package com.fiberlink.maas360.android.a.b.a;

import android.text.TextUtils;
import android.util.Base64;
import com.fiberlink.maas360.android.a.b.b;
import com.fiberlink.maas360.android.b.e;
import com.fiberlink.maas360.b.c;
import java.io.ByteArrayInputStream;
import java.net.InetSocketAddress;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;

/* compiled from: MaaS360GatewaySDKImpl.java */
/* loaded from: classes.dex */
public class a implements b {
    public static b INSTANCE = new a();
    private static final String LOG_TAG = "MaaS360GatewaySDK";
    public static final String PKCS_12 = "PKCS12";
    private static X509Certificate certificate = null;
    private static SSLContext clientSslContext = null;
    private static SSLContext defaultSslContext = null;
    private static final String proxyStoreBase64 = "MIIJuQIBAzCCCX8GCSqGSIb3DQEHAaCCCXAEgglsMIIJaDCCBB8GCSqGSIb3DQEHBqCCBBAwggQMAgEAMIIEBQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIyOCrrnZXXoQCAggAgIID2Kgd4C2ZvFc38ctolVZoBUpwsnUf8p/NAREKgSv5WGndtjQyyJVy3v3FQ/wBOSWQMxbvwJCl6w1Dkl9kDfvyichh9tHEWrctDiU6tWNUwIQnnEOJLMOX4Pq+tl/52Ut/aaCQpcDk6HqarWW0NQy8KuT7Owg+P+uS6rOYYoPdALXE6hM7BJ3gbEgDwWerndx3+26n43fcn01OMK2o9YULVzMJfPmVsS9DdHEf9ep4g7FsShotL5fYIAZnGEw0qxXsK4f9kQ/Q07ph2BxFm91d6ExdpwRiAmSsP4GpY6vpFswl5EbUuiodh/fNl8aiKYqUnmMo+r8yQL5l2sutSEHd0vhmx2ieh1rP3ol87dTt6Xn6CaRoZ29hjgXQyLzBZJNZPmBrhlFewVEoCA8SJ4SUd9sPNeCWXLud+6A8qBFtQ6TveQeSMcyBaabteRVg6CaO/BxC1OLwf1KY7PkpmaPUZR0Ua7uzEIFUOk+f65bQOHifC6dsq1s/eaKeNKCnGAlp7ph/SXE5MXYg9D3fq+pHUjQUpmvda9WUGy182u8dJxM+nCrh54H/yDbnfdoK3DSAA9MqkXkGB1sv7suii/9BXFn3/MKE1y4x4GlB6OthbTcdc9AVtqeMzCEeHNKScLaJPLYkPohMcn91HVUnccsS0qfmZCMIy/0vjy5AMP1SSfcszpDJaz9UrtgTjkbD96JabwYU1cZQNy8k3ttXYFO2F8M2ouGEJ2qicrsCpmoeHPK/6as6tWo1Co7KhbdfH1/zeA2QkNWqS+IQVFoLsZeqbWnlsIWCth8ibnjFwcMVSSoU0BsBeOpHHozYwMKNuK3dLFbMPe7X7FN6pn7UcHluSE/uBi3lVTedI+ihvqtPIQ0j0ajmVmky+hHTexTHae9RSrxkoKqDTnRd/iL/PkK2qzz+8W8TkUFdFMOHdhYw9Bl6iMj0eZg9dQ1RCkp94UKfEzblEy/Nzsd0yuoJCoi8inlDiFDtysjRs+R4cV7AgMd06eo107iovjjq6cUTADjjgGGVeB4AHY9QxzOnBBWw6O5xcB469a+TRkChGPN/jUx4C/KOCMSLdQrTrEf/YfLmY26sOBc6E1Hf6nmmOGiyeQwCybWuLOy/ZgWzdEuywgGnZsS13lcr/5H4e0L9xhg2O4l/3Py7qqMaKojeRAtZRAzcf/ynI4naHgjQ3a10bN029NPvPgqVtLhhwVDHSbj6M0TafPtLPp3u0CFQvy5SvfwO+5jsm22tUDAWg2GfgvBltWm/eEmtGrya0gTbnak2dM0TU8yFI4HPOW7ktCa8ScwyVjgIQNd+xzCCBUEGCSqGSIb3DQEHAaCCBTIEggUuMIIFKjCCBSYGCyqGSIb3DQEMCgECoIIE7jCCBOowHAYKKoZIhvcNAQwBAzAOBAjstV381kn+5QICCAAEggTIM61X+NfYxc7LkZZLOLmSyur8JPUJ2WPH/gdWTwefgZ1I5+hrAozFs15rJw+4KeMA3AZezWJoxVTcorWQRxhaIOe3OvoXd1lGWi6qQbqkvElBrclfjzQX7yNc06oxqRfVPjj/KbiGO1gE6cz1OcfX/1WQfs1/Pom6CZgiGM2/2V5iwQTblwF24j0/RsyN9KFumKJfObxc+CyiVJyPdOjxfkltOKJXCy1Ad+WtZGWDWoBmtQEsdR2eRNE0Tsp1u5yK0sgBqBBvUtJYftoK8dDa5gfnI2JpUyuHWmU7Nx5sRNfL/+xx1xxT0gkf6wxzXBJD3tUak3mEjbC6ZELgc0vHDKUD+J+o4bAz4gWLS9XpBXkvGllzfaLjS0MltceA+VKP8DZJJ/yg5oQvV+In8UeTpt7HY4xRzKVb7wV3CTOlmPEva7901tecidQEjLHORXwhBZ2+c5NAvGVJ63lobbD8o0wAlOKqVvrZGzIV8a0vGuH5SNVPDZ6/Te/vX1gFxWoKiXmT6b1b4FLlnKcttuzCS3yEOmfR9o4npj6bmmFaM/f5gM5mhmbMPJE0Mzj+8JooY2WpqKRqjiu00IUq3KHQ96KhcE3JJZgX7NNDkz31vYqn6kJPrweSgZnv/cET34WHINSfLF5k+7VPtpAWtrOrUwuBzBN4KutL0EAyPPLq074Jm38gREnDndy6BP/DRbJBgMHjQgehpdbqc3nHhPxzEQBjA6lbnCzIKpPpijc2XzP4P0QHnAN8jKe64JEENr8jwyeUrSlbwe+wyGEu0u9Ex2aE0ctYGWAYt+MgSNXjG6oSiF59lL/jXPjjuQJd1sIpZVacMRLghOvqcwfilO//L9ekih7a3G5P6XDXwRb5Iup/ypQgc1Ey6w7hV2bOEHRHWXTd5O/GrtTarwEulZRbJ8VYZ49fjfNcSb7uz6huAjs2xfhTfWR9UoMKwWdxBjz3VsEiS1nOLFCRy2CzkHlDUr6hnHEa1h0UJywuXVm/LUcNkbEeT+X9cyHejunxUpVxNohwu6aINCMDB+83EBn+HD99ZAUP75QwNHTPaoN5ob+Kb/ZSWMy4e65L341LbIcqrwGm86AIw/cLnQ/PLr+GijX0pK6wnU59cUKPqEgdh3v677hEIy1cj6UVkzwSVDI8xEIl2FV2gBB11+U0ExM3sgIMro3rEuDlv2ArtKDPs24J6UfOcEWeqb5Bnuu1e4Q52mpojjpz1o9sXkj7uImPP3U+P/lShH1YrtJSOlkiX6odJ6i6BcQcGicYdZQug80n6QyGQYjzlVqr156ZLM5qNJLsTTfzBItaJa2ElbKMdX0vCH6LqYXWLgEaqxmYQD5mWdppf9R4yqFt/EKAc7tL1FDVpoDskD6Y2tqX0YH8Wi8TALrb5dFTXZAL9Qe0B9aJnfJQnLi2ItlqEOt7lkSiq9Uss5L2V80L3R8NLsirZpXI/shydZmv6o1DPRFxJGyvaXDVVaIEAmRarsbf8ZfVMxK2OMc7BnkkD9rzXf4T4Ll6HG5K3M+BnqcTV1B9RDTjOXmOMlRI/NZDUYe6Ht/iUevNE4yUadsd4Su/IkgAX321UulhDluK2XV9KNoOUj6+ce1VIgysx6g80lLvWZ8j0BmpONw8uhpAMSUwIwYJKoZIhvcNAQkVMRYEFNAfv5aR8pcSXXrSsoAX9CDYTYkBMDEwITAJBgUrDgMCGgUABBSSCAVcCUOGG22D76ROnt5lA8s7MAQI+BbWAVq1skgCAggA";
    private static SSLContext serverSslContext;
    private String mClientCertificate;
    private String mClientCertificatePwd;
    private boolean mGatewayPinningEnabled;
    private boolean mProxyRequestsToGateway;
    private b.c requestorApp;
    private int mPort = -1;
    private com.fiberlink.maas360.android.a.a.b.a mService = null;
    private b.a mAuthFailureListener = null;
    private final Object myLock = new Object();
    private List<b.C0011b> mGatewayConfigsList = new ArrayList(0);
    private Map<String, b.C0011b> mGatewayConfigsMap = new HashMap(10);
    private List<X509Certificate> mGatewayPinningCerts = new ArrayList();
    private List<X509Certificate> mProxyPinningCerts = new ArrayList();

