package com.adguard.android.service;

import android.content.Context;
import android.content.Intent;
import android.content.pm.ActivityInfo;
import android.content.pm.PackageInfo;
import android.net.Uri;
import android.security.KeyChain;
import android.text.format.DateFormat;
import ch.qos.logback.core.joran.action.Action;
import com.adguard.android.filtering.api.CertificateStoreType;
import com.adguard.android.filtering.api.HttpsMitmMode;
import com.adguard.android.filtering.filter.AppRules;
import com.adguard.corelibs.proxy.ProxyUtils;
import java.io.Closeable;
import java.io.File;
import java.io.IOException;
import java.net.ServerSocket;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Timer;
import java.util.regex.Pattern;
import org.apache.commons.codec.compatible.digest.DigestUtils;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.filefilter.IOFileFilter;
import org.apache.commons.lang3.CharSequenceUtils;

/* loaded from: classes.dex */
public class T implements N {

    /* renamed from: a, reason: collision with root package name */
    private static final e.a.b f517a = e.a.c.a((Class<?>) T.class);

    /* renamed from: b, reason: collision with root package name */
    private static final String f518b = com.adguard.android.b.b().N();

    /* renamed from: c, reason: collision with root package name */
    public static final String f519c = com.adguard.android.b.b().j();

    /* renamed from: d, reason: collision with root package name */
    private final PreferencesService f520d;

    /* renamed from: e, reason: collision with root package name */
    private final InterfaceC0046w f521e;
    private final Context f;
    private byte[][] g;
    private long h = 0;
    private String i = "";
    private boolean j;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class a implements Closeable {

        /* renamed from: a, reason: collision with root package name */
        private static a f522a;

        /* renamed from: b, reason: collision with root package name */
        private final byte[][] f523b;
        private boolean f;

        /* renamed from: c, reason: collision with root package name */
        private final Timer f524c = new Timer();

        /* renamed from: e, reason: collision with root package name */
        private final int f526e = c.a.a.d.b.b();

        /* renamed from: d, reason: collision with root package name */
        private final ServerSocket f525d = new ServerSocket(this.f526e);

        a(byte[][] bArr) {
            this.f523b = bArr;
            this.f524c.schedule(new Q(this), 120000L);
        }

        static synchronized void a(byte[][] bArr) {
            synchronized (a.class) {
                try {
                    if (f522a != null) {
                        c.a.a.a.c.a(f522a);
                        f522a = null;
                    }
                    if (bArr == null) {
                        return;
                    }
                    f522a = new a(bArr);
                    com.adguard.commons.concurrent.b.b().execute(new P());
                    com.adguard.commons.concurrent.d.a(100L);
                } finally {
                }
            }
        }

        static synchronized int b() {
            synchronized (a.class) {
                try {
                    if (f522a == null) {
                        return 0;
                    }
                    return f522a.f526e;
                } catch (Throwable th) {
                    throw th;
                }
            }
        }

        public void c() {
            this.f = true;
            com.adguard.commons.concurrent.b.b().execute(new S(this));
        }

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() {
            if (this.f) {
                this.f524c.cancel();
                c.a.a.a.c.a(this.f525d);
                this.f = false;
            }
        }
    }

    public T(Context context, PreferencesService preferencesService, InterfaceC0046w interfaceC0046w) {
        ActivityInfo[] activityInfoArr;
        this.f = context;
        this.f520d = preferencesService;
        this.f521e = interfaceC0046w;
        boolean z = true;
        List<PackageInfo> installedPackages = this.f.getPackageManager().getInstalledPackages(1);
        Pattern compile = Pattern.compile("com.android.*.settings");
        Pattern compile2 = Pattern.compile("com.android.*.CredentialStorage");
        Iterator<PackageInfo> it = installedPackages.iterator();
        boolean z2 = false;
        loop0: while (true) {
            if (!it.hasNext()) {
                z = true ^ z2;
                break;
            }
            PackageInfo next = it.next();
            if (compile.matcher(next.packageName).matches() && (activityInfoArr = next.activities) != null) {
                for (ActivityInfo activityInfo : activityInfoArr) {
                    if (compile2.matcher(activityInfo.name).matches()) {
                        break loop0;
                    }
                }
                z2 = true;
            }
        }
        this.j = z;
    }

