package com.ccpcreations.android.cameras;

import android.content.Context;
import android.content.SharedPreferences;
import android.preference.PreferenceManager;
import android.util.Log;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.AbstractVerifier;

/* loaded from: classes.dex */
class TrustImpl {
    private static final Pattern IP_PATTERN = Pattern.compile("^(([0-9a-f]{1,4}:){7,7}[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,7}:|([0-9a-f]{1,4}:){1,6}:[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}|([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}|[0-9a-f]{1,4}:((:[0-9a-f]{1,4}){1,6})|:((:[0-9a-f]{1,4}){1,7}|:)|fe80:(:[0-9a-f]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-f]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))|^((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])");
    private static final String TAG = "Cameras";
    private Context context;
    private TrustManagerFactory dtmf;
    private SSLContext sc;
    private SharedPreferences sp;
    private TrustManagerFactory tmf;
    private final HostnameVerifier hv = new HostnameVerifier() { // from class: com.ccpcreations.android.cameras.TrustImpl.1
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            try {
                Certificate certificate = sSLSession.getPeerCertificates()[0];
                if (certificate == null || !(certificate instanceof X509Certificate)) {
                    return false;
                }
                return TrustImpl.this.verifyHostTrust((X509Certificate) certificate, str);
            } catch (IOException e) {
                e.printStackTrace();
                return false;
            }
        }
    };
    private final X509TrustManager[] trustManager = {new X509TrustManager() { // from class: com.ccpcreations.android.cameras.TrustImpl.2
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new CertificateException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (TrustImpl.this.dtmf != null && TrustImpl.this.verifyCertTrust(TrustImpl.this.dtmf.getTrustManagers(), x509CertificateArr, str)) {
                Log.v("Cameras", "Certificate inherently trusted.");
                return;
            }
            if (TrustImpl.this.tmf != null && TrustImpl.this.verifyCertTrust(TrustImpl.this.tmf.getTrustManagers(), x509CertificateArr, str)) {
                Log.v("Cameras", "Certificate trusted by built-in CA.");
                return;
            }
            if (TrustImpl.this.sp.getString(TrustImpl.this.context.getString(R.string.pref_key_trusted), "").equals(TrustImpl.byteArrayToHex(x509CertificateArr[0].getSignature()))) {
                Log.v("Cameras", "Certificate manually trusted.");
            } else {
                Log.v("Cameras", "Certificate not trusted.");
                throw new CertificateException();
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }};

    /* JADX INFO: Access modifiers changed from: package-private */
    public TrustImpl(Context context) {
        this.tmf = null;
        this.dtmf = null;
        this.context = context;
        try {
            this.sc = SSLContext.getInstance("TLS");
            this.sc.init(null, this.trustManager, null);
            this.tmf = getInternalCATrustStore();
            this.dtmf = getDefaultTrustStore();
            this.sp = PreferenceManager.getDefaultSharedPreferences(context);
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String byteArrayToHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b : bArr) {
            sb.append(String.format("%02x", Byte.valueOf(b)));
        }
        return sb.toString();
    }

    private List<String> getDNSSubjectAlts(X509Certificate x509Certificate) {
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames == null) {
                return Collections.emptyList();
            }
            ArrayList arrayList = new ArrayList();
            for (List<?> list : subjectAlternativeNames) {
                if (((Integer) list.get(0)).intValue() == 2) {
                    arrayList.add((String) list.get(1));
                }
            }
            return arrayList;
        } catch (CertificateParsingException e) {
            return Collections.emptyList();
        }
    }

    private TrustManagerFactory getDefaultTrustStore() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            return trustManagerFactory;
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
    }

    private String getFirstCn(X509Certificate x509Certificate) {
        StringTokenizer stringTokenizer = new StringTokenizer(x509Certificate.getSubjectX500Principal().toString(), ",");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            int indexOf = nextToken.indexOf("CN=");
            if (indexOf >= 0) {
                return nextToken.substring(indexOf + 3);
            }
        }
        return null;
    }

