package com.trendmicro.tmmssuite.security;

import android.content.Context;
import android.content.SharedPreferences;
import android.net.ConnectivityManager;
import android.net.NetworkInfo;
import android.net.Uri;
import android.util.Log;
import android.util.Xml;
import com.trendmicro.tmmssuite.security.BaseSecurityCheck;
import com.trendmicro.tmmssuite.setting.b;
import com.trendmicro.tmmssuite.util.h;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import org.xmlpull.v1.XmlPullParser;

/* loaded from: classes.dex */
public class MitmCheck extends BaseSecurityCheck implements BaseSecurityCheck.a {
    public String LOG_TAG;

    public MitmCheck(SecurityInfo securityInfo, Context context) {
        super(securityInfo, context);
        this.LOG_TAG = "MitmCheck";
    }

    private KeyStore a(Context context) {
        KeyStore keyStore = null;
        try {
            File file = new File(context.getFilesDir() + h.a);
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            if (file.exists()) {
                File[] listFiles = file.listFiles();
                int length = listFiles.length;
                int i = 0;
                int i2 = 0;
                while (i < length) {
                    FileInputStream fileInputStream = new FileInputStream(listFiles[i]);
                    keyStore.setCertificateEntry("ca" + i2, CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream));
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    i++;
                    i2++;
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return keyStore;
    }

    private void a(int i, X509Certificate x509Certificate) {
        Log.d(this.LOG_TAG, "start malicious certificate handle");
        if (!new b(this.b).z()) {
            Log.d(this.LOG_TAG, "malicious certificate scan is disabled");
            return;
        }
        SharedPreferences.Editor edit = this.b.getSharedPreferences(c, 0).edit();
        if (i == SecurityInfo.s) {
            String b = b(x509Certificate.getIssuerDN().getName());
            String b2 = b(x509Certificate.getSubjectDN().getName());
            long j = 0;
            String str = "";
            try {
                j = x509Certificate.getNotAfter().getTime() / 1000;
                str = x509Certificate.getSerialNumber().toString();
            } catch (Exception e) {
                e.printStackTrace();
            }
            edit.putString(SecurityInfo.u, b);
            edit.putString(SecurityInfo.v, b2);
            edit.putString(SecurityInfo.x, b + "_" + str);
            edit.putLong(SecurityInfo.w, j);
        }
        edit.putInt("malicious_cert", i);
        edit.commit();
        Log.d(this.LOG_TAG, "end malicious certificate handle");
    }

    private static boolean a(int i, int i2, String str) {
        if (i == 1 && str.charAt(i - 1) == '\\') {
            return true;
        }
        if (i > 1 && str.charAt(i - 1) == '\\' && str.charAt(i - 2) != '\\') {
            return true;
        }
        if (i <= 1 || str.charAt(i - 1) != '\\' || str.charAt(i - 2) != '\\') {
            return false;
        }
        int i3 = 0;
        for (int i4 = i - 1; i4 >= i2; i4--) {
            if (str.charAt(i4) == '\\') {
                i3++;
            }
        }
        return i3 % 2 != 0;
    }

    private String b(String str) {
        int indexOf = str.indexOf(44);
        String str2 = "";
        int i = 0;
        int i2 = 0;
        while (true) {
            if (indexOf < 0) {
                break;
            }
            if (indexOf > 0 && !a(indexOf, i2, str)) {
                String substring = str.substring(i, indexOf);
                String[] split = substring.split("=");
                if (split.length >= 2 && split[0].trim().equals("CN")) {
                    str2 = substring.substring(substring.indexOf("=") + 1);
                    break;
                }
                i = indexOf + 1;
            }
            i2 = indexOf + 1;
            indexOf = str.indexOf(44, i2);
        }
        if (!str2.equals("")) {
            return str2;
        }
        String substring2 = str.substring(i);
        String[] split2 = substring2.split("=");
        return (split2.length < 2 || !split2[0].trim().equals("CN")) ? str2 : substring2.substring(substring2.indexOf("=") + 1);
    }

    private void b() {
        Log.d(this.LOG_TAG, "start ssl strip check");
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("http://rest.mars.trendmicro.com/check.html").openConnection();
            httpURLConnection.setRequestMethod("GET");
            httpURLConnection.setConnectTimeout(5000);
            if (httpURLConnection.getResponseCode() == 200) {
                ArrayList arrayList = new ArrayList();
                InputStream inputStream = httpURLConnection.getInputStream();
                XmlPullParser newPullParser = Xml.newPullParser();
                newPullParser.setInput(inputStream, "UTF-8");
                int eventType = newPullParser.getEventType();
                while (eventType != 1) {
                    switch (eventType) {
                        case 2:
                            if (newPullParser.getName().equals("a") && newPullParser.getAttributeValue(null, "class").equals("Trendmicro")) {
                                String attributeValue = newPullParser.getAttributeValue(null, "href");
                                if (!Uri.parse(attributeValue.trim()).getScheme().equalsIgnoreCase("https")) {
                                    arrayList.add(attributeValue);
                                }
                            }
                            eventType = newPullParser.next();
                            break;
                        default:
                            eventType = newPullParser.next();
                            break;
                    }
                }
                if (inputStream != null) {
                    inputStream.close();
                }
                if (arrayList.size() > 0) {
                    this.a.c |= SecurityInfo.q;
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (this.a.c > 0 && new b(this.b).i()) {
            SecurityUtil.a(this.b, SecurityInfo.r);
        }
        Log.d(this.LOG_TAG, "end ssl strip check");
    }

    @Override // com.trendmicro.tmmssuite.security.BaseSecurityCheck
    public void a() {
        a("https://rest.mars.trendmicro.com");
    }

    public void a(String str) {
        NetworkInfo activeNetworkInfo = ((ConnectivityManager) this.b.getSystemService("connectivity")).getActiveNetworkInfo();
        if (activeNetworkInfo != null && activeNetworkInfo.isConnected() && activeNetworkInfo.isAvailable()) {
            SecurityUtil.a(this.b, "mitm_wifi", "mitm_cellular");
            try {
                URL url = new URL(str);
                if (url.getProtocol().toLowerCase().equals("https")) {
                    HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
                    httpsURLConnection.setHostnameVerifier(new HostnameVerifier() { // from class: com.trendmicro.tmmssuite.security.MitmCheck.1
                        @Override // javax.net.ssl.HostnameVerifier
                        public boolean verify(String str2, SSLSession sSLSession) {
                            boolean verify = HttpsURLConnection.getDefaultHostnameVerifier().verify(str2, sSLSession);
                            Log.d(MitmCheck.this.LOG_TAG, "hostname verify result is " + verify);
                            return verify;
                        }
                    });
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    sSLContext.init(null, new TrustManager[]{new MitmTrustManager(this, a(this.b))}, new SecureRandom());
                    httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
                    httpsURLConnection.setRequestMethod("GET");
                    httpsURLConnection.setConnectTimeout(5000);
                    Log.d(this.LOG_TAG, "response is " + httpsURLConnection.getResponseCode());
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    @Override // com.trendmicro.tmmssuite.security.BaseSecurityCheck.a
    public void a(boolean z, boolean z2, X509Certificate x509Certificate) {
        if (z2) {
            this.a.c |= SecurityInfo.o;
            a(SecurityInfo.t, x509Certificate);
        } else {
            this.a.c |= SecurityInfo.p;
            if (z) {
                a(SecurityInfo.s, x509Certificate);
            } else {
                a(SecurityInfo.t, x509Certificate);
            }
        }
        b();
    }
}