    private File a(String str, byte[][] bArr) {
        File file;
        String certKeyPairToPEM = ProxyUtils.certKeyPairToPEM(bArr);
        byte[] bArr2 = bArr[0];
        int indexOf = certKeyPairToPEM.indexOf("-----BEGIN RSA PRIVATE KEY-----");
        String substring = indexOf > 0 ? certKeyPairToPEM.substring(0, indexOf) : null;
        byte[] md5 = DigestUtils.md5(((X509Certificate) ProxyUtils.certKeyPairToKeyStoreEntry(bArr).getCertificate()).getIssuerX500Principal().getEncoded());
        boolean z = false & true;
        String format = String.format("%02x%02x%02x%02x", Integer.valueOf(md5[3] & 255), Integer.valueOf(md5[2] & 255), Integer.valueOf(md5[1] & 255), Integer.valueOf(md5[0] & 255));
        try {
            Iterator<File> it = FileUtils.listFiles(new File(str), new O(this, format), (IOFileFilter) null).iterator();
            while (true) {
                if (!it.hasNext()) {
                    file = null;
                    break;
                }
                file = it.next();
                if (!Arrays.equals(bArr2, FileUtils.readFileToByteArray(file)) && (substring == null || !FileUtils.readFileToString(file, c.a.a.c.a.f29b).startsWith(substring))) {
                }
            }
            return file;
        } catch (IllegalArgumentException unused) {
            for (String str2 : com.adguard.android.filtering.commons.b.b.b("ls " + str + " | grep " + format)) {
                if (CharSequenceUtils.i(str2, format)) {
                    return new File(c.b.a.a.a.b(str, "/", str2));
                }
            }
            return null;
        }
    }

    private void a(String str, String str2) {
        f517a.info("Copy certificate {} to {}", str, str2);
        int i = 7 << 1;
        List<String> a2 = com.adguard.android.filtering.commons.b.b.a(new String[]{String.format("cp -f %s %s", str, str2), String.format("chmod 644 %s", str2)}, 2);
        if (CollectionUtils.isNotEmpty(a2)) {
            throw new Exception(c.b.a.a.a.a("Error while copy a certificate: \n", a2));
        }
    }

    private boolean c(boolean z) {
        String s = s();
        int i = 3 & 0;
        try {
            f517a.info("Mount directory {}, readonly {}", s, Boolean.valueOf(z));
            List<String> b2 = com.adguard.android.filtering.commons.b.b.b(String.format("mount -o %s %s", z ? "ro,remount" : "rw,remount", s));
            f517a.debug("Mount directory {} result: {}", s, CharSequenceUtils.a(b2, "\n"));
            return CollectionUtils.isEmpty(b2);
        } catch (Exception e2) {
            f517a.error("Error mount directory {}, readOnly {}", s, Boolean.valueOf(z), e2);
            return false;
        }
    }

    private boolean e(String str) {
        try {
            return CharSequenceUtils.a((CharSequence) FileUtils.readFileToString(new File("/proc/mounts"), c.a.a.c.a.f29b), (CharSequence) str);
        } catch (IOException unused) {
            return false;
        }
    }

    private void f(String str) {
        File file = new File("/data/misc/user/0/cacerts-removed", str);
        if (file.exists()) {
            String absolutePath = file.getAbsolutePath();
            f517a.info("Remove certificate {} from black list", absolutePath);
            g(absolutePath);
        }
    }

    private void g(String str) {
        f517a.info("Remove certificate {}", str);
        f517a.debug("Remove certificate result: {}", CharSequenceUtils.a(com.adguard.android.filtering.commons.b.b.a(new String[]{c.b.a.a.a.b("rm ", str)}, 2), "\n"));
    }

