package com.mastercard.mcbp.utils.http;

import android.util.Log;
import com.mastercard.mcbp.utils.logs.McbpLogger;
import com.mastercard.mcbp.utils.logs.McbpLoggerFactory;
import com.mastercard.mcbp_android.BuildConfig;
import com.mastercard.mobile_api.utils.exceptions.http.HttpException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.StringTokenizer;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import org.apache.commons.codec.binary.Hex;
import org.jetbrains.annotations.NotNull;

/* loaded from: classes.dex */
class HttpsConnection {
    private static final String ACCEPT = "Accept";
    private static final String CONTENT_TYPE = "Content-Type";
    private static final String RETRY_AFTER_HEADER = "Retry-After";
    private static final int TIMEOUT = 30000;
    private static final String TLS_PROTOCOL = "TLS";
    private List<String> mAllowedHostnames;
    private byte[] mCertificateBytes;
    private String mData;
    private final McbpLogger mLogger = McbpLoggerFactory.getInstance().getLogger(this);
    private String mRequestMethod = "GET";
    private String mRequestProperty;
    private String mUrl;

    private HttpURLConnection configureCommonHttpAttributes(HttpURLConnection httpURLConnection) {
        httpURLConnection.setRequestMethod(this.mRequestMethod);
        httpURLConnection.setDoInput(true);
        if (this.mRequestMethod.equalsIgnoreCase("POST")) {
            httpURLConnection.setDoOutput(true);
            httpURLConnection.setRequestProperty(CONTENT_TYPE, this.mRequestProperty);
        }
        httpURLConnection.setRequestProperty(ACCEPT, this.mRequestProperty);
        httpURLConnection.setConnectTimeout(TIMEOUT);
        httpURLConnection.setReadTimeout(TIMEOUT);
        return httpURLConnection;
    }

    private String getErrorStream(HttpURLConnection httpURLConnection) {
        InputStream inputStream = null;
        try {
            inputStream = httpURLConnection.getErrorStream();
            if (inputStream != null) {
                return new String(readAll(inputStream));
            }
            safeCloseInputStream(inputStream);
            return "No error data";
        } finally {
            safeCloseInputStream(inputStream);
        }
    }

    private int getRetryAfterValueHeader(HttpURLConnection httpURLConnection) {
        if (httpURLConnection.getHeaderFields() == null) {
            return 0;
        }
        boolean containsKey = httpURLConnection.getHeaderFields().containsKey(RETRY_AFTER_HEADER);
        this.mLogger.d("HTTP_COMMUNICATION;RETRY AFTER FIELD PRESENT IN HEADER: 0");
        if (!containsKey) {
            return 0;
        }
        List<String> list = httpURLConnection.getHeaderFields().get(RETRY_AFTER_HEADER);
        try {
            int parseInt = Integer.parseInt(list.get(0));
            this.mLogger.d("HTTP_COMMUNICATION;RETRY AFTER VALUE : " + parseInt);
            return parseInt;
        } catch (NumberFormatException e) {
            try {
                int intValue = Long.valueOf((new SimpleDateFormat("EEE, dd MM yyyy HH:mm:ss zzz").parse(list.get(0)).getTime() - System.currentTimeMillis()) / 1000).intValue();
                this.mLogger.d("HTTP_COMMUNICATION;RETRY AFTER VALUE AFTER DATE CONVERSION: " + intValue);
                return intValue;
            } catch (Exception e2) {
                throw new HttpException(httpURLConnection.getResponseCode(), Log.getStackTraceString(e2));
            }
        }
    }

    @NotNull
    private URL getServerUrl() {
        return new URL(this.mUrl);
    }