    private a() {
    }

    private boolean b(int i) throws Exception {
        try {
            this.mPort = this.mService.a(-1 != i ? new InetSocketAddress(i) : null).b().getPort();
            return true;
        } catch (Exception e) {
            c.c("MaaS360GatewaySDKImpl", e, "Error in starting server on port" + i);
            if (-1 == i) {
                throw e;
            }
            return false;
        }
    }

    private void l() {
        this.mGatewayConfigsList = new ArrayList(this.mGatewayConfigsMap.values());
    }

    private SSLContext m() throws Exception {
        if (serverSslContext == null) {
            serverSslContext = SSLContext.getInstance("TLS");
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            KeyStore keyStore = KeyStore.getInstance(PKCS_12);
            char[] charArray = "FiberlinkMEG".toCharArray();
            keyStore.load(new ByteArrayInputStream(Base64.decode(proxyStoreBase64, 0)), charArray);
            keyManagerFactory.init(keyStore, charArray);
            serverSslContext.init(keyManagerFactory.getKeyManagers(), null, null);
        }
        return serverSslContext;
    }

    private SSLContext n() throws Exception {
        boolean o = o();
        if (this.mGatewayPinningEnabled || o) {
            if (clientSslContext == null) {
                clientSslContext = e.a(PKCS_12, this.mClientCertificate, this.mClientCertificatePwd, this.mGatewayPinningEnabled, this.mGatewayPinningEnabled);
            }
            return clientSslContext;
        }
        if (defaultSslContext == null) {
            defaultSslContext = SSLContext.getDefault();
        }
        return defaultSslContext;
    }