    private String r() {
        f517a.debug("Getting CA certificate alias");
        if (this.g == null) {
            f517a.debug("CA certificate is not loaded yet");
        }
        KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
        String str = null;
        keyStore.load(null);
        byte[] bArr = this.g[0];
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            Certificate certificate = keyStore.getCertificate(nextElement);
            if (certificate instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) certificate;
                String name = x509Certificate.getSubjectDN().getName();
                if (CharSequenceUtils.b((CharSequence) name, (CharSequence) f518b)) {
                    f517a.debug("Checking certificate {}", name);
                    if (Arrays.equals(bArr, x509Certificate.getEncoded())) {
                        f517a.debug("The AdGuard certificate is stored by alias {}", nextElement);
                        if (CharSequenceUtils.i(nextElement, "system")) {
                            return nextElement;
                        }
                        str = nextElement;
                    } else {
                        f517a.debug("The encoded forms doesn't equals for certificate {}", name);
                    }
                }
            }
        }
        return str;
    }

    private String s() {
        return com.adguard.android.filtering.commons.b.b.d() ? e("/sbin/.magisk/mirror/system_root") ? "/sbin/.magisk/mirror/system_root" : e("/sbin/.magisk/mirror/system") ? "/sbin/.magisk/mirror/system" : "/sbin/.core/mirror/system" : "/system";
    }

    private String t() {
        String s = s();
        if (s.equals("/sbin/.magisk/mirror/system_root")) {
            s = c.b.a.a.a.b(s, "/system");
        }
        return c.b.a.a.a.b(s, "/etc/security/cacerts");
    }

    public void a(HttpsMitmMode httpsMitmMode) {
        ((aa) this.f520d).a(httpsMitmMode);
    }

    public void a(String str) {
        List<String> e2 = ((C0049z) this.f521e).e();
        if (!e2.contains(str) && e2.add(str)) {
            ((C0049z) this.f521e).a(e2);
        }
    }

    public void a(List<String> list) {
        ((aa) this.f520d).g(CharSequenceUtils.a(list, "\n"));
        com.adguard.android.events.a.a().d();
    }

    public void a(boolean z) {
        A e2 = com.adguard.android.p.a(this.f).e();
        AppRules a2 = e2.a();
        a2.setHttpsFiltering(Boolean.valueOf(z));
        e2.a(a2, false);
    }

    public boolean a(CertificateStoreType certificateStoreType) {
        int i = 0 >> 1;
        try {
            try {
                f517a.info("Removing certificate from {} store", certificateStoreType);
            } catch (Exception e2) {
                f517a.error("Error while removing certificate:\n", (Throwable) e2);
            }
            if (!com.adguard.android.filtering.commons.b.b.c()) {
                f517a.info("No root access given");
                c(true);
                return false;
            }
            File a2 = a(t(), this.g);
            if (a2 == null) {
                f517a.warn("Cannot found a certificate to the system store");
                c(true);
                return false;
            }
            f517a.info("The certificate file path: {}", a2);
            if (!c(false)) {
                f517a.error("Cannot mount system directory on read-write mode");
                c(true);
                return false;
            }
            g(a2.getAbsolutePath());
            this.h = System.currentTimeMillis();
            this.i = null;
            ((aa) this.f520d).d((String) null);
            this.g = null;
            c(true);
            return true;
        } catch (Throwable th) {
            c(true);
            throw th;
        }
    }

    public void b(List<String> list) {
        String str;
        List<String> g = com.adguard.android.filtering.api.d.g();
        if (!CollectionUtils.isEmpty(g) && !CollectionUtils.isEmpty(list)) {
            str = b.a.a.b.a.a((List) CollectionUtils.subtract(list, g), (List) CollectionUtils.subtract(g, list));
            ((aa) this.f520d).h(str);
            com.adguard.android.events.a.a().d();
        }
        str = "";
        ((aa) this.f520d).h(str);
        com.adguard.android.events.a.a().d();
    }

    public void b(boolean z) {
        ((aa) this.f520d).p(z);
    }

    public boolean b() {
        return this.j;
    }

    public boolean b(String str) {
        if (b.a.a.b.a.b() && com.adguard.android.filtering.commons.f.a(str, this.f) && !c(str)) {
            return false;
        }
        AppRules a2 = com.adguard.android.p.a(this.f).e().a(str);
        return a2 == null || (a2.isTrafficFiltering().booleanValue() && a2.isHttpsFiltering().booleanValue() && a2.isAdBlocking().booleanValue());
    }