    @NotNull
    private SSLContext initializePermissiveSslContext() {
        KeyManager[] keyManagerArr;
        TrustManager[] trustManagerArr = null;
        SSLContext sSLContext = SSLContext.getInstance(TLS_PROTOCOL);
        try {
            if (isValidCertificate()) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(this.mCertificateBytes));
                this.mLogger.d("HTTP_COMMUNICATION;CERTIFICATE RECEIVED FROM WALLET : PRINTABLE CERTIFICATE OBJECT" + generateCertificate.toString());
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
                keyStore.setCertificateEntry("ca", generateCertificate);
                trustManagerArr = new TrustManager[]{new CustomTrustManager(keyStore)};
                keyManagerFactory.init(keyStore, null);
                keyManagerArr = keyManagerFactory.getKeyManagers();
            } else {
                this.mLogger.d("HTTP_COMMUNICATION;NO CERTIFICATE RECEIVED FROM WALLET.");
                keyManagerArr = null;
            }
            sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
            return sSLContext;
        } catch (CertificateException e) {
            this.mLogger.d("HTTP_COMMUNICATION;INVALID INPUT CERTIFICATE" + Log.getStackTraceString(e));
            throw new HttpException("ERROR IN CERTIFICATE", e);
        } catch (Exception e2) {
            this.mLogger.d("HTTP_COMMUNICATION;SSL INITIALIZATION ERROR : " + Log.getStackTraceString(e2));
            throw new HttpException("ERROR IN SSL CONTEXT PREPARATION" + e2);
        }
    }

    private boolean isValidCertificate() {
        return this.mCertificateBytes != null && this.mCertificateBytes.length > 0;
    }

    private byte[] readAll(InputStream inputStream) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[2048];
        while (true) {
            int read = inputStream.read(bArr);
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            if (read == bArr.length) {
                byteArrayOutputStream.write(bArr);
            } else {
                byte[] bArr2 = new byte[read];
                System.arraycopy(bArr, 0, bArr2, 0, read);
                byteArrayOutputStream.write(bArr2);
            }
        }
    }

    private void safeCloseInputStream(InputStream inputStream) {
        if (inputStream != null) {
            try {
                inputStream.close();
            } catch (IOException e) {
                this.mLogger.e("HTTP_COMMUNICATION;CLOSING OUTPUT STREAM : " + e);
            }
        }
    }

    private void safeCloseOutputStream(OutputStream outputStream) {
        if (outputStream != null) {
            try {
                outputStream.close();
            } catch (IOException e) {
                this.mLogger.e("HTTP_COMMUNICATION;CLOSING INPUT STREAM : " + e);
            }
        }
    }

    private HttpURLConnection setupHttpUrlConnection(URL url) {
        return configureCommonHttpAttributes((HttpURLConnection) url.openConnection());
    }

