package mma.security.component.certificate.root;

import android.content.Context;
import android.os.AsyncTask;
import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.InvalidKeyException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import mma.security.component.BuildConfig;
import mma.security.component.certificate.exception.HandshakeCertificateChainNotFoundException;
import mma.security.component.certificate.exception.HttpConnectException;
import mma.security.component.certificate.exception.NoInternetException;
import mma.security.component.certificate.exception.ParameterWithHostNameNotFoundException;
import mma.security.component.certificate.exception.ParameterWithRootCertificateNotFoundException;
import mma.security.component.certificate.obj.CertificateObj;
import mma.security.component.certificate.obj.CertificatePinningLevel;
import mma.security.component.certificate.obj.CertificateVerifyIntegrity;
import mma.security.component.certificate.obj.CertificateVerifyType;
import mma.security.component.certificate.obj.RootCertificatePinningBundle;
import mma.security.component.certificate.obj.ServerEnabledProtocol;
import mma.security.component.http.TLSSocketFactory;
import mma.security.component.http.obj.HttpsCode;
import mma.security.component.mtk.MobileUtil;
import org.apache.http.conn.ConnectTimeoutException;

/* loaded from: classes.dex */
public class CertificateTaskWithRoot extends AsyncTask<String, Integer, Boolean> {
    public static boolean IS_SAVE_CERTIFICATE_INTO_SQLITE = true;
    private String mCN;
    private CertificatePinningLevel mCertificatePinningLevel;
    private CertificateVerifyIntegrity mCertificateVerifyIntegrity;
    private CertificateVerifyType mCertificateVerifyType;
    private Context mContext;
    private String mExtraData;
    private boolean mIsSave2SQLite;
    private String mLocalRootCertificateName;
    private Handler mReturnHandler;
    private InputStream mRootCaInputStream;
    private ServerEnabledProtocol mServerEnabledProtocol;
    private String mHostName = BuildConfig.FLAVOR;
    private int mPort = CertificateObj.mHTTPS_PORT;
    private Message mMessage = null;
    private int mTimeout = CertificateObj.mTIMEOUT;

    public CertificateTaskWithRoot(Context context, RootCertificatePinningBundle rootCertificatePinningBundle) {
        this.mContext = null;
        this.mCertificatePinningLevel = CertificatePinningLevel.Default;
        this.mLocalRootCertificateName = BuildConfig.FLAVOR;
        this.mCN = BuildConfig.FLAVOR;
        this.mRootCaInputStream = null;
        this.mServerEnabledProtocol = ServerEnabledProtocol.TLSv11_TLSv12;
        this.mCertificateVerifyType = CertificateVerifyType.Default;
        this.mCertificateVerifyIntegrity = CertificateVerifyIntegrity.Default;
        this.mExtraData = BuildConfig.FLAVOR;
        this.mIsSave2SQLite = true;
        this.mReturnHandler = null;
        this.mContext = context;
        this.mCertificatePinningLevel = rootCertificatePinningBundle.get_mCertificatePinningLevel();
        this.mLocalRootCertificateName = rootCertificatePinningBundle.get_mLocalRootCertificateName();
        this.mCN = rootCertificatePinningBundle.get_mCN();
        this.mRootCaInputStream = rootCertificatePinningBundle.get_mRootCaInputStream();
        this.mServerEnabledProtocol = rootCertificatePinningBundle.get_mServerEnabledProtocol();
        this.mCertificateVerifyType = rootCertificatePinningBundle.get_mCertificateVerifyType();
        this.mCertificateVerifyIntegrity = rootCertificatePinningBundle.get_mCertificateVerifyIntegrity();
        this.mExtraData = rootCertificatePinningBundle.get_mExtraData();
        this.mIsSave2SQLite = rootCertificatePinningBundle.is_mIsSave2SQLite();
        this.mReturnHandler = rootCertificatePinningBundle.get_mReturnHandler();
    }

