package com.mcafee.sdk.wifi.impl.scanner;

import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.VisibleForTesting;
import com.mcafee.android.concurrent.BackgroundWorker;
import com.mcafee.android.debug.McLog;
import com.mcafee.android.security.BuiltInKey;
import com.mcafee.sdk.wifi.content.AccessPoint;
import com.mcafee.sdk.wifi.content.ScanObject;
import com.mcafee.sdk.wifi.content.WifiNetwork;
import com.mcafee.sdk.wifi.impl.Utils.LocalHistoryDB;
import com.mcafee.sdk.wifi.impl.Utils.WifiUtils;
import com.mcafee.sdk.wifi.impl.network.okhttp.impl.WiFiOkHttpConnectionsImpl;
import com.mcafee.sdk.wifi.impl.result.WifRiskImplSSLSplit;
import com.mcafee.sdk.wifi.impl.result.WifRiskImplSSLStrip;
import com.mcafee.sdk.wifi.impl.result.WifiRiskImpl;
import com.mcafee.sdk.wifi.impl.scanner.SSLStripScanner;
import com.mcafee.sdk.wifi.impl.scanner.Scanner;
import com.mcafee.sdk.wifi.result.WifiRisk;
import com.mcafee.sdk.wifi.settings.WifiConfigUtil;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes12.dex */
public class SSLStripScanner implements Scanner {

    /* renamed from: a, reason: collision with root package name */
    private Scanner.ScanCB f76116a;

    /* renamed from: b, reason: collision with root package name */
    private final Context f76117b;

    public SSLStripScanner(@NonNull Context context) {
        this.f76117b = context.getApplicationContext();
    }

    private String e(Context context) {
        return WifiConfigUtil.getInstance(context).getWifiSSLAuthURL();
    }

    private String f(Context context) {
        return WifiConfigUtil.getInstance(context).getWifiSSLAuthToken();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void g(ScanObject scanObject) {
        WifiRisk c6 = c(scanObject);
        Scanner.ScanCB scanCB = this.f76116a;
        if (scanCB != null) {
            scanCB.finished(this, scanObject, c6);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void h(ScanObject scanObject) {
        Scanner.ScanCB scanCB = this.f76116a;
        if (scanCB != null) {
            scanCB.finished(this, scanObject, null);
        }
    }

