);
        } catch (JSONException e) {
            HashMap<String, String> hashMap = new HashMap<>();
            hashMap.put("SSL Certificate API - set Json body error", e.toString());
            TrackingService.INSTANCE.addEvent(ZAEvents.SSL_Certificate.SSL_Certificate_API_Error, hashMap);
        }
    }
}
