package com.re4ctor.secuity;

import android.app.AlertDialog;
import android.content.DialogInterface;
import android.content.res.AssetManager;
import com.re4ctor.Console;
import com.re4ctor.Re4ctorApplication;
import com.re4ctor.Re4ctorConfig;
import com.re4ctor.ReactorController;
import com.re4ctor.ui.ReactorButton;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class ReactorSecurityHandler {
    public static final String APP_PROPERTY_BUNDLED_CERT_KEYSTORE_FILE_NAME = "security-bundled-cert-keystore-file-name";
    public static final String APP_PROPERTY_BUNDLED_CERT_KEYSTORE_PASSWORD = "security-bundled-cert-keystore-password";
    public static final String APP_PROPERTY_BUNDLED_CERT_KEYSTORE_TYPE = "security-bundled-cert-keystore-type";
    private KeyStore bundledKeystore = null;
    private boolean bundleChecked = false;
    private Re4ctorConfig re4ctorConfig = new Re4ctorConfig("", "");
    private HashSet<String> deniedCertificates = new HashSet<>();
    private JSONObject sslInfo = new JSONObject();

    public ReactorSecurityHandler() {
        loadCertificateInfo();
    }

    public static AlertDialog createAlertDialogForAcceptingCertificate(ReactorController reactorController, X509Certificate x509Certificate, DialogInterface.OnCancelListener onCancelListener, DialogInterface.OnClickListener onClickListener, DialogInterface.OnClickListener onClickListener2) {
        AlertDialog.Builder builder = new AlertDialog.Builder(reactorController.getRootActivity());
        builder.setTitle("Accept certificate?");
        builder.setMessage(getDescriptionForCertificate(x509Certificate));
        builder.setCancelable(true);
        builder.setOnCancelListener(onCancelListener);
        builder.setNegativeButton("Deny", onClickListener);
        builder.setPositiveButton("Accept", onClickListener2);
        AlertDialog create = builder.create();
        ReactorButton.applyTheme(create);
        return create;
    }

    public static AlertDialog createAlertDialogForUntrustedCertificate(ReactorController reactorController, DialogInterface.OnCancelListener onCancelListener, DialogInterface.OnClickListener onClickListener, DialogInterface.OnClickListener onClickListener2) {
        AlertDialog.Builder builder = new AlertDialog.Builder(reactorController.getRootActivity());
        builder.setTitle("Untrusted connection");
        builder.setMessage("The identity of the app server can't be verified. This error could mean that someone is trying to impersonate the server, and you shouldn't continue. If you abort the app will not have internet access.");
        builder.setCancelable(true);
        builder.setOnCancelListener(onCancelListener);
        builder.setNegativeButton("Abort", onClickListener);
        builder.setPositiveButton("Continue anyway", onClickListener2);
        AlertDialog create = builder.create();
        ReactorButton.applyTheme(create);
        return create;
    }

    public static String getDescriptionForCertificate(X509Certificate x509Certificate) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("SHA1 Fingerprint: " + getThumbPrint(x509Certificate));
        return stringBuffer.toString();
    }

    public static String getThumbPrint(X509Certificate x509Certificate) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(x509Certificate.getEncoded());
            return hexify(messageDigest.digest());
        } catch (Exception e) {
            Console.println("Could not get thumbprint for cert", e);
            return "Unknown cert";
        }
    }

    public static String hexify(byte[] bArr) {
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
        StringBuffer stringBuffer = new StringBuffer(bArr.length * 2);
        for (int i = 0; i < bArr.length; i++) {
            if (stringBuffer.length() > 0) {
                stringBuffer.append(" ");
            }
            stringBuffer.append(cArr[(bArr[i] & 240) >> 4]);
            stringBuffer.append(cArr[bArr[i] & 15]);
        }
        return stringBuffer.toString();
    }

