package com.norton.staplerclassifiers.networkdetections.sslmitm;

import android.content.Context;
import android.util.Base64;
import com.norton.staplerclassifiers.BaseTask;
import com.norton.staplerclassifiers.CaptiveMode;
import e.i.v.config.IConfigurationProvider;
import e.i.v.d.captive.CaptiveNetworkChecker;
import e.i.v.d.captive.ICaptiveNetworkChecker;
import e.i.v.d.sslmitm.ICertChainCapturingTrustManager;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import kotlin.Metadata;
import kotlin.collections.y0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.f0;
import kotlin.text.v;
import kotlin.v1;
import kotlinx.serialization.json.JsonElement;
import l.serialization.json.JsonBuilder;
import o.d.b.d;
import o.d.b.e;
import okhttp3.HttpUrl;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.internal.connection.RealCall;

@Metadata(d1 = {"\u0000J\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0002\n\u0000\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0002\b\u0004\b\u0000\u0018\u0000 \u001a2\u00020\u0001:\u0001\u001aB=\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\b\b\u0002\u0010\b\u001a\u00020\t\u0012\b\b\u0002\u0010\n\u001a\u00020\u000b\u0012\b\b\u0002\u0010\f\u001a\u00020\r¢\u0006\u0002\u0010\u000eJ\u0016\u0010\u0013\u001a\u00020\u00142\f\u0010\u0015\u001a\b\u0012\u0004\u0012\u00020\u00170\u0016H\u0002J\b\u0010\u0018\u001a\u00020\u0014H\u0002J\b\u0010\u0019\u001a\u00020\u0014H\u0016R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\f\u001a\u00020\rX\u0082\u0004¢\u0006\u0002\n\u0000R\u0013\u0010\u000f\u001a\u0004\u0018\u00010\u0010¢\u0006\b\n\u0000\u001a\u0004\b\u0011\u0010\u0012R\u000e\u0010\n\u001a\u00020\u000bX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u001b"}, d2 = {"Lcom/norton/staplerclassifiers/networkdetections/sslmitm/SSLMITMTask;", "Lcom/norton/staplerclassifiers/BaseTask;", "context", "Landroid/content/Context;", "configurationProvider", "Lcom/norton/staplerclassifiers/config/IConfigurationProvider;", "configurationKey", "", "captiveNetworkChecker", "Lcom/norton/staplerclassifiers/networkdetections/captive/ICaptiveNetworkChecker;", "okHttpClientBuilder", "Lokhttp3/OkHttpClient$Builder;", "certChainCapturingTrustManager", "Lcom/norton/staplerclassifiers/networkdetections/sslmitm/ICertChainCapturingTrustManager;", "(Landroid/content/Context;Lcom/norton/staplerclassifiers/config/IConfigurationProvider;Ljava/lang/String;Lcom/norton/staplerclassifiers/networkdetections/captive/ICaptiveNetworkChecker;Lokhttp3/OkHttpClient$Builder;Lcom/norton/staplerclassifiers/networkdetections/sslmitm/ICertChainCapturingTrustManager;)V", "configuration", "Lcom/norton/staplerclassifiers/networkdetections/sslmitm/SSLMITMConfiguration;", "getConfiguration", "()Lcom/norton/staplerclassifiers/networkdetections/sslmitm/SSLMITMConfiguration;", "addTelemetryPayload", "", "certChain", "", "Ljava/security/cert/X509Certificate;", "checkForSslMitm", "scan", "Companion", "network-detections_debug"}, k = 1, mv = {1, 6, 0}, xi = 48)
/* loaded from: classes2.dex */
public final class SSLMITMTask extends BaseTask {

    /* renamed from: g, reason: collision with root package name */
    @d
    public final ICaptiveNetworkChecker f7294g;

    /* renamed from: h, reason: collision with root package name */
    @d
    public final OkHttpClient.a f7295h;

    /* renamed from: i, reason: collision with root package name */
    @d
    public final ICertChainCapturingTrustManager f7296i;

    /* renamed from: j, reason: collision with root package name */
    @e
    public final SSLMITMConfiguration f7297j;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public SSLMITMTask(Context context, IConfigurationProvider iConfigurationProvider, String str, ICaptiveNetworkChecker iCaptiveNetworkChecker, OkHttpClient.a aVar, ICertChainCapturingTrustManager iCertChainCapturingTrustManager, int i2) {
        super(context, iConfigurationProvider, str);
        CaptiveNetworkChecker captiveNetworkChecker = (i2 & 8) != 0 ? new CaptiveNetworkChecker(null, 1) : null;
        OkHttpClient.a aVar2 = (i2 & 16) != 0 ? new OkHttpClient.a() : null;
        CertChainCapturingTrustManager certChainCapturingTrustManager = (i2 & 32) != 0 ? new CertChainCapturingTrustManager() : null;
        f0.f(context, "context");
        f0.f(iConfigurationProvider, "configurationProvider");
        f0.f(str, "configurationKey");
        f0.f(captiveNetworkChecker, "captiveNetworkChecker");
        f0.f(aVar2, "okHttpClientBuilder");
        f0.f(certChainCapturingTrustManager, "certChainCapturingTrustManager");
        this.f7294g = captiveNetworkChecker;
        this.f7295h = aVar2;
        this.f7296i = certChainCapturingTrustManager;
        d(SSLMITMClassifier.NAME);
        this.f7195d = 0;
        this.f7297j = (SSLMITMConfiguration) iConfigurationProvider.b(str, SSLMITMConfiguration.INSTANCE.serializer());
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new ICertChainCapturingTrustManager[]{certChainCapturingTrustManager}, null);
        SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
        f0.e(socketFactory, "sslSocketFactory");
        aVar2.d(socketFactory, certChainCapturingTrustManager);
    }