    private boolean checkParameters(String... strArr) {
        Exception parameterWithRootCertificateNotFoundException;
        if (MobileUtil.CheckInternet(this.mContext)) {
            this.mHostName = strArr.length > 0 ? strArr[0] : BuildConfig.FLAVOR;
            if ((this.mHostName == null) || BuildConfig.FLAVOR.equals(this.mHostName)) {
                parameterWithRootCertificateNotFoundException = new ParameterWithHostNameNotFoundException();
            } else {
                this.mPort = 1 < strArr.length ? Integer.parseInt(strArr[1]) : this.mPort;
                this.mTimeout = 2 < strArr.length ? Integer.parseInt(strArr[2]) : this.mTimeout;
                if (this.mRootCaInputStream != null) {
                    return true;
                }
                parameterWithRootCertificateNotFoundException = new ParameterWithRootCertificateNotFoundException();
            }
        } else {
            parameterWithRootCertificateNotFoundException = new NoInternetException();
        }
        handleErrorStatus(parameterWithRootCertificateNotFoundException);
        return false;
    }

    private void handleErrorMessage(int i, Exception exc) {
        String str;
        if (this.mReturnHandler == null || this.mMessage != null) {
            return;
        }
        this.mMessage = new Message();
        Message message = this.mMessage;
        message.what = i;
        if (exc.getMessage() == null || BuildConfig.FLAVOR.equals(exc.getMessage())) {
            str = BuildConfig.FLAVOR + exc;
        } else {
            str = exc.getMessage();
        }
        message.obj = str;
    }

    private void handleErrorStatus(Exception exc) {
        handleErrorMessage(exc instanceof NoInternetException ? HttpsCode.EXCEPTIONCODE_NO_INTERNET : exc instanceof ParameterWithHostNameNotFoundException ? HttpsCode.EXCEPTIONCODE_PARAMETER_HOSTNAME_NOT_FOUND : exc instanceof ParameterWithRootCertificateNotFoundException ? HttpsCode.EXCEPTIONCODE_PARAMETER_ROOT_CERTIFICATE_NOT_FOUND : exc instanceof HandshakeCertificateChainNotFoundException ? HttpsCode.EXCEPTIONCODE_HANDSHAKE_CERTIFICATE_CHAIN_NOT_FOUND : exc instanceof UnknownHostException ? HttpsCode.EXCEPTIONCODE_UNKNOWN_HOST_EXCEPTION : exc instanceof SocketTimeoutException ? HttpsCode.EXCEPTIONCODE_SOCKET_TIMEOUT_EXCEPTION : exc instanceof ConnectTimeoutException ? HttpsCode.EXCEPTIONCODE_CONNECT_TIMEOUT_EXCEPTION : exc instanceof IOException ? HttpsCode.EXCEPTIONCODE_IO_EXCEPTION : exc instanceof HttpConnectException ? ((HttpConnectException) exc).getResponseCode() : HttpsCode.EXCEPTIONCODE, exc);
    }

    private void handleSuccessStatus() {
        if (this.mReturnHandler != null) {
            this.mMessage = new Message();
            this.mMessage.what = 0;
        }
    }

    private SSLSocket sslHandShake() {
        SSLSocket sSLSocket = (SSLSocket) HttpsURLConnection.getDefaultSSLSocketFactory().createSocket();
        sSLSocket.setEnabledProtocols(this.mServerEnabledProtocol.GetTypeCode());
        sSLSocket.setSoTimeout(this.mTimeout);
        sSLSocket.connect(new InetSocketAddress(this.mHostName, this.mPort), this.mTimeout);
        sSLSocket.startHandshake();
        return sSLSocket;
    }