    private boolean o() {
        return (TextUtils.isEmpty(this.mClientCertificate) || TextUtils.isEmpty(this.mClientCertificatePwd)) ? false : true;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public int a(int i) throws Exception {
        c.b(LOG_TAG, "Starting Gateway SDK proxy");
        if (-1 != this.mPort && this.mService != null) {
            c.b(LOG_TAG, "Refreshing Gateway SDK SSL context");
            this.mService.a(m(), n());
            return this.mPort;
        }
        if (this.mService == null) {
            this.mService = new com.fiberlink.maas360.android.a.a.b.a(m(), n());
            this.mService.d();
        }
        if (!b(i) && i != -1) {
            b(-1);
        }
        if (-1 == this.mPort) {
            this.mService.f();
            this.mService = null;
        }
        c();
        return this.mPort;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public b.C0011b a(String str) {
        for (b.C0011b c0011b : k()) {
            if (c0011b.identifier.equals(str)) {
                return c0011b;
            }
        }
        return null;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public b.c a() {
        return this.requestorApp;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void a(b.a aVar) {
        if (aVar != null) {
            this.mAuthFailureListener = aVar;
        }
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void a(b.c cVar) {
        this.requestorApp = cVar;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void a(List<b.C0011b> list) {
        synchronized (this.myLock) {
            for (b.C0011b c0011b : list) {
                this.mGatewayConfigsMap.put(c0011b.identifier, c0011b);
                c.b(LOG_TAG, "Setting proxy connection params for identifier: ", c0011b.identifier);
            }
            l();
        }
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void a(boolean z) {
        this.mGatewayPinningEnabled = z;
        if (this.mGatewayPinningEnabled) {
            com.fiberlink.maas360.android.b.c.a().a(com.fiberlink.maas360.android.a.b.a.a());
        } else {
            com.fiberlink.maas360.android.b.c.a().b(com.fiberlink.maas360.android.a.b.a.a());
        }
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public b.C0011b b(String str) {
        b.C0011b c0011b;
        b.C0011b c0011b2;
        if (str == null) {
            return null;
        }
        Iterator<b.C0011b> it = k().iterator();
        b.C0011b c0011b3 = null;
        while (true) {
            if (!it.hasNext()) {
                c0011b = c0011b3;
                break;
            }
            b.C0011b next = it.next();
            Iterator<Pattern> it2 = next.allowedHostPatterns.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    c0011b2 = c0011b3;
                    break;
                }
                if (it2.next().matcher(str).matches()) {
                    c0011b2 = next;
                    break;
                }
            }
            if (c0011b2 != null) {
                Iterator<Pattern> it3 = next.blockedHostPatterns.iterator();
                while (it3.hasNext()) {
                    if (it3.next().matcher(str).matches()) {
                        c.a(LOG_TAG, "Request blocked by proxy list: ", str);
                        c0011b = null;
                        break;
                    }
                }
            }
            c0011b = c0011b2;
            if (c0011b != null) {
                break;
            }
            c0011b3 = c0011b;
        }
        return c0011b;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void b() {
        c.b(LOG_TAG, "Stopping Gateway SDK proxy");
        if (-1 == this.mPort || this.mService == null) {
            return;
        }
        try {
            this.mService.f();
        } catch (Exception e) {
            c.d("MaaS360GatewaySDKImpl", e, "Error during NIOService shutdown");
        }
        this.mPort = -1;
        this.mService = null;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void b(List<X509Certificate> list) {
        this.mGatewayPinningCerts = list;
        com.fiberlink.maas360.android.b.c.a().b();
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public List<b.C0011b> c(String str) {
        boolean z;
        boolean z2;
        ArrayList arrayList = new ArrayList();
        if (str == null) {
            return arrayList;
        }
        for (b.C0011b c0011b : k()) {
            Iterator<Pattern> it = c0011b.allowedHostPatterns.iterator();
            while (true) {
                if (!it.hasNext()) {
                    z = false;
                    break;
                }
                if (it.next().matcher(str).matches()) {
                    z = true;
                    break;
                }
            }
            if (z) {
                Iterator<Pattern> it2 = c0011b.blockedHostPatterns.iterator();
                while (it2.hasNext()) {
                    if (it2.next().matcher(str).matches()) {
                        c.a(LOG_TAG, "Request blocked by proxy list: ", str);
                        z2 = false;
                        break;
                    }
                }
            }
            z2 = z;
            if (z2) {
                arrayList.add(c0011b);
            }
        }
        return arrayList;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void c() {
        this.mProxyRequestsToGateway = true;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void c(List<X509Certificate> list) {
        this.mProxyPinningCerts = list;
        com.fiberlink.maas360.android.b.c.a().b();
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void d() {
        this.mProxyRequestsToGateway = false;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void d(String str) {
        this.mClientCertificate = str;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public void e(String str) {
        this.mClientCertificatePwd = str;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public boolean e() {
        return this.mProxyRequestsToGateway;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public b.a f() {
        return this.mAuthFailureListener;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public List<X509Certificate> g() {
        return this.mProxyPinningCerts;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public List<X509Certificate> h() {
        return this.mGatewayPinningCerts;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public boolean i() {
        return this.mGatewayPinningEnabled;
    }

    @Override // com.fiberlink.maas360.android.a.b.b
    public List<b.C0011b> j() {
        return this.mGatewayConfigsList;
    }

    public Collection<b.C0011b> k() {
        List<b.C0011b> list;
        synchronized (this.myLock) {
            list = this.mGatewayConfigsList;
        }
        return list;
    }
}