    @VisibleForTesting
    WifiRisk c(ScanObject scanObject) {
        AccessPoint accessPoint;
        boolean z5;
        WiFiOkHttpConnectionsImpl.HttpResponseResult httpResponseResult;
        WifiRiskImpl wifiRiskImpl;
        List<Certificate> list;
        WifiRiskImpl i5;
        boolean z6 = true;
        String str = null;
        if (scanObject instanceof AccessPoint) {
            accessPoint = (AccessPoint) scanObject;
            z5 = isConnectedAP(accessPoint);
            accessPoint.getSSID();
            accessPoint.getBSSID();
        } else {
            if (scanObject instanceof WifiNetwork) {
                WifiNetwork wifiNetwork = (WifiNetwork) scanObject;
                if (isConnectedNetwork(wifiNetwork)) {
                    AccessPoint currentAccessPoint = WifiUtils.getCurrentAccessPoint(this.f76117b);
                    if (currentAccessPoint.getSSID().equals(wifiNetwork.getSSID())) {
                        currentAccessPoint.getSSID();
                        currentAccessPoint.getBSSID();
                        accessPoint = currentAccessPoint;
                        z5 = true;
                    }
                }
            }
            accessPoint = null;
            z5 = false;
        }
        if (!z5) {
            return null;
        }
        McLog mcLog = McLog.INSTANCE;
        mcLog.d("SSLStripScanner", "AccessPoint bssid:" + accessPoint.getBSSID() + ", ssid:" + accessPoint.getSSID(), new Object[0]);
        WifiConfigUtil.getInstance(this.f76117b).getSSLStripDetectionTTL();
        if (WifiUtils.isValidAccessPoint(accessPoint)) {
            mcLog.i("SSLStripScanner", "valid wifi information (cache used): " + ((Object) null), new Object[0]);
        } else {
            mcLog.i("SSLStripScanner", "invalid wifi information (cache not used)", new Object[0]);
        }
        String e6 = e(this.f76117b);
        String f6 = f(this.f76117b);
        mcLog.d("SSLStripScanner", "serverURL : " + e6, new Object[0]);
        mcLog.d("SSLStripScanner", "token : " + f6, new Object[0]);
        try {
            httpResponseResult = j(e6);
            wifiRiskImpl = null;
        } catch (Exception e7) {
            McLog.INSTANCE.d("SSLStripScanner", e7, "", new Object[0]);
            Throwable cause = e7.getCause();
            String message = (cause == null || cause.getCause() == null || cause.getCause().getMessage() == null) ? "" : cause.getCause().getMessage();
            if (cause instanceof CertificateException) {
                if (message.replaceAll("[^a-zA-Z0-9]", "").contains("outofdate")) {
                    McLog.INSTANCE.d("SSLStripScanner", e7, "certificate exception due to date change", new Object[0]);
                } else {
                    McLog.INSTANCE.d("SSLStripScanner", e7, "certificate exception due to ssl split", new Object[0]);
                    wifiRiskImpl = new WifRiskImplSSLSplit(this.f76117b, System.currentTimeMillis());
                    httpResponseResult = null;
                }
            }
            httpResponseResult = null;
            wifiRiskImpl = null;
        }
        if (!isConnectedAP(accessPoint)) {
            McLog.INSTANCE.d("SSLStripScanner", "Connected AP changed!", new Object[0]);
            return null;
        }
        if (httpResponseResult != null) {
            str = httpResponseResult.content;
            list = httpResponseResult.certificates;
        } else {
            list = null;
        }
        if (TextUtils.isEmpty(str) || (str != null && !str.contains(f6))) {
            z6 = false;
        }
        if (!z6) {
            return wifiRiskImpl;
        }
        if (httpResponseResult != null) {
            try {
                if (httpResponseResult.isHttps) {
                    i5 = i(httpResponseResult, list);
                    wifiRiskImpl = i5;
                    return wifiRiskImpl;
                }
            } catch (Exception e8) {
                McLog.INSTANCE.d("SSLStripScanner", e8, "", new Object[0]);
                return wifiRiskImpl;
            }
        }
        McLog.INSTANCE.d("SSLStripScanner", "ssl strip!", new Object[0]);
        i5 = new WifRiskImplSSLStrip(this.f76117b, System.currentTimeMillis());
        wifiRiskImpl = i5;
        return wifiRiskImpl;
    }

    @Override // com.mcafee.sdk.wifi.impl.scanner.Scanner
    public void cancel() {
    }

    @VisibleForTesting
    ArrayList<String> d(WiFiOkHttpConnectionsImpl.HttpResponseResult httpResponseResult) {
        int indexOf;
        ArrayList<String> arrayList = new ArrayList<>();
        String str = httpResponseResult.content;
        do {
            int indexOf2 = str.indexOf("<WifiAuth>");
            indexOf = str.indexOf("</WifiAuth>");
            if (indexOf2 >= 0 && indexOf >= 0) {
                String replace = str.substring(indexOf2 + 10, indexOf).replace("\n", "").replace("\r", "");
                arrayList.add(replace);
                str = str.substring(indexOf + 11);
                McLog.INSTANCE.d("SSLStripScanner", "auth is " + replace, new Object[0]);
            }
            if (indexOf2 < 0) {
                break;
            }
        } while (indexOf >= 0);
        return arrayList;
    }

    @VisibleForTesting
    public String getFingerPrint(X509Certificate x509Certificate, String str) throws Exception {
        return WifiUtils.getFingerPrint(x509Certificate, str);
    }

    @VisibleForTesting
    public LocalHistoryDB.APHistory getHistory(String str, long j5) {
        return LocalHistoryDB.getInstance(this.f76117b).getHistory(str, j5);
    }

    @VisibleForTesting
    public WiFiOkHttpConnectionsImpl.HttpResponseResult getNetworkResponse(String str) throws Exception {
        return WifiUtils.getNetworkResponse(this.f76117b, str);
    }

    @Override // com.mcafee.sdk.wifi.impl.scanner.Scanner
    public String getScannerName() {
        return "SSLStripScanner";
    }