    private Certificate[] useFullCheckSolution(String str) {
        HttpsURLConnection httpsURLConnection;
        HttpsURLConnection httpsURLConnection2 = null;
        try {
            try {
                httpsURLConnection = (HttpsURLConnection) new URL(String.format("https://%s", str)).openConnection();
            } catch (Throwable th) {
                th = th;
            }
        } catch (SocketTimeoutException unused) {
        } catch (ConnectTimeoutException unused2) {
        } catch (IOException unused3) {
        } catch (KeyManagementException unused4) {
            httpsURLConnection = null;
        } catch (NoSuchAlgorithmException unused5) {
            httpsURLConnection = null;
        } catch (Exception unused6) {
            httpsURLConnection = null;
        }
        try {
            httpsURLConnection.setConnectTimeout(this.mTimeout);
            httpsURLConnection.setReadTimeout(this.mTimeout);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, null, null);
            httpsURLConnection.setSSLSocketFactory(new TLSSocketFactory(sSLContext.getSocketFactory(), this.mServerEnabledProtocol));
            httpsURLConnection.connect();
            httpsURLConnection.getResponseCode();
            Certificate[] serverCertificates = httpsURLConnection.getServerCertificates();
            if (serverCertificates != null) {
                if (serverCertificates.length != 0) {
                    if (httpsURLConnection != null) {
                        try {
                            httpsURLConnection.getInputStream().close();
                        } catch (Exception unused7) {
                        }
                        try {
                            httpsURLConnection.getErrorStream().close();
                        } catch (Exception unused8) {
                        }
                        try {
                            httpsURLConnection.disconnect();
                        } catch (Exception e) {
                            e.printStackTrace();
                        }
                    }
                    return serverCertificates;
                }
            }
            if (httpsURLConnection != null) {
                try {
                    httpsURLConnection.getInputStream().close();
                } catch (Exception unused9) {
                }
                try {
                    httpsURLConnection.getErrorStream().close();
                } catch (Exception unused10) {
                }
                try {
                    httpsURLConnection.disconnect();
                } catch (Exception e2) {
                    e2.printStackTrace();
                }
            }
            return null;
        } catch (SocketTimeoutException unused11) {
            throw new SocketTimeoutException();
        } catch (IOException unused12) {
            throw new IOException();
        } catch (KeyManagementException unused13) {
            if (httpsURLConnection != null) {
                try {
                    httpsURLConnection.getInputStream().close();
                } catch (Exception unused14) {
                }
                try {
                    httpsURLConnection.getErrorStream().close();
                } catch (Exception unused15) {
                }
                try {
                    httpsURLConnection.disconnect();
                } catch (Exception e3) {
                    e3.printStackTrace();
                }
            }
            return null;
        } catch (NoSuchAlgorithmException unused16) {
            if (httpsURLConnection != null) {
                try {
                    httpsURLConnection.getInputStream().close();
                } catch (Exception unused17) {
                }
                try {
                    httpsURLConnection.getErrorStream().close();
                } catch (Exception unused18) {
                }
                try {
                    httpsURLConnection.disconnect();
                } catch (Exception e4) {
                    e4.printStackTrace();
                }
            }
            return null;
        } catch (ConnectTimeoutException unused19) {
            throw new ConnectTimeoutException();
        } catch (Exception unused20) {
            if (httpsURLConnection != null) {
                try {
                    httpsURLConnection.getInputStream().close();
                } catch (Exception unused21) {
                }
                try {
                    httpsURLConnection.getErrorStream().close();
                } catch (Exception unused22) {
                }
                try {
                    httpsURLConnection.disconnect();
                } catch (Exception e5) {
                    e5.printStackTrace();
                }
            }
            return null;
        } catch (Throwable th2) {
            httpsURLConnection2 = httpsURLConnection;
            th = th2;
            if (httpsURLConnection2 != null) {
                try {
                    httpsURLConnection2.getInputStream().close();
                } catch (Exception unused23) {
                }
                try {
                    httpsURLConnection2.getErrorStream().close();
                } catch (Exception unused24) {
                }
                try {
                    httpsURLConnection2.disconnect();
                } catch (Exception e6) {
                    e6.printStackTrace();
                }
            }
            throw th;
        }
    }