    public Intent c() {
        a.a(j());
        int b2 = a.b();
        Intent intent = new Intent("android.intent.action.VIEW");
        intent.setData(Uri.parse("http://127.0.0.1:" + b2 + "/" + f519c));
        return intent;
    }

    public boolean c(String str) {
        return ((C0049z) this.f521e).e().contains(str);
    }

    public Intent d() {
        try {
            byte[][] j = j();
            if (j != null) {
                byte[] bArr = j[0];
                Intent createInstallIntent = KeyChain.createInstallIntent();
                createInstallIntent.putExtra(Action.NAME_ATTRIBUTE, com.adguard.android.b.b().k());
                createInstallIntent.putExtra("CERT", bArr);
                return createInstallIntent;
            }
        } catch (Exception e2) {
            f517a.error("Error while encoding AdGuard root certificate\n", (Throwable) e2);
        }
        return null;
    }

    public void d(String str) {
        List<String> e2 = ((C0049z) this.f521e).e();
        if (e2.removeAll(Collections.singletonList(str))) {
            ((C0049z) this.f521e).a(e2);
        }
    }

    public List<String> e() {
        return b.a.a.b.a.a(((aa) this.f520d).H(), "\r\n");
    }

    public synchronized CertificateStoreType f() {
        try {
            if (!l()) {
                return CertificateStoreType.NONE;
            }
            try {
                if (CharSequenceUtils.a((CharSequence) this.i) || this.h + 1000 < System.currentTimeMillis()) {
                    this.i = r();
                    this.h = System.currentTimeMillis();
                }
            } catch (Exception e2) {
                f517a.error("Error getting certificate store type", (Throwable) e2);
            }
            if (CharSequenceUtils.i(this.i, "system")) {
                return CertificateStoreType.SYSTEM;
            }
            if (CharSequenceUtils.i(this.i, "user")) {
                return CertificateStoreType.USER;
            }
            return CertificateStoreType.NONE;
        } catch (Throwable th) {
            throw th;
        }
    }

    public String g() {
        X509Certificate x509Certificate;
        KeyStore.PrivateKeyEntry certKeyPairToKeyStoreEntry = ProxyUtils.certKeyPairToKeyStoreEntry(this.g);
        if (certKeyPairToKeyStoreEntry != null && (x509Certificate = (X509Certificate) certKeyPairToKeyStoreEntry.getCertificate()) != null) {
            return DateFormat.getLongDateFormat(this.f).format(x509Certificate.getNotAfter());
        }
        return "";
    }

    public com.adguard.android.filtering.api.l h() {
        f517a.info("Retrieving HTTPs filtering configuration");
        CertificateStoreType f = f();
        if (m() && f != CertificateStoreType.NONE) {
            com.adguard.android.filtering.api.l lVar = new com.adguard.android.filtering.api.l();
            lVar.a(j());
            HttpsMitmMode i = i();
            List<String> e2 = i == HttpsMitmMode.BLACKLIST ? e() : k();
            if (!CollectionUtils.isEmpty(e2)) {
                Iterator<String> it = e2.iterator();
                while (it.hasNext()) {
                    if (it.next().startsWith("//")) {
                        it.remove();
                    }
                }
            }
            lVar.b(e2);
            lVar.a(i);
            lVar.a(n());
            lVar.a(f);
            lVar.a(((C0049z) this.f521e).e());
            if (f == CertificateStoreType.SYSTEM) {
                f517a.info("Certificate is installed to system store");
            }
            f517a.info("HTTPs filtering configuration is {}", lVar);
            return lVar;
        }
        f517a.info("HTTPs filtering is disabled or CA certificate is not installed");
        int i2 = 6 << 0;
        return null;
    }