    private HttpsURLConnection setupHttpsUrlConnection(URL url) {
        SSLContext initializePermissiveSslContext = initializePermissiveSslContext();
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
        if (BuildConfig.FORCE_TLS_PROTOCOL == null || BuildConfig.FORCE_TLS_PROTOCOL.length == 0) {
            this.mLogger.d("HTTP_COMMUNICATION;NO PROTOCOL FOUND IN BUILD CONFIG");
            httpsURLConnection.setSSLSocketFactory(initializePermissiveSslContext.getSocketFactory());
        } else {
            this.mLogger.d("HTTP_COMMUNICATION;TLS PROTOCOL CONFIGURED IN BUILD CONFIG : " + Arrays.toString(BuildConfig.FORCE_TLS_PROTOCOL));
            httpsURLConnection.setSSLSocketFactory(new CustomSSLSocketFactory(initializePermissiveSslContext.getSocketFactory()));
        }
        if (this.mAllowedHostnames == null || this.mAllowedHostnames.size() == 0) {
            this.mLogger.d("HTTP_COMMUNICATION;ALLOWED HOSTNAME IS EMPTY.");
            throw new HttpException("NO HOST NAME FOUND");
        }
        httpsURLConnection.setHostnameVerifier(new HostnameVerifier() { // from class: com.mastercard.mcbp.utils.http.HttpsConnection.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return HttpsConnection.this.verifyHost(sSLSession);
            }
        });
        return (HttpsURLConnection) configureCommonHttpAttributes(httpsURLConnection);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean verifyHost(SSLSession sSLSession) {
        try {
            X509Certificate[] x509CertificateArr = (X509Certificate[]) sSLSession.getPeerCertificates();
            this.mLogger.d("HTTP_COMMUNICATION; CHECKING CERTIFICATE CHAIN FOR VALIDITY");
            if (x509CertificateArr != null) {
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    try {
                        x509Certificate.checkValidity();
                    } catch (CertificateExpiredException e) {
                        this.mLogger.d("HTTP_COMMUNICATION;CERTIFICATE EXPIRED : " + Log.getStackTraceString(e));
                        return false;
                    } catch (CertificateNotYetValidException e2) {
                        this.mLogger.d("HTTP_COMMUNICATION;CERTIFICATE NOT YET VALID : " + Log.getStackTraceString(e2));
                        return false;
                    }
                }
                String name = x509CertificateArr[0].getSubjectDN().getName();
                this.mLogger.d("HTTP_COMMUNICATION;CLIENT DN RECEIVED FROM SERVER CERTIFICATE: " + name);
                int indexOf = name.indexOf("CN=");
                if (indexOf < 0) {
                    this.mLogger.d("HTTP_COMMUNICATION; CN NOT FOUND IN THE clientDN");
                    return false;
                }
                int indexOf2 = name.indexOf(44, indexOf);
                String substring = (indexOf2 == -1 ? name.substring(indexOf) : name.substring(indexOf, indexOf2)).substring(3);
                for (String str : this.mAllowedHostnames) {
                    this.mLogger.d("HTTP_COMMUNICATION; COMPARING RECEIVED HOSTNAME FROM SERVER CERTIFICATE : " + substring + " WITH HOSTNAME ALLOWED FROM WALLET : " + str);
                    if (substring.equals(str)) {
                        this.mLogger.d("HTTP_COMMUNICATION;HOSTNAME VERIFICATION SUCCESSFUL");
                        return true;
                    }
                }
            }
            this.mLogger.d("HTTP_COMMUNICATION;HOSTNAME VERIFICATION FAILED");
            return false;
        } catch (SSLPeerUnverifiedException e3) {
            this.mLogger.d("HTTP_COMMUNICATION;SSL PEER UNVERIFIED" + Log.getStackTraceString(e3));
            return false;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:64:0x00d3  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.mastercard.mcbp.utils.http.HttpResponse execute() {
        /*
            Method dump skipped, instructions count: 644
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.mastercard.mcbp.utils.http.HttpsConnection.execute():com.mastercard.mcbp.utils.http.HttpResponse");
    }

    public HttpsConnection withCertificate(byte[] bArr) {
        this.mCertificateBytes = bArr;
        if (this.mCertificateBytes != null) {
            this.mLogger.d("HTTP_COMMUNICATION;CERTIFICATE SET BY WALLET : " + new String(Hex.encodeHex(this.mCertificateBytes)));
        } else {
            this.mLogger.d("HTTP_COMMUNICATION;CERTIFICATE RECEIVED FROM WALLET : NULL CERTIFICATE BYTES");
        }
        return this;
    }

    public HttpsConnection withHostName(String str) {
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
            this.mAllowedHostnames = new ArrayList();
            while (stringTokenizer.hasMoreElements()) {
                String nextToken = stringTokenizer.nextToken();
                this.mLogger.d("HTTP_COMMUNICATION; ADDING HOSTNAME \" " + nextToken + " \" TO LIST OF ALLOWED HOSTS");
                this.mAllowedHostnames.add(nextToken);
            }
        }
        return this;
    }

    public HttpsConnection withRequestData(String str) {
        this.mData = str;
        return this;
    }

    public HttpsConnection withRequestMethod(String str) {
        this.mRequestMethod = str;
        return this;
    }

    public HttpsConnection withRequestProperty(String str) {
        this.mRequestProperty = str;
        return this;
    }

    public HttpsConnection withUrl(String str) {
        this.mUrl = str;
        return this;
    }
}