    private boolean verifyAppRootCert(Certificate[] certificateArr, Certificate[] certificateArr2) {
        Certificate ConvertInputStream2Certificate = CertificateObj.ConvertInputStream2Certificate(this.mRootCaInputStream);
        boolean z = false;
        for (int length = certificateArr.length - 1; length >= 0; length--) {
            PublicKey publicKey = certificateArr[length].getPublicKey();
            try {
                try {
                } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException | Exception unused) {
                    z = true;
                }
            } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException | Exception unused2) {
            }
            if (CertificateVerifyType.Default == this.mCertificateVerifyType) {
                ConvertInputStream2Certificate.verify(publicKey);
                if (CertificateVerifyIntegrity.Default == this.mCertificateVerifyIntegrity) {
                    try {
                        for (int length2 = certificateArr2.length - 1; length2 >= 0; length2--) {
                            try {
                                ConvertInputStream2Certificate.verify(certificateArr2[length2].getPublicKey());
                            } catch (Exception unused3) {
                            }
                        }
                        z = false;
                    } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException | Exception unused4) {
                        z = false;
                    }
                }
                z = true;
                break;
            } else {
                if (CertificateVerifyType.Equal == this.mCertificateVerifyType && publicKey.equals(ConvertInputStream2Certificate.getPublicKey())) {
                    if (CertificateVerifyIntegrity.Default == this.mCertificateVerifyIntegrity) {
                        for (int length3 = certificateArr2.length - 1; length3 >= 0; length3--) {
                            if (!certificateArr2[length3].getPublicKey().equals(ConvertInputStream2Certificate.getPublicKey())) {
                            }
                        }
                        z = false;
                    }
                    z = true;
                    break;
                }
            }
            return z;
        }
        return z;
    }

    private boolean verifyCertsHandshakeCN(Certificate[] certificateArr) {
        try {
            for (String str : ((X509Certificate) certificateArr[0]).getSubjectDN().getName().split(",")) {
                String[] split = str.split("=");
                if (split != null && 2 == split.length && split[0] != null && split[0].trim().equals(CertificateObj.mCOMMON_NAME) && split[1] != null && split[1].trim().equals(this.mCN)) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            handleErrorStatus(e);
            return false;
        }
    }

    private boolean verifyCertsHandshakeChain(Certificate[] certificateArr) {
        PublicKey publicKey = certificateArr[certificateArr.length - 1].getPublicKey();
        try {
            PublicKey publicKey2 = null;
            for (int length = certificateArr.length - 2; length >= 0; length--) {
                Certificate certificate = certificateArr[length];
                if (certificateArr.length - 2 == length) {
                    certificate.verify(publicKey);
                } else {
                    certificate.verify(publicKey2);
                }
                publicKey2 = certificate.getPublicKey();
            }
            return true;
        } catch (InvalidKeyException e) {
            handleErrorStatus(e);
            return false;
        } catch (NoSuchAlgorithmException e2) {
            handleErrorStatus(e2);
            return false;
        } catch (NoSuchProviderException e3) {
            handleErrorStatus(e3);
            return false;
        } catch (SignatureException e4) {
            handleErrorStatus(e4);
            return false;
        } catch (CertificateException e5) {
            handleErrorStatus(e5);
            return false;
        } catch (Exception e6) {
            handleErrorStatus(e6);
            return false;
        }
    }

    private boolean verifyCertsHttpConnCN(Certificate[] certificateArr) {
        try {
            for (String str : ((X509Certificate) certificateArr[0]).getSubjectDN().getName().split(",")) {
                String[] split = str.split("=");
                if (split != null && 2 == split.length && split[0] != null && split[0].trim().equals(CertificateObj.mCOMMON_NAME) && split[1] != null && split[1].trim().equals(this.mCN)) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            handleErrorStatus(e);
            return false;
        }
    }