    public HttpsMitmMode i() {
        return ((aa) this.f520d).t();
    }

    public synchronized byte[][] j() {
        byte[][] certKeyPairFromPEM;
        try {
            if (this.g != null) {
                return this.g;
            }
            try {
                f517a.info("Retrieving CA certificate from preferences");
                String u = ((aa) this.f520d).u();
                if (u == null) {
                    f517a.info("No CA certificate in preferences, generate it");
                    certKeyPairFromPEM = ProxyUtils.generateCACertKeyPair(f518b);
                    ((aa) this.f520d).d(ProxyUtils.certKeyPairToPEM(certKeyPairFromPEM));
                    f517a.info("CA certificate generated and saved to preferences");
                } else {
                    f517a.info("Loading CA certificate from preferences");
                    certKeyPairFromPEM = ProxyUtils.certKeyPairFromPEM(u);
                }
                f517a.info("Returning CA certificate");
                this.g = certKeyPairFromPEM;
                return this.g;
            } catch (Exception e2) {
                f517a.error("Unexpected error while generating CA certificate\n", (Throwable) e2);
                return null;
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    public List<String> k() {
        List<String> g = com.adguard.android.filtering.api.d.g();
        String I = ((aa) this.f520d).I();
        if (CollectionUtils.isEmpty(g)) {
            g = null;
        } else if (!CharSequenceUtils.a((CharSequence) I)) {
            List<String> a2 = b.a.a.b.a.a(I, "\r\n");
            ArrayList arrayList = new ArrayList(g.size());
            arrayList.addAll(g);
            for (String str : a2) {
                String substring = str.substring(1);
                if (CharSequenceUtils.i(str, "-")) {
                    arrayList.remove(substring);
                }
                if (CharSequenceUtils.i(str, "+") && !arrayList.contains(substring)) {
                    arrayList.add(0, substring);
                }
            }
            g = arrayList;
        }
        return g;
    }

    public synchronized boolean l() {
        try {
            if (this.g != null) {
                return true;
            }
            try {
                String u = ((aa) this.f520d).u();
                if (u == null) {
                    f517a.debug("Certificate is not yet generated");
                    return false;
                }
                this.g = ProxyUtils.certKeyPairFromPEM(u);
                f517a.info("Loading certificate from preferences: {}", Boolean.valueOf(this.g != null));
                return this.g != null;
            } catch (Exception e2) {
                f517a.warn("Error while checking if our CA certificate is generated\n", (Throwable) e2);
                return false;
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    public boolean m() {
        return com.adguard.android.p.a(this.f).e().a().isHttpsFiltering().booleanValue();
    }

    public boolean n() {
        return ((aa) this.f520d).pa();
    }

    /* JADX WARN: Finally extract failed */
    public boolean o() {
        File a2;
        f517a.info("Moving certificate to the system store");
        if (!com.adguard.android.filtering.commons.b.b.c()) {
            f517a.info("No root access given");
            return false;
        }
        try {
            try {
                a2 = a("/data/misc/user/0/cacerts-added", this.g);
            } catch (Exception e2) {
                f517a.error("Error while moving certificate to system store:\n", (Throwable) e2);
            }
            if (a2 == null) {
                f517a.warn("Cannot found a certificate to the user store");
                c(true);
                return false;
            }
            f517a.info("The certificate file path: {}", a2);
            if (!c(false)) {
                f517a.error("Cannot mount system directory on read-write mode");
                c(true);
                return false;
            }
            String absolutePath = a2.getAbsolutePath();
            String name = a2.getName();
            if (name != null) {
                name = name.replaceAll("\\.[0-9a-z]{1,2}$", ".0");
            }
            a(absolutePath, t() + File.separator + name);
            g(absolutePath);
            f(name);
            this.h = System.currentTimeMillis();
            this.i = r();
            f517a.info("The certificate has been moved");
            c(true);
            return true;
        } catch (Throwable th) {
            c(true);
            throw th;
        }
    }

    public void p() {
        ((aa) this.f520d).g(com.adguard.android.filtering.api.d.f());
        com.adguard.android.events.a.a().d();
    }

    public void q() {
        ((aa) this.f520d).h((String) null);
        com.adguard.android.events.a.a().d();
    }
}