    /* JADX WARN: Removed duplicated region for block: B:26:0x0042 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private javax.net.ssl.TrustManagerFactory getInternalCATrustStore() {
        /*
            r11 = this;
            r8 = 0
            r1 = 0
            java.lang.String r3 = java.security.KeyStore.getDefaultType()     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            java.security.KeyStore r6 = java.security.KeyStore.getInstance(r3)     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            r9 = 0
            r10 = 0
            r6.load(r9, r10)     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            java.lang.String r9 = "X.509"
            java.security.cert.CertificateFactory r2 = java.security.cert.CertificateFactory.getInstance(r9)     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            android.content.Context r9 = r11.context     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            android.content.res.Resources r9 = r9.getResources()     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            r10 = 2131165184(0x7f070000, float:1.7944578E38)
            java.io.InputStream r1 = r9.openRawResource(r10)     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            java.security.cert.Certificate r0 = r2.generateCertificate(r1)     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            java.lang.String r9 = "CA"
            r6.setCertificateEntry(r9, r0)     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            java.lang.String r5 = javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm()     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            javax.net.ssl.TrustManagerFactory r4 = javax.net.ssl.TrustManagerFactory.getInstance(r5)     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            r4.init(r6)     // Catch: java.security.cert.CertificateException -> L3b java.lang.Throwable -> L47 java.io.IOException -> L4e java.security.KeyStoreException -> L51 java.security.NoSuchAlgorithmException -> L54
            if (r1 == 0) goto L3a
            r1.close()     // Catch: java.io.IOException -> L57
        L3a:
            return r4
        L3b:
            r9 = move-exception
            r7 = r9
        L3d:
            r7.printStackTrace()     // Catch: java.lang.Throwable -> L47
            if (r1 == 0) goto L45
            r1.close()     // Catch: java.io.IOException -> L59
        L45:
            r4 = r8
            goto L3a
        L47:
            r8 = move-exception
            if (r1 == 0) goto L4d
            r1.close()     // Catch: java.io.IOException -> L5b
        L4d:
            throw r8
        L4e:
            r9 = move-exception
            r7 = r9
            goto L3d
        L51:
            r9 = move-exception
            r7 = r9
            goto L3d
        L54:
            r9 = move-exception
            r7 = r9
            goto L3d
        L57:
            r8 = move-exception
            goto L3a
        L59:
            r9 = move-exception
            goto L45
        L5b:
            r9 = move-exception
            goto L4d
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ccpcreations.android.cameras.TrustImpl.getInternalCATrustStore():javax.net.ssl.TrustManagerFactory");
    }

    private static boolean isNumeric(String str) {
        try {
            Method method = InetAddress.class.getMethod("isNumeric", String.class);
            method.setAccessible(true);
            return ((Boolean) method.invoke(null, str)).booleanValue();
        } catch (IllegalAccessException | NoSuchMethodException | InvocationTargetException e) {
            e.printStackTrace();
            return IP_PATTERN.matcher(str.trim().toLowerCase()).matches();
        }
    }

    private boolean matches(String str, String str2) {
        if (str2 == null) {
            return false;
        }
        String lowerCase = str2.toLowerCase(Locale.ENGLISH);
        if (!lowerCase.startsWith("*.")) {
            return str.equals(lowerCase);
        }
        int length = lowerCase.length() - 1;
        return str.regionMatches(str.length() - length, lowerCase, 1, length) && lowerCase.indexOf(46, 2) != -1 && AbstractVerifier.acceptableCountryWildcard(lowerCase) && !isNumeric(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean verifyCertTrust(TrustManager[] trustManagerArr, X509Certificate[] x509CertificateArr, String str) {
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                try {
                    ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, str);
                    return true;
                } catch (CertificateException e) {
                }
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean verifyHostTrust(X509Certificate x509Certificate, String str) throws IOException {
        if (this.sp.getString(this.context.getString(R.string.pref_key_trusted), "").equals(byteArrayToHex(x509Certificate.getSignature()))) {
            return true;
        }
        String lowerCase = str.trim().toLowerCase(Locale.ENGLISH);
        if (matches(lowerCase, getFirstCn(x509Certificate))) {
            return true;
        }
        Iterator<String> it = getDNSSubjectAlts(x509Certificate).iterator();
        while (it.hasNext()) {
            if (matches(lowerCase, it.next())) {
                Log.v("Cameras", "Certificate host matches.");
                return true;
            }
        }
        Log.v("Cameras", "Certificate host does not match.");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public HttpURLConnection getSecuredHttpURLConnection(String str) throws IOException {
        URLConnection openConnection = new URL(str).openConnection();
        if (openConnection instanceof HttpsURLConnection) {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) openConnection;
            httpsURLConnection.setSSLSocketFactory(this.sc.getSocketFactory());
            httpsURLConnection.setHostnameVerifier(this.hv);
        } else if (!(openConnection instanceof HttpURLConnection)) {
            throw new MalformedURLException("protocol not http or https");
        }
        return (HttpURLConnection) openConnection;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean test(String str, X509Certificate x509Certificate) {
        X509Certificate[] x509CertificateArr = {x509Certificate};
        for (X509TrustManager x509TrustManager : this.trustManager) {
            try {
                x509TrustManager.checkServerTrusted(x509CertificateArr, "generic");
            } catch (IOException e) {
                e = e;
                e.printStackTrace();
            } catch (IllegalArgumentException e2) {
                e = e2;
                e.printStackTrace();
            } catch (CertificateException e3) {
            }
            if (verifyHostTrust(x509Certificate, new URL(str).getHost())) {
                return true;
            }
        }
        return false;
    }
}