    private boolean verifyHostName(SSLSocket sSLSocket) {
        return sSLSocket.getSession().getPeerHost().equals(this.mHostName);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    public Boolean doInBackground(String... strArr) {
        boolean z;
        boolean z2;
        boolean z3;
        SSLSocket sSLSocket = null;
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                if (!checkParameters(strArr)) {
                                    return false;
                                }
                                SSLSocket sslHandShake = sslHandShake();
                                Certificate[] peerCertificates = sslHandShake.getSession().getPeerCertificates();
                                if (peerCertificates != null && peerCertificates.length != 0) {
                                    Certificate[] useFullCheckSolution = useFullCheckSolution(this.mHostName);
                                    if (useFullCheckSolution != null && useFullCheckSolution.length != 0) {
                                        boolean verifyAppRootCert = verifyAppRootCert(peerCertificates, useFullCheckSolution);
                                        boolean verifyCertsHttpConnCN = verifyAppRootCert ? verifyCertsHttpConnCN(useFullCheckSolution) : false;
                                        boolean z4 = true;
                                        if (CertificatePinningLevel.Default == this.mCertificatePinningLevel) {
                                            z2 = verifyCertsHttpConnCN ? verifyCertsHandshakeChain(peerCertificates) : false;
                                            z = z2 ? verifyCertsHandshakeCN(peerCertificates) : false;
                                            z3 = z ? verifyHostName(sslHandShake) : false;
                                        } else {
                                            z = true;
                                            z2 = true;
                                            z3 = true;
                                        }
                                        if (verifyAppRootCert && verifyCertsHttpConnCN && z2 && z && z3) {
                                            handleSuccessStatus();
                                        } else {
                                            handleErrorStatus(new Exception());
                                            z4 = false;
                                        }
                                        if (sslHandShake != null) {
                                            sslHandShake.close();
                                        }
                                        return Boolean.valueOf(z4);
                                    }
                                    handleErrorStatus(new HandshakeCertificateChainNotFoundException());
                                    if (sslHandShake != null) {
                                        sslHandShake.close();
                                    }
                                    return false;
                                }
                                handleErrorStatus(new HandshakeCertificateChainNotFoundException());
                                if (sslHandShake != null) {
                                    sslHandShake.close();
                                }
                                return false;
                            } catch (Exception e) {
                                handleErrorStatus(e);
                                return false;
                            }
                        } catch (HttpConnectException e2) {
                            handleErrorStatus(e2);
                            if (0 != 0) {
                                sSLSocket.close();
                            }
                            return false;
                        }
                    } catch (SocketTimeoutException e3) {
                        handleErrorStatus(e3);
                        if (0 != 0) {
                            sSLSocket.close();
                        }
                        return false;
                    }
                } catch (ConnectTimeoutException e4) {
                    handleErrorStatus(e4);
                    if (0 != 0) {
                        sSLSocket.close();
                    }
                    return false;
                } catch (IOException e5) {
                    handleErrorStatus(e5);
                    if (0 != 0) {
                        sSLSocket.close();
                    }
                    return false;
                }
            } catch (IOException e6) {
                handleErrorStatus(e6);
                return false;
            }
        } finally {
            if (0 != 0) {
                sSLSocket.close();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    public void onPostExecute(Boolean bool) {
        super.onPostExecute((CertificateTaskWithRoot) bool);
        Message message = this.mMessage;
        if (message != null) {
            Object obj = bool;
            if (message.what != 0) {
                Object obj2 = message.obj;
                obj = bool;
                if (obj2 != null) {
                    obj = obj2;
                } else if (bool == null) {
                    obj = BuildConfig.FLAVOR;
                }
            }
            message.obj = obj;
            if (this.mReturnHandler != null) {
                Bundle bundle = new Bundle();
                bundle.putString(CertificateObj.mEXTRA_DATA, this.mExtraData);
                this.mMessage.setData(bundle);
                this.mReturnHandler.sendMessage(this.mMessage);
            }
        }
    }

    @Override // android.os.AsyncTask
    protected void onPreExecute() {
        super.onPreExecute();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    public void onProgressUpdate(Integer... numArr) {
        super.onProgressUpdate((Object[]) numArr);
    }
}
