package com.sec.android.app.sbrowser.certificate;

import androidx.annotation.VisibleForTesting;
import com.sec.android.app.sbrowser.knox.KnoxPolicy;
import com.sec.sbrowser.spl.wrapper.MajoLog;
import com.sec.terrace.browser.net.TerraceX509Util;
import java.security.cert.CertificateException;

/* loaded from: classes2.dex */
public class CertificateErrorChecker {

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_ADDITIONAL_CHECKER = "Additional certificate path checker failed.";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_N_AND_LATER_VALIDATION_FAILED = "Chain validation failed";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_N_AND_LATER_REVOKED_CERT = "Certificate has been revoked, reason: ";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_M_AND_EARLIER_REVOKED_CERT = "Certificate revocation after";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_M_AND_EARLIER_IS_REVOKED_CERT = "is revoked";
    private static final String[] sRevokedMsgList = {MDM_CERTPOLICY_MSG_N_AND_LATER_REVOKED_CERT, MDM_CERTPOLICY_MSG_M_AND_EARLIER_REVOKED_CERT, MDM_CERTPOLICY_MSG_M_AND_EARLIER_IS_REVOKED_CERT};

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_N_AND_LATER_UNABLE_CHECK_REVOCATION_STATUS = "Unable to determine revocation status due to network error";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_UNABLE_CHECK_REVOCATION_STATUS = "Certificate status could not be determined.";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_UNABLE_CHECK_OCSP_STATUS = "OCSP check failed!";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_CRL_DIST_COULD_NOT_BE_READ = "CRL distribution point extension could not be read";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_NO_ADDITIONAL_CRL_DECODED = "No additional CRL locations could be decoded from CRL distribution point extension.";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_DIST_POINT_COULD_NOT_BE_READ = "Distribution points could not be read.";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_CRL_NOT_VALID = "No valid CRL found.";

    @VisibleForTesting
    static final String MDM_CERTPOLICY_MSG_UNABLE_GET_CRL = "Unable to get CRL for certificate";
    private static final String[] sUnableToCheckRevocationMsgList = {MDM_CERTPOLICY_MSG_N_AND_LATER_UNABLE_CHECK_REVOCATION_STATUS, MDM_CERTPOLICY_MSG_UNABLE_CHECK_REVOCATION_STATUS, MDM_CERTPOLICY_MSG_UNABLE_CHECK_OCSP_STATUS, MDM_CERTPOLICY_MSG_CRL_DIST_COULD_NOT_BE_READ, MDM_CERTPOLICY_MSG_NO_ADDITIONAL_CRL_DECODED, MDM_CERTPOLICY_MSG_DIST_POINT_COULD_NOT_BE_READ, MDM_CERTPOLICY_MSG_CRL_NOT_VALID, MDM_CERTPOLICY_MSG_UNABLE_GET_CRL};

    /* loaded from: classes2.dex */
    static class KnoxCertificateErrorCheckerDelegate implements TerraceX509Util.TerraceCertificateErrorChecker.Delegate {
        KnoxCertificateErrorCheckerDelegate() {
        }

        @Override // com.sec.terrace.browser.net.TerraceX509Util.TerraceCertificateErrorChecker.Delegate
        public int check(CertificateException certificateException) {
            String innerMessage;
            MajoLog.v("CertificateErrorChecker", "check - certificate error type e:" + certificateException.toString());
            if (KnoxPolicy.certificatePolicyIsRevocationCheckEnabled() && (innerMessage = CertificateErrorChecker.getInnerMessage(certificateException)) != null) {
                MajoLog.v("CertificateErrorChecker", "check - certificate error msg:" + innerMessage);
                for (String str : CertificateErrorChecker.sRevokedMsgList) {
                    if (innerMessage.contains(str)) {
                        return -101;
                    }
                }
                for (String str2 : CertificateErrorChecker.sUnableToCheckRevocationMsgList) {
                    if (innerMessage.contains(str2)) {
                        return -100;
                    }
                }
            }
            return -2;
        }

        @Override // com.sec.terrace.browser.net.TerraceX509Util.TerraceCertificateErrorChecker.Delegate
        public void initialize(TerraceX509Util.TerraceCertificateErrorChecker terraceCertificateErrorChecker) {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public static class KnoxCertificateErrorCheckerDelegateFactory implements TerraceX509Util.TerraceCertificateErrorChecker.DelegateFactory {
        KnoxCertificateErrorCheckerDelegateFactory() {
        }

        @Override // com.sec.terrace.browser.net.TerraceX509Util.TerraceCertificateErrorChecker.DelegateFactory
        public TerraceX509Util.TerraceCertificateErrorChecker.Delegate getDelegate() {
            return new KnoxCertificateErrorCheckerDelegate();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getInnerMessage(Throwable th) {
        if (th == null) {
            return null;
        }
        String message = th.getMessage();
        return (message == null || !(message.contains(MDM_CERTPOLICY_MSG_ADDITIONAL_CHECKER) || message.contains(MDM_CERTPOLICY_MSG_N_AND_LATER_VALIDATION_FAILED))) ? message : getInnerMessage(th.getCause());
    }

    public static void initialize() {
        TerraceX509Util.setDelegateFactory(new KnoxCertificateErrorCheckerDelegateFactory());
    }
}