    public void acceptCertificate(X509Certificate x509Certificate) {
        try {
            String thumbPrint = getThumbPrint(x509Certificate);
            JSONObject optJSONObject = getCertificatesJSON().optJSONObject(thumbPrint);
            if (optJSONObject == null) {
                optJSONObject = new JSONObject();
                getCertificatesJSON().put(thumbPrint, optJSONObject);
            }
            optJSONObject.put("user_accepted", true);
        } catch (Exception e) {
        }
        saveCertificateInfo();
    }

    public void denyCertificate(X509Certificate x509Certificate) {
        this.deniedCertificates.add(getThumbPrint(x509Certificate));
    }

    public KeyStore getBundledKeystore() {
        if (this.bundledKeystore != null || this.bundleChecked) {
            return this.bundledKeystore;
        }
        this.bundleChecked = true;
        try {
            AssetManager assets = Re4ctorApplication.currentApp.getAssets();
            String property = this.re4ctorConfig.getProperty(APP_PROPERTY_BUNDLED_CERT_KEYSTORE_FILE_NAME, "sslcert.bks");
            String property2 = this.re4ctorConfig.getProperty(APP_PROPERTY_BUNDLED_CERT_KEYSTORE_TYPE, "BKS");
            String property3 = this.re4ctorConfig.getProperty(APP_PROPERTY_BUNDLED_CERT_KEYSTORE_PASSWORD, "testerer");
            InputStream open = assets.open(property);
            KeyStore keyStore = KeyStore.getInstance(property2);
            keyStore.load(open, property3.toCharArray());
            this.bundledKeystore = keyStore;
            return this.bundledKeystore;
        } catch (Exception e) {
            return null;
        }
    }

    public JSONObject getCertificatesJSON() {
        JSONObject optJSONObject = this.sslInfo.optJSONObject("certs");
        if (optJSONObject == null) {
            optJSONObject = new JSONObject();
            try {
                this.sslInfo.put("certs", optJSONObject);
            } catch (JSONException e) {
            }
        }
        return optJSONObject;
    }

    public synchronized SSLContext getSSLContext() throws Exception {
        SSLContext sSLContext;
        sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, getTrustManagers(), null);
        return sSLContext;
    }

    public File getSSLInfoFile() {
        File dir = Re4ctorApplication.currentApp.getDir("sslinfo", 0);
        if (!dir.exists()) {
            dir.mkdirs();
        }
        return new File(dir, "sslinfo.json");
    }

    public synchronized ReactorSSLTrustManager getTrustManager() throws Exception {
        return new ReactorSSLTrustManager(this, getBundledKeystore());
    }

    public synchronized TrustManager[] getTrustManagers() throws Exception {
        return new TrustManager[]{getTrustManager()};
    }

    public boolean isCertificateDenied(X509Certificate x509Certificate) {
        return this.deniedCertificates.contains(getThumbPrint(x509Certificate));
    }

    public boolean isCertificateUserAccepted(X509Certificate x509Certificate) {
        JSONObject optJSONObject = getCertificatesJSON().optJSONObject(getThumbPrint(x509Certificate));
        if (optJSONObject == null) {
            return false;
        }
        return optJSONObject.optBoolean("user_accepted", false);
    }

    public void loadCertificateInfo() {
        File sSLInfoFile = getSSLInfoFile();
        if (sSLInfoFile.exists()) {
            try {
                FileInputStream fileInputStream = new FileInputStream(sSLInfoFile);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byte[] bArr = new byte[50000];
                for (int read = fileInputStream.read(bArr); read >= 0; read = fileInputStream.read(bArr)) {
                    byteArrayOutputStream.write(bArr, 0, read);
                }
                fileInputStream.close();
                this.sslInfo = new JSONObject(new String(byteArrayOutputStream.toByteArray(), "UTF-8"));
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    public void resetDeniedCertificates() {
        this.deniedCertificates.clear();
    }

    public void saveCertificateInfo() {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(getSSLInfoFile());
            fileOutputStream.write(this.sslInfo.toString().getBytes("UTF-8"));
            fileOutputStream.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public void setConfig(Re4ctorConfig re4ctorConfig) {
        this.re4ctorConfig = re4ctorConfig;
    }
}