    @Override // com.norton.staplerclassifiers.BaseTask
    public void c() {
        SSLMITMConfiguration sSLMITMConfiguration = this.f7297j;
        if (sSLMITMConfiguration == null) {
            this.f7194c.a(6, "No config available");
            return;
        }
        CaptiveMode a2 = this.f7294g.a(sSLMITMConfiguration.f7292b);
        BaseTask.d dVar = this.f7194c;
        dVar.f7209e = new BaseTask.c(a2, null);
        if (a2 == CaptiveMode.HAS_CAPTIVE) {
            dVar.c(BaseTask.StateType.UNCERTAIN, "captive portal detected");
            return;
        }
        HttpUrl.b bVar = HttpUrl.f37464a;
        SSLMITMConfiguration sSLMITMConfiguration2 = this.f7297j;
        f0.c(sSLMITMConfiguration2);
        HttpUrl e2 = bVar.e(sSLMITMConfiguration2.f7291a);
        if (e2 == null) {
            this.f7194c.a(1, "Invalid MITM configuration URL");
            return;
        }
        OkHttpClient.a aVar = this.f7295h;
        Objects.requireNonNull(aVar);
        OkHttpClient okHttpClient = new OkHttpClient(aVar);
        Request.a aVar2 = new Request.a();
        aVar2.m(e2);
        try {
            ((RealCall) okHttpClient.b(aVar2.b())).execute();
            if (this.f7296i.getCertChain() == null) {
                this.f7194c.a(8, "Missing cert chain");
                return;
            }
            List<X509Certificate> certChain = this.f7296i.getCertChain();
            f0.c(certChain);
            Iterator<X509Certificate> it = certChain.iterator();
            while (it.hasNext()) {
                String encodeToString = Base64.encodeToString(it.next().getPublicKey().getEncoded(), 0);
                f0.e(encodeToString, "encodeToString(certifica….encoded, Base64.DEFAULT)");
                if (this.f7297j.f7293c.contains(v.q(encodeToString, "\n", "", false, 4))) {
                    this.f7194c.c(BaseTask.StateType.SAFE, "MITM attack not detected");
                    return;
                }
            }
            e(certChain);
            e.o.r.d.d("SSLMITMTask", "Nothing detected.");
            this.f7194c.c(BaseTask.StateType.UNSAFE, "MITM attack detected");
        } catch (IOException e3) {
            e.o.r.d.a(6, "SSLMITMTask", "exception", e3);
            if (!(e3.getCause() instanceof GeneralSecurityException)) {
                this.f7194c.a(8, "Network error");
                return;
            }
            this.f7194c.c(BaseTask.StateType.UNSAFE, "MITM attack detected");
            List<X509Certificate> certChain2 = this.f7296i.getCertChain();
            if (certChain2 != null) {
                e(certChain2);
            }
        }
    }

    public final void e(List<? extends X509Certificate> list) {
        ArrayList arrayList = new ArrayList(y0.k(list, 10));
        Iterator<T> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(Base64.encodeToString(((X509Certificate) it.next()).getEncoded(), 0));
        }
        JsonElement d2 = kotlin.reflect.jvm.internal.t.o.m1.v.l(null, new Function1<JsonBuilder, v1>() { // from class: com.norton.staplerclassifiers.networkdetections.sslmitm.SSLMITMTask$addTelemetryPayload$jsonPayload$1
            @Override // kotlin.jvm.functions.Function1
            public /* bridge */ /* synthetic */ v1 invoke(JsonBuilder jsonBuilder) {
                invoke2(jsonBuilder);
                return v1.f34813a;
            }

            /* renamed from: invoke, reason: avoid collision after fix types in other method */
            public final void invoke2(@d JsonBuilder jsonBuilder) {
                f0.f(jsonBuilder, "$this$Json");
            }
        }, 1).d(SSLMITMTelemetryPayload.INSTANCE.serializer(), new SSLMITMTelemetryPayload(arrayList));
        BaseTask.c cVar = this.f7194c.f7209e;
        if (cVar == null) {
            return;
        }
        cVar.f7204b = d2;
    }
}