    @VisibleForTesting
    WifiRiskImpl i(WiFiOkHttpConnectionsImpl.HttpResponseResult httpResponseResult, List<Certificate> list) throws Exception {
        if (list != null) {
            Certificate certificate = list.get(0);
            if (certificate instanceof X509Certificate) {
                String lowerCase = getFingerPrint((X509Certificate) certificate, "SHA-256").toLowerCase();
                Iterator<String> it = d(httpResponseResult).iterator();
                boolean z5 = false;
                while (it.hasNext()) {
                    String next = it.next();
                    Signature signature = Signature.getInstance("SHA256withRSA");
                    signature.initVerify((PublicKey) BuiltInKey.getPublicKey());
                    signature.update(lowerCase.getBytes());
                    try {
                        z5 = signature.verify(Base64.decode(next.getBytes(), 2));
                    } catch (Exception unused) {
                    }
                    McLog.INSTANCE.d("SSLStripScanner", "verify result : " + z5, new Object[0]);
                    if (z5) {
                        break;
                    }
                }
                McLog mcLog = McLog.INSTANCE;
                mcLog.d("SSLStripScanner", "fingerPrint: " + lowerCase, new Object[0]);
                if (!z5) {
                    mcLog.d("SSLStripScanner", "ssl split!", new Object[0]);
                    return new WifRiskImplSSLSplit(this.f76117b, System.currentTimeMillis());
                }
            }
        }
        return null;
    }

    @VisibleForTesting
    public boolean isConnectedAP(AccessPoint accessPoint) {
        return WifiUtils.isConnectedAP(this.f76117b, accessPoint);
    }

    @VisibleForTesting
    public boolean isConnectedNetwork(WifiNetwork wifiNetwork) {
        return WifiUtils.isConnectedNetwork(this.f76117b, wifiNetwork);
    }

    @VisibleForTesting
    WiFiOkHttpConnectionsImpl.HttpResponseResult j(String str) throws Exception {
        WiFiOkHttpConnectionsImpl.HttpResponseResult httpResponseResult = null;
        int i5 = 0;
        while (i5 < 2 && httpResponseResult == null) {
            i5++;
            try {
                httpResponseResult = k(str, 5);
            } catch (Exception e6) {
                if (i5 >= 2) {
                    throw e6;
                }
            }
            McLog mcLog = McLog.INSTANCE;
            mcLog.d("SSLStripScanner", "actionCount is " + i5, new Object[0]);
            mcLog.d("SSLStripScanner", "httpResult  is " + httpResponseResult, new Object[0]);
        }
        return httpResponseResult;
    }

    @VisibleForTesting
    WiFiOkHttpConnectionsImpl.HttpResponseResult k(String str, int i5) throws Exception {
        if (i5 <= 1) {
            if (i5 == 1) {
                return l(str);
            }
            return null;
        }
        WiFiOkHttpConnectionsImpl.HttpResponseResult httpResponseResult = null;
        for (int i6 = 0; str != null && i6 < i5; i6++) {
            httpResponseResult = k(str, 1);
            str = httpResponseResult != null ? httpResponseResult.location : null;
        }
        return httpResponseResult;
    }

    @VisibleForTesting
    WiFiOkHttpConnectionsImpl.HttpResponseResult l(String str) throws Exception {
        return getNetworkResponse(str);
    }

    @Override // com.mcafee.sdk.wifi.impl.scanner.Scanner
    public void scan(final ScanObject scanObject) {
        Scanner.ScanCB scanCB = this.f76116a;
        if (scanCB != null) {
            scanCB.scanning(this, scanObject);
        }
        if (!(scanObject instanceof AccessPoint) ? (scanObject instanceof WifiNetwork) && isConnectedNetwork((WifiNetwork) scanObject) : isConnectedAP((AccessPoint) scanObject)) {
            BackgroundWorker.submit(new Runnable() { // from class: u3.d
                @Override // java.lang.Runnable
                public final void run() {
                    SSLStripScanner.this.h(scanObject);
                }
            });
        } else {
            BackgroundWorker.submit(new Runnable() { // from class: u3.c
                @Override // java.lang.Runnable
                public final void run() {
                    SSLStripScanner.this.g(scanObject);
                }
            });
        }
    }

    @Override // com.mcafee.sdk.wifi.impl.scanner.Scanner
    public void setScanCB(Scanner.ScanCB scanCB) {
        this.f76116a = scanCB;
    }

    @Override // com.mcafee.sdk.wifi.impl.scanner.Scanner
    public void setScannerArguments(Scanner.WiFiScannerArguments wiFiScannerArguments) {
    }
}
