package edu.berkeley.icsi.netalyzr.tests.tls;

import android.util.Base64;
import android.util.Log;
import edu.berkeley.icsi.netalyzr.localization.Localization;
import edu.berkeley.icsi.netalyzr.tests.Test;
import edu.berkeley.icsi.netalyzr.tests.TestState;
import edu.berkeley.icsi.netalyzr.tests.http.HTTPUtils;
import java.io.IOException;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.cert.CertificateEncodingException;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes.dex */
public class TLSCertOneShotTest extends Test {
    private static final String TAG = "TLSTEST";
    private static ArrayList<TLSDomain> d = new ArrayList<>();
    private static final boolean debug = false;
    X509TrustManager passthroughTrustManager;

    /* loaded from: classes.dex */
    class TLSChainChecker implements Runnable {
        private String domain;
        private Integer port;

        public TLSChainChecker(Integer num, String str) {
            this.port = num;
            this.domain = str;
        }

        @Override // java.lang.Runnable
        public void run() {
            TLSCertOneShotTest.this.verifyCertManually(this.port, this.domain);
        }
    }

    public TLSCertOneShotTest(String str) {
        super(str);
        this.passthroughTrustManager = new X509TrustManager() { // from class: edu.berkeley.icsi.netalyzr.tests.tls.TLSCertOneShotTest.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
    }

    protected static String convertToPem(X509Certificate x509Certificate) throws CertificateEncodingException {
        try {
            return String.valueOf("-----BEGIN CERTIFICATE-----\n") + Base64.encodeToString(x509Certificate.getEncoded(), 0) + "-----END CERTIFICATE-----";
        } catch (java.security.cert.CertificateEncodingException e) {
            e.printStackTrace();
            return StringUtils.EMPTY;
        }
    }

    @Override // edu.berkeley.icsi.netalyzr.tests.Test
    public void init() {
        this.idleMsg = Localization.getLocalString(this.testName);
        d.add(new TLSDomain(443, "www.google.com"));
        d.add(new TLSDomain(443, "www.yahoo.com"));
        d.add(new TLSDomain(443, "gmail.com"));
        d.add(new TLSDomain(443, "mail.google.com"));
        d.add(new TLSDomain(443, "google-analytics.com"));
        d.add(new TLSDomain(443, "play.google.com"));
        d.add(new TLSDomain(443, "www.skype.com"));
        d.add(new TLSDomain(443, "www.facebook.com"));
        d.add(new TLSDomain(443, "www.twitter.com"));
        d.add(new TLSDomain(443, "www.icsi.berkeley.edu"));
        d.add(new TLSDomain(443, "www.bankofamerica.com"));
        d.add(new TLSDomain(443, "www.chase.com"));
        d.add(new TLSDomain(7275, "supl.google.com"));
        d.add(new TLSDomain(8883, "orcart.facebook.com"));
        d.add(new TLSDomain(443, "orcart.facebook.com"));
        d.add(new TLSDomain(443, "www.akamai.com"));
        d.add(new TLSDomain(993, "mailhost.icsi.berkeley.edu"));
        d.add(new TLSDomain(995, "mailhost.icsi.berkeley.edu"));
    }

    @Override // edu.berkeley.icsi.netalyzr.tests.Test
    public int runImpl() throws IOException {
        Iterator<TLSDomain> it = d.iterator();
        while (it.hasNext()) {
            TLSDomain next = it.next();
            Integer num = next.port;
            String str = next.domain;
            try {
                new Thread(new TLSChainChecker(num, str)).start();
            } catch (Exception e) {
                Log.i(TAG, "Exception verifying cert manually for domain " + str + " : " + num + " = ", e);
            }
        }
        return 4;
    }

    public void uploadRawCertificateChain(X509Certificate[] x509CertificateArr, String str, Integer num) {
        for (int i = 0; i < x509CertificateArr.length; i++) {
            try {
                HTTPUtils.doHTTPPost("http://" + HTTPUtils.getHTTPServerName() + "/upload/id=" + TestState.agentID + "/key=" + str + "_" + num + "_cert" + (x509CertificateArr.length - i), String.valueOf(convertToPem(x509CertificateArr[i])) + "\n");
            } catch (Exception e) {
            }
        }
    }

    public void verifyCertManually(Integer num, String str) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            try {
                sSLContext.init(null, new TrustManager[]{this.passthroughTrustManager}, null);
                SSLSocket sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, num.intValue());
                sSLSocket.startHandshake();
                X509Certificate[] x509CertificateArr = (X509Certificate[]) sSLSocket.getSession().getPeerCertificates();
                uploadRawCertificateChain(x509CertificateArr, str, num);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init((KeyStore) null);
                try {
                    ((X509TrustManager) trustManagerFactory.getTrustManagers()[0]).checkServerTrusted(x509CertificateArr, "RSA");
                } catch (CertificateException e) {
                }
            } catch (UnknownHostException e2) {
                e2.printStackTrace();
                Log.i(TAG, "UnknownHostException " + str + " : ", e2);
            } catch (IOException e3) {
                e3.printStackTrace();
                Log.i(TAG, "IOException " + str + " : ", e3);
            } catch (KeyManagementException e4) {
                Log.i(TAG, "KeyManagementException " + str + " : ", e4);
            } catch (Exception e5) {
                e5.printStackTrace();
                Log.i(TAG, "Exception " + str + " : ", e5);
            }
        } catch (NoSuchAlgorithmException e6) {
            Log.i(TAG, "NoSuchAlgorithmException " + str + ":" + num + " = ", e6);
            e6.printStackTrace();
        }
    }
}
